@pagopa/io-react-native-wallet 3.2.0 → 3.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (328) hide show
  1. package/README.md +1 -1
  2. package/lib/commonjs/credential/issuance/README.md +32 -14
  3. package/lib/commonjs/credential/issuance/api/IssuerConfig.js +1 -0
  4. package/lib/commonjs/credential/issuance/api/IssuerConfig.js.map +1 -1
  5. package/lib/commonjs/credential/issuance/common/02-start-user-authorization.js +4 -3
  6. package/lib/commonjs/credential/issuance/common/02-start-user-authorization.js.map +1 -1
  7. package/lib/commonjs/credential/issuance/common/06-verify-and-parse-credential.sdjwt.js +39 -8
  8. package/lib/commonjs/credential/issuance/common/06-verify-and-parse-credential.sdjwt.js.map +1 -1
  9. package/lib/commonjs/credential/issuance/mrtd-pop/02-init-challenge.js +46 -38
  10. package/lib/commonjs/credential/issuance/mrtd-pop/02-init-challenge.js.map +1 -1
  11. package/lib/commonjs/credential/issuance/mrtd-pop/03-validate-challenge.js +58 -51
  12. package/lib/commonjs/credential/issuance/mrtd-pop/03-validate-challenge.js.map +1 -1
  13. package/lib/commonjs/credential/issuance/mrtd-pop/index.js +21 -5
  14. package/lib/commonjs/credential/issuance/mrtd-pop/index.js.map +1 -1
  15. package/lib/commonjs/credential/issuance/v1.0.0/02-start-user-authorization.js +5 -4
  16. package/lib/commonjs/credential/issuance/v1.0.0/02-start-user-authorization.js.map +1 -1
  17. package/lib/commonjs/credential/issuance/v1.0.0/03-complete-user-authorization.js +8 -5
  18. package/lib/commonjs/credential/issuance/v1.0.0/03-complete-user-authorization.js.map +1 -1
  19. package/lib/commonjs/credential/issuance/v1.0.0/index.js +3 -2
  20. package/lib/commonjs/credential/issuance/v1.0.0/index.js.map +1 -1
  21. package/lib/commonjs/credential/issuance/v1.0.0/mappers.js +4 -2
  22. package/lib/commonjs/credential/issuance/v1.0.0/mappers.js.map +1 -1
  23. package/lib/commonjs/credential/issuance/v1.3.3/01-evaluate-issuer-trust.js +0 -2
  24. package/lib/commonjs/credential/issuance/v1.3.3/01-evaluate-issuer-trust.js.map +1 -1
  25. package/lib/commonjs/credential/issuance/v1.3.3/02-start-user-authorization.js +21 -17
  26. package/lib/commonjs/credential/issuance/v1.3.3/02-start-user-authorization.js.map +1 -1
  27. package/lib/commonjs/credential/issuance/v1.3.3/03-complete-user-authorization.js +108 -69
  28. package/lib/commonjs/credential/issuance/v1.3.3/03-complete-user-authorization.js.map +1 -1
  29. package/lib/commonjs/credential/issuance/v1.3.3/04-authorize-access.js +20 -19
  30. package/lib/commonjs/credential/issuance/v1.3.3/04-authorize-access.js.map +1 -1
  31. package/lib/commonjs/credential/issuance/v1.3.3/05-obtain-credential.js +5 -7
  32. package/lib/commonjs/credential/issuance/v1.3.3/05-obtain-credential.js.map +1 -1
  33. package/lib/commonjs/credential/issuance/v1.3.3/06-verify-and-parse-credential.js +4 -1
  34. package/lib/commonjs/credential/issuance/v1.3.3/06-verify-and-parse-credential.js.map +1 -1
  35. package/lib/commonjs/credential/issuance/v1.3.3/index.js +3 -2
  36. package/lib/commonjs/credential/issuance/v1.3.3/index.js.map +1 -1
  37. package/lib/commonjs/credential/issuance/v1.3.3/mappers.js +10 -11
  38. package/lib/commonjs/credential/issuance/v1.3.3/mappers.js.map +1 -1
  39. package/lib/commonjs/credential/presentation/api/types.js.map +1 -1
  40. package/lib/commonjs/credential/presentation/common/utils/http.js +9 -4
  41. package/lib/commonjs/credential/presentation/common/utils/http.js.map +1 -1
  42. package/lib/commonjs/credential/presentation/{v1.3.3/utils.mdoc.js → common/utils/mdoc.js} +2 -2
  43. package/lib/commonjs/credential/presentation/common/utils/mdoc.js.map +1 -0
  44. package/lib/commonjs/credential/presentation/v1.0.0/07-send-authorization-response.js +3 -1
  45. package/lib/commonjs/credential/presentation/v1.0.0/07-send-authorization-response.js.map +1 -1
  46. package/lib/commonjs/credential/presentation/v1.3.3/05-verify-request-object.js +11 -10
  47. package/lib/commonjs/credential/presentation/v1.3.3/05-verify-request-object.js.map +1 -1
  48. package/lib/commonjs/credential/presentation/v1.3.3/06-evaluate-dcql-query.js +2 -2
  49. package/lib/commonjs/credential/presentation/v1.3.3/06-evaluate-dcql-query.js.map +1 -1
  50. package/lib/commonjs/credential/presentation/v1.3.3/07-send-authorization-response.js +2 -0
  51. package/lib/commonjs/credential/presentation/v1.3.3/07-send-authorization-response.js.map +1 -1
  52. package/lib/commonjs/credential/presentation/v1.3.3/mappers.js +1 -1
  53. package/lib/commonjs/credential/presentation/v1.3.3/mappers.js.map +1 -1
  54. package/lib/commonjs/credential/status/README.md +3 -2
  55. package/lib/commonjs/credential/status/v1.3.3/01-status-list.js +27 -5
  56. package/lib/commonjs/credential/status/v1.3.3/01-status-list.js.map +1 -1
  57. package/lib/commonjs/credential/status/v1.3.3/02-verify-and-parse-status-list.js +17 -6
  58. package/lib/commonjs/credential/status/v1.3.3/02-verify-and-parse-status-list.js.map +1 -1
  59. package/lib/commonjs/credentials-catalogue/api/DigitalCredentialsCatalogue.js +2 -1
  60. package/lib/commonjs/credentials-catalogue/api/DigitalCredentialsCatalogue.js.map +1 -1
  61. package/lib/commonjs/credentials-catalogue/common/get-status-l10n-ids.js +23 -0
  62. package/lib/commonjs/credentials-catalogue/common/get-status-l10n-ids.js.map +1 -0
  63. package/lib/commonjs/credentials-catalogue/v1.0.0/index.js +3 -1
  64. package/lib/commonjs/credentials-catalogue/v1.0.0/index.js.map +1 -1
  65. package/lib/commonjs/credentials-catalogue/v1.3.3/index.js +3 -1
  66. package/lib/commonjs/credentials-catalogue/v1.3.3/index.js.map +1 -1
  67. package/lib/commonjs/mdoc/index.js +3 -24
  68. package/lib/commonjs/mdoc/index.js.map +1 -1
  69. package/lib/commonjs/sd-jwt/__test__/types.test.js +2 -14
  70. package/lib/commonjs/sd-jwt/__test__/types.test.js.map +1 -1
  71. package/lib/commonjs/sd-jwt/__test__/utils.test.js +0 -12
  72. package/lib/commonjs/sd-jwt/__test__/utils.test.js.map +1 -1
  73. package/lib/commonjs/sd-jwt/types.js +1 -14
  74. package/lib/commonjs/sd-jwt/types.js.map +1 -1
  75. package/lib/commonjs/utils/callbacks.js +20 -1
  76. package/lib/commonjs/utils/callbacks.js.map +1 -1
  77. package/lib/commonjs/utils/config.js +9 -1
  78. package/lib/commonjs/utils/config.js.map +1 -1
  79. package/lib/commonjs/utils/x509.js +34 -0
  80. package/lib/commonjs/utils/x509.js.map +1 -0
  81. package/lib/commonjs/wallet-instance-attestation/api/types.js +0 -2
  82. package/lib/commonjs/wallet-instance-attestation/api/types.js.map +1 -1
  83. package/lib/commonjs/wallet-instance-attestation/v1.3.3/mappers.js +1 -14
  84. package/lib/commonjs/wallet-instance-attestation/v1.3.3/mappers.js.map +1 -1
  85. package/lib/commonjs/wallet-instance-attestation/v1.3.3/types.js +2 -7
  86. package/lib/commonjs/wallet-instance-attestation/v1.3.3/types.js.map +1 -1
  87. package/lib/commonjs/wallet-unit-attestation/api/types.js +0 -11
  88. package/lib/commonjs/wallet-unit-attestation/api/types.js.map +1 -1
  89. package/lib/module/credential/issuance/README.md +32 -14
  90. package/lib/module/credential/issuance/api/IssuerConfig.js +1 -0
  91. package/lib/module/credential/issuance/api/IssuerConfig.js.map +1 -1
  92. package/lib/module/credential/issuance/common/02-start-user-authorization.js +4 -3
  93. package/lib/module/credential/issuance/common/02-start-user-authorization.js.map +1 -1
  94. package/lib/module/credential/issuance/common/06-verify-and-parse-credential.sdjwt.js +41 -10
  95. package/lib/module/credential/issuance/common/06-verify-and-parse-credential.sdjwt.js.map +1 -1
  96. package/lib/module/credential/issuance/mrtd-pop/02-init-challenge.js +47 -34
  97. package/lib/module/credential/issuance/mrtd-pop/02-init-challenge.js.map +1 -1
  98. package/lib/module/credential/issuance/mrtd-pop/03-validate-challenge.js +58 -47
  99. package/lib/module/credential/issuance/mrtd-pop/03-validate-challenge.js.map +1 -1
  100. package/lib/module/credential/issuance/mrtd-pop/index.js +20 -5
  101. package/lib/module/credential/issuance/mrtd-pop/index.js.map +1 -1
  102. package/lib/module/credential/issuance/v1.0.0/02-start-user-authorization.js +3 -2
  103. package/lib/module/credential/issuance/v1.0.0/02-start-user-authorization.js.map +1 -1
  104. package/lib/module/credential/issuance/v1.0.0/03-complete-user-authorization.js +6 -4
  105. package/lib/module/credential/issuance/v1.0.0/03-complete-user-authorization.js.map +1 -1
  106. package/lib/module/credential/issuance/v1.0.0/index.js +5 -4
  107. package/lib/module/credential/issuance/v1.0.0/index.js.map +1 -1
  108. package/lib/module/credential/issuance/v1.0.0/mappers.js +4 -2
  109. package/lib/module/credential/issuance/v1.0.0/mappers.js.map +1 -1
  110. package/lib/module/credential/issuance/v1.3.3/01-evaluate-issuer-trust.js +0 -2
  111. package/lib/module/credential/issuance/v1.3.3/01-evaluate-issuer-trust.js.map +1 -1
  112. package/lib/module/credential/issuance/v1.3.3/02-start-user-authorization.js +21 -17
  113. package/lib/module/credential/issuance/v1.3.3/02-start-user-authorization.js.map +1 -1
  114. package/lib/module/credential/issuance/v1.3.3/03-complete-user-authorization.js +108 -70
  115. package/lib/module/credential/issuance/v1.3.3/03-complete-user-authorization.js.map +1 -1
  116. package/lib/module/credential/issuance/v1.3.3/04-authorize-access.js +22 -19
  117. package/lib/module/credential/issuance/v1.3.3/04-authorize-access.js.map +1 -1
  118. package/lib/module/credential/issuance/v1.3.3/05-obtain-credential.js +6 -8
  119. package/lib/module/credential/issuance/v1.3.3/05-obtain-credential.js.map +1 -1
  120. package/lib/module/credential/issuance/v1.3.3/06-verify-and-parse-credential.js +4 -1
  121. package/lib/module/credential/issuance/v1.3.3/06-verify-and-parse-credential.js.map +1 -1
  122. package/lib/module/credential/issuance/v1.3.3/index.js +5 -4
  123. package/lib/module/credential/issuance/v1.3.3/index.js.map +1 -1
  124. package/lib/module/credential/issuance/v1.3.3/mappers.js +10 -11
  125. package/lib/module/credential/issuance/v1.3.3/mappers.js.map +1 -1
  126. package/lib/module/credential/presentation/api/types.js.map +1 -1
  127. package/lib/module/credential/presentation/common/utils/http.js +9 -4
  128. package/lib/module/credential/presentation/common/utils/http.js.map +1 -1
  129. package/lib/module/credential/presentation/{v1.3.3/utils.mdoc.js → common/utils/mdoc.js} +2 -2
  130. package/lib/module/credential/presentation/common/utils/mdoc.js.map +1 -0
  131. package/lib/module/credential/presentation/v1.0.0/07-send-authorization-response.js +3 -1
  132. package/lib/module/credential/presentation/v1.0.0/07-send-authorization-response.js.map +1 -1
  133. package/lib/module/credential/presentation/v1.3.3/05-verify-request-object.js +11 -10
  134. package/lib/module/credential/presentation/v1.3.3/05-verify-request-object.js.map +1 -1
  135. package/lib/module/credential/presentation/v1.3.3/06-evaluate-dcql-query.js +2 -3
  136. package/lib/module/credential/presentation/v1.3.3/06-evaluate-dcql-query.js.map +1 -1
  137. package/lib/module/credential/presentation/v1.3.3/07-send-authorization-response.js +2 -0
  138. package/lib/module/credential/presentation/v1.3.3/07-send-authorization-response.js.map +1 -1
  139. package/lib/module/credential/presentation/v1.3.3/mappers.js +1 -1
  140. package/lib/module/credential/presentation/v1.3.3/mappers.js.map +1 -1
  141. package/lib/module/credential/status/README.md +3 -2
  142. package/lib/module/credential/status/v1.3.3/01-status-list.js +27 -5
  143. package/lib/module/credential/status/v1.3.3/01-status-list.js.map +1 -1
  144. package/lib/module/credential/status/v1.3.3/02-verify-and-parse-status-list.js +17 -6
  145. package/lib/module/credential/status/v1.3.3/02-verify-and-parse-status-list.js.map +1 -1
  146. package/lib/module/credentials-catalogue/api/DigitalCredentialsCatalogue.js +1 -1
  147. package/lib/module/credentials-catalogue/api/DigitalCredentialsCatalogue.js.map +1 -1
  148. package/lib/module/credentials-catalogue/common/get-status-l10n-ids.js +16 -0
  149. package/lib/module/credentials-catalogue/common/get-status-l10n-ids.js.map +1 -0
  150. package/lib/module/credentials-catalogue/v1.0.0/index.js +3 -1
  151. package/lib/module/credentials-catalogue/v1.0.0/index.js.map +1 -1
  152. package/lib/module/credentials-catalogue/v1.3.3/index.js +3 -1
  153. package/lib/module/credentials-catalogue/v1.3.3/index.js.map +1 -1
  154. package/lib/module/mdoc/index.js +3 -24
  155. package/lib/module/mdoc/index.js.map +1 -1
  156. package/lib/module/sd-jwt/__test__/types.test.js +2 -14
  157. package/lib/module/sd-jwt/__test__/types.test.js.map +1 -1
  158. package/lib/module/sd-jwt/__test__/utils.test.js +0 -12
  159. package/lib/module/sd-jwt/__test__/utils.test.js.map +1 -1
  160. package/lib/module/sd-jwt/types.js +1 -14
  161. package/lib/module/sd-jwt/types.js.map +1 -1
  162. package/lib/module/utils/callbacks.js +19 -1
  163. package/lib/module/utils/callbacks.js.map +1 -1
  164. package/lib/module/utils/config.js +7 -0
  165. package/lib/module/utils/config.js.map +1 -1
  166. package/lib/module/utils/x509.js +28 -0
  167. package/lib/module/utils/x509.js.map +1 -0
  168. package/lib/module/wallet-instance-attestation/api/types.js +0 -2
  169. package/lib/module/wallet-instance-attestation/api/types.js.map +1 -1
  170. package/lib/module/wallet-instance-attestation/v1.3.3/mappers.js +1 -14
  171. package/lib/module/wallet-instance-attestation/v1.3.3/mappers.js.map +1 -1
  172. package/lib/module/wallet-instance-attestation/v1.3.3/types.js +2 -7
  173. package/lib/module/wallet-instance-attestation/v1.3.3/types.js.map +1 -1
  174. package/lib/module/wallet-unit-attestation/api/types.js +0 -11
  175. package/lib/module/wallet-unit-attestation/api/types.js.map +1 -1
  176. package/lib/typescript/credential/issuance/api/02-start-user-authorization.d.ts +1 -0
  177. package/lib/typescript/credential/issuance/api/02-start-user-authorization.d.ts.map +1 -1
  178. package/lib/typescript/credential/issuance/api/03-complete-user-authorization.d.ts +19 -5
  179. package/lib/typescript/credential/issuance/api/03-complete-user-authorization.d.ts.map +1 -1
  180. package/lib/typescript/credential/issuance/api/06-verify-and-parse-credential.d.ts +4 -0
  181. package/lib/typescript/credential/issuance/api/06-verify-and-parse-credential.d.ts.map +1 -1
  182. package/lib/typescript/credential/issuance/api/IssuerConfig.d.ts +1 -0
  183. package/lib/typescript/credential/issuance/api/IssuerConfig.d.ts.map +1 -1
  184. package/lib/typescript/credential/issuance/common/02-start-user-authorization.d.ts.map +1 -1
  185. package/lib/typescript/credential/issuance/common/06-verify-and-parse-credential.sdjwt.d.ts.map +1 -1
  186. package/lib/typescript/credential/issuance/mrtd-pop/02-init-challenge.d.ts +12 -1
  187. package/lib/typescript/credential/issuance/mrtd-pop/02-init-challenge.d.ts.map +1 -1
  188. package/lib/typescript/credential/issuance/mrtd-pop/03-validate-challenge.d.ts +12 -1
  189. package/lib/typescript/credential/issuance/mrtd-pop/03-validate-challenge.d.ts.map +1 -1
  190. package/lib/typescript/credential/issuance/mrtd-pop/index.d.ts +2 -1
  191. package/lib/typescript/credential/issuance/mrtd-pop/index.d.ts.map +1 -1
  192. package/lib/typescript/credential/issuance/v1.0.0/02-start-user-authorization.d.ts.map +1 -1
  193. package/lib/typescript/credential/issuance/v1.0.0/03-complete-user-authorization.d.ts +2 -1
  194. package/lib/typescript/credential/issuance/v1.0.0/03-complete-user-authorization.d.ts.map +1 -1
  195. package/lib/typescript/credential/issuance/v1.0.0/index.d.ts.map +1 -1
  196. package/lib/typescript/credential/issuance/v1.0.0/mappers.d.ts +1 -0
  197. package/lib/typescript/credential/issuance/v1.0.0/mappers.d.ts.map +1 -1
  198. package/lib/typescript/credential/issuance/v1.3.3/01-evaluate-issuer-trust.d.ts.map +1 -1
  199. package/lib/typescript/credential/issuance/v1.3.3/02-start-user-authorization.d.ts.map +1 -1
  200. package/lib/typescript/credential/issuance/v1.3.3/03-complete-user-authorization.d.ts +2 -1
  201. package/lib/typescript/credential/issuance/v1.3.3/03-complete-user-authorization.d.ts.map +1 -1
  202. package/lib/typescript/credential/issuance/v1.3.3/04-authorize-access.d.ts.map +1 -1
  203. package/lib/typescript/credential/issuance/v1.3.3/05-obtain-credential.d.ts.map +1 -1
  204. package/lib/typescript/credential/issuance/v1.3.3/06-verify-and-parse-credential.d.ts.map +1 -1
  205. package/lib/typescript/credential/issuance/v1.3.3/index.d.ts.map +1 -1
  206. package/lib/typescript/credential/issuance/v1.3.3/mappers.d.ts +7 -4
  207. package/lib/typescript/credential/issuance/v1.3.3/mappers.d.ts.map +1 -1
  208. package/lib/typescript/credential/presentation/api/05-verify-request-object.d.ts +1 -1
  209. package/lib/typescript/credential/presentation/api/types.d.ts +3 -7
  210. package/lib/typescript/credential/presentation/api/types.d.ts.map +1 -1
  211. package/lib/typescript/credential/presentation/common/utils/http.d.ts +1 -1
  212. package/lib/typescript/credential/presentation/common/utils/http.d.ts.map +1 -1
  213. package/lib/typescript/credential/presentation/{v1.3.3/utils.mdoc.d.ts → common/utils/mdoc.d.ts} +2 -2
  214. package/lib/typescript/credential/presentation/common/utils/mdoc.d.ts.map +1 -0
  215. package/lib/typescript/credential/presentation/v1.3.3/05-verify-request-object.d.ts.map +1 -1
  216. package/lib/typescript/credential/presentation/v1.3.3/06-evaluate-dcql-query.d.ts.map +1 -1
  217. package/lib/typescript/credential/presentation/v1.3.3/07-send-authorization-response.d.ts.map +1 -1
  218. package/lib/typescript/credential/presentation/v1.3.3/mappers.d.ts +8 -8
  219. package/lib/typescript/credential/presentation/v1.3.3/types.d.ts +8 -8
  220. package/lib/typescript/credential/status/api/status-list.d.ts +8 -4
  221. package/lib/typescript/credential/status/api/status-list.d.ts.map +1 -1
  222. package/lib/typescript/credential/status/v1.3.3/01-status-list.d.ts.map +1 -1
  223. package/lib/typescript/credential/status/v1.3.3/02-verify-and-parse-status-list.d.ts.map +1 -1
  224. package/lib/typescript/credentials-catalogue/api/DigitalCredentialsCatalogue.d.ts +6 -0
  225. package/lib/typescript/credentials-catalogue/api/DigitalCredentialsCatalogue.d.ts.map +1 -1
  226. package/lib/typescript/credentials-catalogue/api/index.d.ts +14 -2
  227. package/lib/typescript/credentials-catalogue/api/index.d.ts.map +1 -1
  228. package/lib/typescript/credentials-catalogue/common/get-status-l10n-ids.d.ts +9 -0
  229. package/lib/typescript/credentials-catalogue/common/get-status-l10n-ids.d.ts.map +1 -0
  230. package/lib/typescript/credentials-catalogue/v1.0.0/index.d.ts.map +1 -1
  231. package/lib/typescript/credentials-catalogue/v1.3.3/index.d.ts.map +1 -1
  232. package/lib/typescript/mdoc/index.d.ts +1 -1
  233. package/lib/typescript/mdoc/index.d.ts.map +1 -1
  234. package/lib/typescript/mdoc/utils.d.ts +0 -24
  235. package/lib/typescript/mdoc/utils.d.ts.map +1 -1
  236. package/lib/typescript/sd-jwt/types.d.ts +0 -12
  237. package/lib/typescript/sd-jwt/types.d.ts.map +1 -1
  238. package/lib/typescript/trust/v1.3.3/types.d.ts +6 -4
  239. package/lib/typescript/trust/v1.3.3/types.d.ts.map +1 -1
  240. package/lib/typescript/utils/callbacks.d.ts +7 -0
  241. package/lib/typescript/utils/callbacks.d.ts.map +1 -1
  242. package/lib/typescript/utils/config.d.ts +4 -0
  243. package/lib/typescript/utils/config.d.ts.map +1 -1
  244. package/lib/typescript/utils/x509.d.ts +10 -0
  245. package/lib/typescript/utils/x509.d.ts.map +1 -0
  246. package/lib/typescript/wallet-instance-attestation/api/types.d.ts +0 -2
  247. package/lib/typescript/wallet-instance-attestation/api/types.d.ts.map +1 -1
  248. package/lib/typescript/wallet-instance-attestation/v1.0.0/mappers.d.ts +0 -2
  249. package/lib/typescript/wallet-instance-attestation/v1.0.0/mappers.d.ts.map +1 -1
  250. package/lib/typescript/wallet-instance-attestation/v1.3.3/mappers.d.ts +2 -9
  251. package/lib/typescript/wallet-instance-attestation/v1.3.3/mappers.d.ts.map +1 -1
  252. package/lib/typescript/wallet-instance-attestation/v1.3.3/types.d.ts +2 -7
  253. package/lib/typescript/wallet-instance-attestation/v1.3.3/types.d.ts.map +1 -1
  254. package/lib/typescript/wallet-unit-attestation/api/types.d.ts +0 -11
  255. package/lib/typescript/wallet-unit-attestation/api/types.d.ts.map +1 -1
  256. package/lib/typescript/wallet-unit-attestation/v1.3.3/mappers.d.ts +0 -22
  257. package/lib/typescript/wallet-unit-attestation/v1.3.3/mappers.d.ts.map +1 -1
  258. package/lib/typescript/wallet-unit-attestation/v1.3.3/types.d.ts +0 -11
  259. package/lib/typescript/wallet-unit-attestation/v1.3.3/types.d.ts.map +1 -1
  260. package/package.json +6 -6
  261. package/src/credential/issuance/README.md +32 -14
  262. package/src/credential/issuance/api/02-start-user-authorization.ts +1 -0
  263. package/src/credential/issuance/api/03-complete-user-authorization.ts +26 -5
  264. package/src/credential/issuance/api/06-verify-and-parse-credential.ts +4 -0
  265. package/src/credential/issuance/api/IssuerConfig.ts +1 -0
  266. package/src/credential/issuance/common/02-start-user-authorization.ts +6 -3
  267. package/src/credential/issuance/common/06-verify-and-parse-credential.sdjwt.ts +47 -10
  268. package/src/credential/issuance/mrtd-pop/02-init-challenge.ts +69 -45
  269. package/src/credential/issuance/mrtd-pop/03-validate-challenge.ts +84 -62
  270. package/src/credential/issuance/mrtd-pop/index.ts +13 -5
  271. package/src/credential/issuance/v1.0.0/02-start-user-authorization.ts +8 -2
  272. package/src/credential/issuance/v1.0.0/03-complete-user-authorization.ts +16 -4
  273. package/src/credential/issuance/v1.0.0/index.ts +6 -4
  274. package/src/credential/issuance/v1.0.0/mappers.ts +9 -1
  275. package/src/credential/issuance/v1.3.3/01-evaluate-issuer-trust.ts +0 -2
  276. package/src/credential/issuance/v1.3.3/02-start-user-authorization.ts +25 -21
  277. package/src/credential/issuance/v1.3.3/03-complete-user-authorization.ts +138 -94
  278. package/src/credential/issuance/v1.3.3/04-authorize-access.ts +28 -23
  279. package/src/credential/issuance/v1.3.3/05-obtain-credential.ts +9 -9
  280. package/src/credential/issuance/v1.3.3/06-verify-and-parse-credential.ts +2 -1
  281. package/src/credential/issuance/v1.3.3/index.ts +6 -4
  282. package/src/credential/issuance/v1.3.3/mappers.ts +13 -11
  283. package/src/credential/presentation/api/05-verify-request-object.ts +1 -1
  284. package/src/credential/presentation/api/types.ts +3 -7
  285. package/src/credential/presentation/common/utils/http.ts +2 -2
  286. package/src/credential/presentation/{v1.3.3/utils.mdoc.ts → common/utils/mdoc.ts} +2 -2
  287. package/src/credential/presentation/v1.0.0/07-send-authorization-response.ts +1 -1
  288. package/src/credential/presentation/v1.3.3/05-verify-request-object.ts +15 -14
  289. package/src/credential/presentation/v1.3.3/06-evaluate-dcql-query.ts +3 -3
  290. package/src/credential/presentation/v1.3.3/07-send-authorization-response.ts +2 -0
  291. package/src/credential/presentation/v1.3.3/mappers.ts +1 -1
  292. package/src/credential/status/README.md +3 -2
  293. package/src/credential/status/api/status-list.ts +10 -7
  294. package/src/credential/status/v1.3.3/01-status-list.ts +21 -7
  295. package/src/credential/status/v1.3.3/02-verify-and-parse-status-list.ts +19 -5
  296. package/src/credentials-catalogue/api/DigitalCredentialsCatalogue.ts +4 -1
  297. package/src/credentials-catalogue/api/index.ts +15 -0
  298. package/src/credentials-catalogue/common/get-status-l10n-ids.ts +25 -0
  299. package/src/credentials-catalogue/v1.0.0/index.ts +2 -0
  300. package/src/credentials-catalogue/v1.3.3/index.ts +2 -0
  301. package/src/mdoc/index.ts +5 -41
  302. package/src/sd-jwt/__test__/types.test.ts +1 -13
  303. package/src/sd-jwt/__test__/utils.test.ts +0 -12
  304. package/src/sd-jwt/types.ts +0 -13
  305. package/src/utils/callbacks.ts +28 -1
  306. package/src/utils/config.ts +7 -0
  307. package/src/utils/x509.ts +43 -0
  308. package/src/wallet-instance-attestation/api/types.ts +0 -2
  309. package/src/wallet-instance-attestation/v1.3.3/mappers.ts +3 -11
  310. package/src/wallet-instance-attestation/v1.3.3/types.ts +2 -7
  311. package/src/wallet-unit-attestation/api/types.ts +0 -11
  312. package/lib/commonjs/credential/issuance/common/authorization.js +0 -56
  313. package/lib/commonjs/credential/issuance/common/authorization.js.map +0 -1
  314. package/lib/commonjs/credential/presentation/common/utils.js +0 -28
  315. package/lib/commonjs/credential/presentation/common/utils.js.map +0 -1
  316. package/lib/commonjs/credential/presentation/v1.3.3/utils.mdoc.js.map +0 -1
  317. package/lib/module/credential/issuance/common/authorization.js +0 -48
  318. package/lib/module/credential/issuance/common/authorization.js.map +0 -1
  319. package/lib/module/credential/presentation/common/utils.js +0 -21
  320. package/lib/module/credential/presentation/common/utils.js.map +0 -1
  321. package/lib/module/credential/presentation/v1.3.3/utils.mdoc.js.map +0 -1
  322. package/lib/typescript/credential/issuance/common/authorization.d.ts +0 -21
  323. package/lib/typescript/credential/issuance/common/authorization.d.ts.map +0 -1
  324. package/lib/typescript/credential/presentation/common/utils.d.ts +0 -11
  325. package/lib/typescript/credential/presentation/common/utils.d.ts.map +0 -1
  326. package/lib/typescript/credential/presentation/v1.3.3/utils.mdoc.d.ts.map +0 -1
  327. package/src/credential/issuance/common/authorization.ts +0 -89
  328. package/src/credential/presentation/common/utils.ts +0 -30
package/lib/module/credential/issuance/v1.0.0/index.js CHANGED
@@ -1,15 +1,16 @@
1
1
  import { evaluateIssuerTrust } from "./01-evaluate-issuer-trust";
2
2
  import { startUserAuthorization } from "./02-start-user-authorization";
3
- import { continueUserAuthorizationWithMRTDPoPChallenge, completeUserAuthorizationWithQueryMode, completeUserAuthorizationWithFormPostJwtMode, buildAuthorizationUrl, getRequestedCredentialToBePresented } from "./03-complete-user-authorization";
3
+ import { continueUserAuthorizationWithMRTDPoPChallenge, completePidUserAuthorizationWithQueryMode, completeEaaUserAuthorizationWithQueryMode, completeUserAuthorizationWithFormPostJwtMode, buildAuthorizationUrl, getRequestedCredentialToBePresented } from "./03-complete-user-authorization";
4
4
  import { authorizeAccess } from "./04-authorize-access";
5
5
  import { obtainCredential, obtainCredentialsBatch } from "./05-obtain-credential";
6
6
  import { verifyAndParseCredential } from "./06-verify-and-parse-credential";
7
- import { MRTDPoP } from "../mrtd-pop";
7
+ import { MRTDPoPv1_0 } from "../mrtd-pop";
8
8
  export const Issuance = {
9
9
  evaluateIssuerTrust,
10
10
  startUserAuthorization,
11
11
  buildAuthorizationUrl,
12
- completeUserAuthorizationWithQueryMode,
12
+ completePidUserAuthorizationWithQueryMode,
13
+ completeEaaUserAuthorizationWithQueryMode,
13
14
  continueUserAuthorizationWithMRTDPoPChallenge,
14
15
  getRequestedCredentialToBePresented,
15
16
  completeUserAuthorizationWithFormPostJwtMode,
@@ -17,6 +18,6 @@ export const Issuance = {
17
18
  obtainCredential,
18
19
  obtainCredentialsBatch,
19
20
  verifyAndParseCredential,
20
- MRTDPoP
21
+ MRTDPoP: MRTDPoPv1_0
21
22
  };
22
23
  //# sourceMappingURL=index.js.map
package/lib/module/credential/issuance/v1.0.0/index.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"names":["evaluateIssuerTrust","startUserAuthorization","continueUserAuthorizationWithMRTDPoPChallenge","completeUserAuthorizationWithQueryMode","completeUserAuthorizationWithFormPostJwtMode","buildAuthorizationUrl","getRequestedCredentialToBePresented","authorizeAccess","obtainCredential","obtainCredentialsBatch","verifyAndParseCredential","MRTDPoP","Issuance"],"sourceRoot":"../../../../../src","sources":["credential/issuance/v1.0.0/index.ts"],"mappings":"AACA,SAASA,mBAAmB,QAAQ,4BAA4B;AAChE,SAASC,sBAAsB,QAAQ,+BAA+B;AACtE,SACEC,6CAA6C,EAC7CC,sCAAsC,EACtCC,4CAA4C,EAC5CC,qBAAqB,EACrBC,mCAAmC,QAC9B,kCAAkC;AACzC,SAASC,eAAe,QAAQ,uBAAuB;AACvD,SACEC,gBAAgB,EAChBC,sBAAsB,QACjB,wBAAwB;AAC/B,SAASC,wBAAwB,QAAQ,kCAAkC;AAC3E,SAASC,OAAO,QAAQ,aAAa;AAErC,OAAO,MAAMC,QAAqB,GAAG;EACnCZ,mBAAmB;EACnBC,sBAAsB;EACtBI,qBAAqB;EACrBF,sCAAsC;EACtCD,6CAA6C;EAC7CI,mCAAmC;EACnCF,4CAA4C;EAC5CG,eAAe;EACfC,gBAAgB;EAChBC,sBAAsB;EACtBC,wBAAwB;EACxBC;AACF,CAAC"}
1
+ {"version":3,"names":["evaluateIssuerTrust","startUserAuthorization","continueUserAuthorizationWithMRTDPoPChallenge","completePidUserAuthorizationWithQueryMode","completeEaaUserAuthorizationWithQueryMode","completeUserAuthorizationWithFormPostJwtMode","buildAuthorizationUrl","getRequestedCredentialToBePresented","authorizeAccess","obtainCredential","obtainCredentialsBatch","verifyAndParseCredential","MRTDPoPv1_0","Issuance","MRTDPoP"],"sourceRoot":"../../../../../src","sources":["credential/issuance/v1.0.0/index.ts"],"mappings":"AACA,SAASA,mBAAmB,QAAQ,4BAA4B;AAChE,SAASC,sBAAsB,QAAQ,+BAA+B;AACtE,SACEC,6CAA6C,EAC7CC,yCAAyC,EACzCC,yCAAyC,EACzCC,4CAA4C,EAC5CC,qBAAqB,EACrBC,mCAAmC,QAC9B,kCAAkC;AACzC,SAASC,eAAe,QAAQ,uBAAuB;AACvD,SACEC,gBAAgB,EAChBC,sBAAsB,QACjB,wBAAwB;AAC/B,SAASC,wBAAwB,QAAQ,kCAAkC;AAC3E,SAASC,WAAW,QAAQ,aAAa;AAEzC,OAAO,MAAMC,QAAqB,GAAG;EACnCb,mBAAmB;EACnBC,sBAAsB;EACtBK,qBAAqB;EACrBH,yCAAyC;EACzCC,yCAAyC;EACzCF,6CAA6C;EAC7CK,mCAAmC;EACnCF,4CAA4C;EAC5CG,eAAe;EACfC,gBAAgB;EAChBC,sBAAsB;EACtBC,wBAAwB;EACxBG,OAAO,EAAEF;AACX,CAAC"}
package/lib/module/credential/issuance/v1.0.0/mappers.js CHANGED
@@ -3,6 +3,7 @@ export const mapToIssuerConfig = createMapper(x => {
3
3
  const {
4
4
  oauth_authorization_server,
5
5
  openid_credential_issuer,
6
+ openid_credential_verifier,
6
7
  federation_entity
7
8
  } = x.payload.metadata;
8
9
  return {
@@ -10,12 +11,13 @@ export const mapToIssuerConfig = createMapper(x => {
10
11
  credential_endpoint: openid_credential_issuer.credential_endpoint,
11
12
  credential_issuer: openid_credential_issuer.credential_issuer,
12
13
  credential_configurations_supported: openid_credential_issuer.credential_configurations_supported,
13
- keys: openid_credential_issuer.jwks.keys,
14
+ keys: [...openid_credential_issuer.jwks.keys, ...oauth_authorization_server.jwks.keys],
14
15
  pushed_authorization_request_endpoint: oauth_authorization_server.pushed_authorization_request_endpoint,
15
16
  token_endpoint: oauth_authorization_server.token_endpoint,
16
17
  status_assertion_endpoint: openid_credential_issuer.status_attestation_endpoint,
17
18
  nonce_endpoint: openid_credential_issuer.nonce_endpoint,
18
- federation_entity
19
+ federation_entity,
20
+ encrypted_response_enc_values_supported: openid_credential_verifier !== null && openid_credential_verifier !== void 0 && openid_credential_verifier.authorization_encrypted_response_enc ? [openid_credential_verifier.authorization_encrypted_response_enc] : undefined
19
21
  };
20
22
  });
21
23
  //# sourceMappingURL=mappers.js.map
package/lib/module/credential/issuance/v1.0.0/mappers.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"names":["createMapper","mapToIssuerConfig","x","oauth_authorization_server","openid_credential_issuer","federation_entity","payload","metadata","authorization_endpoint","credential_endpoint","credential_issuer","credential_configurations_supported","keys","jwks","pushed_authorization_request_endpoint","token_endpoint","status_assertion_endpoint","status_attestation_endpoint","nonce_endpoint"],"sourceRoot":"../../../../../src","sources":["credential/issuance/v1.0.0/mappers.ts"],"mappings":"AACA,SAASA,YAAY,QAAQ,wBAAwB;AAGrD,OAAO,MAAMC,iBAAiB,GAAGD,YAAY,CAG1CE,CAAC,IAAK;EACP,MAAM;IACJC,0BAA0B;IAC1BC,wBAAwB;IACxBC;EACF,CAAC,GAAGH,CAAC,CAACI,OAAO,CAACC,QAAQ;EACtB,OAAO;IACLC,sBAAsB,EAAEL,0BAA0B,CAACK,sBAAsB;IACzEC,mBAAmB,EAAEL,wBAAwB,CAACK,mBAAmB;IACjEC,iBAAiB,EAAEN,wBAAwB,CAACM,iBAAiB;IAC7DC,mCAAmC,EACjCP,wBAAwB,CAACO,mCAAmC;IAC9DC,IAAI,EAAER,wBAAwB,CAACS,IAAI,CAACD,IAAI;IACxCE,qCAAqC,EACnCX,0BAA0B,CAACW,qCAAqC;IAClEC,cAAc,EAAEZ,0BAA0B,CAACY,cAAc;IACzDC,yBAAyB,EACvBZ,wBAAwB,CAACa,2BAA2B;IACtDC,cAAc,EAAEd,wBAAwB,CAACc,cAAc;IACvDb;EACF,CAAC;AACH,CAAC,CAAC"}
1
+ {"version":3,"names":["createMapper","mapToIssuerConfig","x","oauth_authorization_server","openid_credential_issuer","openid_credential_verifier","federation_entity","payload","metadata","authorization_endpoint","credential_endpoint","credential_issuer","credential_configurations_supported","keys","jwks","pushed_authorization_request_endpoint","token_endpoint","status_assertion_endpoint","status_attestation_endpoint","nonce_endpoint","encrypted_response_enc_values_supported","authorization_encrypted_response_enc","undefined"],"sourceRoot":"../../../../../src","sources":["credential/issuance/v1.0.0/mappers.ts"],"mappings":"AACA,SAASA,YAAY,QAAQ,wBAAwB;AAGrD,OAAO,MAAMC,iBAAiB,GAAGD,YAAY,CAG1CE,CAAC,IAAK;EACP,MAAM;IACJC,0BAA0B;IAC1BC,wBAAwB;IACxBC,0BAA0B;IAC1BC;EACF,CAAC,GAAGJ,CAAC,CAACK,OAAO,CAACC,QAAQ;EACtB,OAAO;IACLC,sBAAsB,EAAEN,0BAA0B,CAACM,sBAAsB;IACzEC,mBAAmB,EAAEN,wBAAwB,CAACM,mBAAmB;IACjEC,iBAAiB,EAAEP,wBAAwB,CAACO,iBAAiB;IAC7DC,mCAAmC,EACjCR,wBAAwB,CAACQ,mCAAmC;IAC9DC,IAAI,EAAE,CACJ,GAAGT,wBAAwB,CAACU,IAAI,CAACD,IAAI,EACrC,GAAGV,0BAA0B,CAACW,IAAI,CAACD,IAAI,CACxC;IACDE,qCAAqC,EACnCZ,0BAA0B,CAACY,qCAAqC;IAClEC,cAAc,EAAEb,0BAA0B,CAACa,cAAc;IACzDC,yBAAyB,EACvBb,wBAAwB,CAACc,2BAA2B;IACtDC,cAAc,EAAEf,wBAAwB,CAACe,cAAc;IACvDb,iBAAiB;IACjBc,uCAAuC,EACrCf,0BAA0B,aAA1BA,0BAA0B,eAA1BA,0BAA0B,CAAEgB,oCAAoC,GAC5D,CAAChB,0BAA0B,CAACgB,oCAAoC,CAAC,GACjEC;EACR,CAAC;AACH,CAAC,CAAC"}
package/lib/module/credential/issuance/v1.3.3/01-evaluate-issuer-trust.js CHANGED
@@ -1,5 +1,4 @@
1
1
  import { fetchMetadata } from "@pagopa/io-wallet-oid4vci";
2
- import { partialCallbacks } from "../../../utils/callbacks";
3
2
  import { sdkConfigV1_3 } from "../../../utils/config";
4
3
  import { mapToIssuerConfig } from "./mappers";
5
4
  export const evaluateIssuerTrust = async function (issuerUrl) {
@@ -8,7 +7,6 @@ export const evaluateIssuerTrust = async function (issuerUrl) {
8
7
  config: sdkConfigV1_3,
9
8
  credentialIssuerUrl: issuerUrl,
10
9
  callbacks: {
11
- ...partialCallbacks,
12
10
  fetch: context.appFetch
13
11
  }
14
12
  });
package/lib/module/credential/issuance/v1.3.3/01-evaluate-issuer-trust.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"names":["fetchMetadata","partialCallbacks","sdkConfigV1_3","mapToIssuerConfig","evaluateIssuerTrust","issuerUrl","context","arguments","length","undefined","issuerMetadata","config","credentialIssuerUrl","callbacks","fetch","appFetch","issuerConf"],"sourceRoot":"../../../../../src","sources":["credential/issuance/v1.3.3/01-evaluate-issuer-trust.ts"],"mappings":"AAAA,SACEA,aAAa,QAER,2BAA2B;AAClC,SAASC,gBAAgB,QAAQ,0BAA0B;AAC3D,SAASC,aAAa,QAAQ,uBAAuB;AAErD,SAASC,iBAAiB,QAAQ,WAAW;AAE7C,OAAO,MAAMC,mBAAuD,GAAG,eAAAA,CACrEC,SAAS,EAEN;EAAA,IADHC,OAAO,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,CAAC,CAAC;EAEZ,MAAMG,cAAc,GAAI,MAAMV,aAAa,CAAC;IAC1CW,MAAM,EAAET,aAAa;IACrBU,mBAAmB,EAAEP,SAAS;IAC9BQ,SAAS,EAAE;MACT,GAAGZ,gBAAgB;MACnBa,KAAK,EAAER,OAAO,CAACS;IACjB;EACF,CAAC,CAA0B;EAE3B,OAAO;IAAEC,UAAU,EAAEb,iBAAiB,CAACO,cAAc;EAAE,CAAC;AAC1D,CAAC"}
1
+ {"version":3,"names":["fetchMetadata","sdkConfigV1_3","mapToIssuerConfig","evaluateIssuerTrust","issuerUrl","context","arguments","length","undefined","issuerMetadata","config","credentialIssuerUrl","callbacks","fetch","appFetch","issuerConf"],"sourceRoot":"../../../../../src","sources":["credential/issuance/v1.3.3/01-evaluate-issuer-trust.ts"],"mappings":"AAAA,SACEA,aAAa,QAER,2BAA2B;AAClC,SAASC,aAAa,QAAQ,uBAAuB;AAErD,SAASC,iBAAiB,QAAQ,WAAW;AAE7C,OAAO,MAAMC,mBAAuD,GAAG,eAAAA,CACrEC,SAAS,EAEN;EAAA,IADHC,OAAO,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,CAAC,CAAC;EAEZ,MAAMG,cAAc,GAAI,MAAMT,aAAa,CAAC;IAC1CU,MAAM,EAAET,aAAa;IACrBU,mBAAmB,EAAEP,SAAS;IAC9BQ,SAAS,EAAE;MACTC,KAAK,EAAER,OAAO,CAACS;IACjB;EACF,CAAC,CAA0B;EAE3B,OAAO;IAAEC,UAAU,EAAEb,iBAAiB,CAACO,cAAc;EAAE,CAAC;AAC1D,CAAC"}
package/lib/module/credential/issuance/v1.3.3/02-start-user-authorization.js CHANGED
@@ -1,9 +1,10 @@
1
1
  import { createPushedAuthorizationRequest, fetchPushedAuthorizationResponse, createClientAttestationPopJwt } from "@pagopa/io-wallet-oauth2";
2
+ import { v4 as uuidv4 } from "uuid";
2
3
  import { LogLevel, Logger } from "../../../utils/logging";
3
- import { SignJWT } from "@pagopa/io-react-native-jwt";
4
- import { partialCallbacks } from "../../../utils/callbacks";
4
+ import { createSignJwtFromCryptoContext, partialCallbacks } from "../../../utils/callbacks";
5
5
  import { IoWalletError } from "../../../utils/errors";
6
- import { selectCredentialDefinition, selectResponseMode } from "../common/authorization";
6
+ import { sdkConfigV1_3 } from "../../../utils/config";
7
+ import { selectCredentialDefinition } from "../common/02-start-user-authorization";
7
8
  export const startUserAuthorization = async (issuerConf, credentialIds, proof, ctx) => {
8
9
  const {
9
10
  wiaCryptoContext,
@@ -16,7 +17,6 @@ export const startUserAuthorization = async (issuerConf, credentialIds, proof, c
16
17
  Logger.log(LogLevel.ERROR, `Public key associated with kid ${clientId} not found in the device`);
17
18
  throw new IoWalletError("No public key found");
18
19
  }
19
- const responseMode = selectResponseMode(issuerConf, credentialIds);
20
20
  const credentialDefinition = credentialIds.map(c => selectCredentialDefinition(issuerConf, c));
21
21
  if (proof.proofType === "mrtd-pop") {
22
22
  /**
@@ -32,12 +32,14 @@ export const startUserAuthorization = async (issuerConf, credentialIds, proof, c
32
32
  challenge_redirect_uri: redirectUri
33
33
  });
34
34
  }
35
- const signerJwk = await wiaCryptoContext.getPublicKey();
36
- const signJwt = async (_, payload) => ({
37
- jwt: await new SignJWT(wiaCryptoContext).setPayload(payload).sign(),
38
- signerJwk
39
- });
35
+ const wiaSigner = {
36
+ method: "jwk",
37
+ alg: "ES256",
38
+ publicJwk: await wiaCryptoContext.getPublicKey()
39
+ };
40
+ const signJwt = createSignJwtFromCryptoContext(wiaCryptoContext);
40
41
  const parRequest = await createPushedAuthorizationRequest({
42
+ config: sdkConfigV1_3,
41
43
  callbacks: {
42
44
  ...partialCallbacks,
43
45
  signJwt
@@ -45,24 +47,26 @@ export const startUserAuthorization = async (issuerConf, credentialIds, proof, c
45
47
  authorizationServerMetadata: {
46
48
  require_signed_request_object: true
47
49
  },
50
+ jti: uuidv4(),
48
51
  clientId,
49
52
  audience: issuerConf.credential_issuer,
50
53
  authorization_details: credentialDefinition,
51
54
  codeChallengeMethodsSupported: ["S256"],
52
- responseMode,
53
- redirectUri
55
+ redirectUri,
56
+ dpop: {
57
+ signer: wiaSigner
58
+ }
54
59
  });
55
60
  const clientAttestationPoP = await createClientAttestationPopJwt({
61
+ config: sdkConfigV1_3,
56
62
  callbacks: {
63
+ generateRandom: partialCallbacks.generateRandom,
57
64
  signJwt
58
65
  },
59
66
  clientAttestation: walletInstanceAttestation,
60
- authorizationServer: issuerConf.authorization_endpoint,
61
- signer: {
62
- method: "jwk",
63
- alg: "ES256",
64
- publicJwk: signerJwk
65
- }
67
+ authorizationServer: issuerConf.credential_issuer,
68
+ signer: wiaSigner,
69
+ jti: uuidv4()
66
70
  });
67
71
  const {
68
72
  request_uri
package/lib/module/credential/issuance/v1.3.3/02-start-user-authorization.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"names":["createPushedAuthorizationRequest","fetchPushedAuthorizationResponse","createClientAttestationPopJwt","LogLevel","Logger","SignJWT","partialCallbacks","IoWalletError","selectCredentialDefinition","selectResponseMode","startUserAuthorization","issuerConf","credentialIds","proof","ctx","wiaCryptoContext","walletInstanceAttestation","redirectUri","appFetch","fetch","clientId","getPublicKey","then","_","kid","log","ERROR","responseMode","credentialDefinition","map","c","proofType","push","type","idphinting","idpHinting","challenge_method","challenge_redirect_uri","signerJwk","signJwt","payload","jwt","setPayload","sign","parRequest","callbacks","authorizationServerMetadata","require_signed_request_object","audience","credential_issuer","authorization_details","codeChallengeMethodsSupported","clientAttestationPoP","clientAttestation","authorizationServer","authorization_endpoint","signer","method","alg","publicJwk","request_uri","pushedAuthorizationRequestEndpoint","pushed_authorization_request_endpoint","pushedAuthorizationRequest","clientAttestationDPoP","walletAttestation","issuerRequestUri","codeVerifier","pkceCodeVerifier"],"sourceRoot":"../../../../../src","sources":["credential/issuance/v1.3.3/02-start-user-authorization.ts"],"mappings":"AAAA,SACEA,gCAAgC,EAChCC,gCAAgC,EAChCC,6BAA6B,QACxB,0BAA0B;AAEjC,SAASC,QAAQ,EAAEC,MAAM,QAAQ,wBAAwB;AAEzD,SAASC,OAAO,QAAQ,6BAA6B;AACrD,SAASC,gBAAgB,QAAQ,0BAA0B;AAC3D,SAASC,aAAa,QAAQ,uBAAuB;AACrD,SACEC,0BAA0B,EAC1BC,kBAAkB,QACb,yBAAyB;AAEhC,OAAO,MAAMC,sBAA6D,GACxE,MAAAA,CAAOC,UAAU,EAAEC,aAAa,EAAEC,KAAK,EAAEC,GAAG,KAAK;EAC/C,MAAM;IACJC,gBAAgB;IAChBC,yBAAyB;IACzBC,WAAW;IACXC,QAAQ,GAAGC;EACb,CAAC,GAAGL,GAAG;EAEP,MAAMM,QAAQ,GAAG,MAAML,gBAAgB,CAACM,YAAY,CAAC,CAAC,CAACC,IAAI,CAAEC,CAAC,IAAKA,CAAC,CAACC,GAAG,CAAC;EAEzE,IAAI,CAACJ,QAAQ,EAAE;IACbhB,MAAM,CAACqB,GAAG,CACRtB,QAAQ,CAACuB,KAAK,EACb,kCAAiCN,QAAS,0BAC7C,CAAC;IACD,MAAM,IAAIb,aAAa,CAAC,qBAAqB,CAAC;EAChD;EAEA,MAAMoB,YAAY,GAAGlB,kBAAkB,CAACE,UAAU,EAAEC,aAAa,CAAC;EAElE,MAAMgB,oBAAoB,GAAGhB,aAAa,CAACiB,GAAG,CAAEC,CAAC,IAC/CtB,0BAA0B,CAACG,UAAU,EAAEmB,CAAC,CAC1C,CAAC;EAED,IAAIjB,KAAK,CAACkB,SAAS,KAAK,UAAU,EAAE;IAClC;AACN;AACA;AACA;AACA;AACA;IACMH,oBAAoB,CAACI,IAAI,CAAC;MACxBC,IAAI,EAAE,sBAAsB;MAC5BC,UAAU,EAAErB,KAAK,CAACsB,UAAU;MAC5BC,gBAAgB,EAAE,UAAU;MAC5BC,sBAAsB,EAAEpB;IAC1B,CAAC,CAAC;EACJ;EAEA,MAAMqB,SAAS,GAAG,MAAMvB,gBAAgB,CAACM,YAAY,CAAC,CAAC;EACvD,MAAMkB,OAAmC,GAAG,MAAAA,CAAOhB,CAAC,EAAEiB,OAAO,MAAM;IACjEC,GAAG,EAAE,MAAM,IAAIpC,OAAO,CAACU,gBAAgB,CAAC,CAAC2B,UAAU,CAACF,OAAO,CAAC,CAACG,IAAI,CAAC,CAAC;IACnEL;EACF,CAAC,CAAC;EAEF,MAAMM,UAAU,GAAG,MAAM5C,gCAAgC,CAAC;IACxD6C,SAAS,EAAE;MACT,GAAGvC,gBAAgB;MACnBiC;IACF,CAAC;IACDO,2BAA2B,EAAE;MAC3BC,6BAA6B,EAAE;IACjC,CAAC;IACD3B,QAAQ;IACR4B,QAAQ,EAAErC,UAAU,CAACsC,iBAAiB;IACtCC,qBAAqB,EAAEtB,oBAAoB;IAC3CuB,6BAA6B,EAAE,CAAC,MAAM,CAAC;IACvCxB,YAAY;IACZV;EACF,CAAC,CAAC;EAEF,MAAMmC,oBAAoB,GAAG,MAAMlD,6BAA6B,CAAC;IAC/D2C,SAAS,EAAE;MACTN;IACF,CAAC;IACDc,iBAAiB,EAAErC,yBAAyB;IAC5CsC,mBAAmB,EAAE3C,UAAU,CAAC4C,sBAAsB;IACtDC,MAAM,EAAE;MACNC,MAAM,EAAE,KAAK;MACbC,GAAG,EAAE,OAAO;MACZC,SAAS,EAAErB;IACb;EACF,CAAC,CAAC;EAEF,MAAM;IAAEsB;EAAY,CAAC,GAAG,MAAM3D,gCAAgC,CAAC;IAC7D4C,SAAS,EAAE;MACT1B,KAAK,EAAED;IACT,CAAC;IACD2C,kCAAkC,EAChClD,UAAU,CAACmD,qCAAqC;IAClDC,0BAA0B,EAAEnB,UAAU;IACtCoB,qBAAqB,EAAEZ,oBAAoB;IAC3Ca,iBAAiB,EAAEjD;EACrB,CAAC,CAAC;EAEF,OAAO;IACLkD,gBAAgB,EAAEN,WAAW;IAC7BxC,QAAQ;IACR+C,YAAY,EAAEvB,UAAU,CAACwB,gBAAgB;IACzCxC;EACF,CAAC;AACH,CAAC"}
1
+ {"version":3,"names":["createPushedAuthorizationRequest","fetchPushedAuthorizationResponse","createClientAttestationPopJwt","v4","uuidv4","LogLevel","Logger","createSignJwtFromCryptoContext","partialCallbacks","IoWalletError","sdkConfigV1_3","selectCredentialDefinition","startUserAuthorization","issuerConf","credentialIds","proof","ctx","wiaCryptoContext","walletInstanceAttestation","redirectUri","appFetch","fetch","clientId","getPublicKey","then","_","kid","log","ERROR","credentialDefinition","map","c","proofType","push","type","idphinting","idpHinting","challenge_method","challenge_redirect_uri","wiaSigner","method","alg","publicJwk","signJwt","parRequest","config","callbacks","authorizationServerMetadata","require_signed_request_object","jti","audience","credential_issuer","authorization_details","codeChallengeMethodsSupported","dpop","signer","clientAttestationPoP","generateRandom","clientAttestation","authorizationServer","request_uri","pushedAuthorizationRequestEndpoint","pushed_authorization_request_endpoint","pushedAuthorizationRequest","clientAttestationDPoP","walletAttestation","issuerRequestUri","codeVerifier","pkceCodeVerifier"],"sourceRoot":"../../../../../src","sources":["credential/issuance/v1.3.3/02-start-user-authorization.ts"],"mappings":"AAAA,SACEA,gCAAgC,EAChCC,gCAAgC,EAChCC,6BAA6B,QACxB,0BAA0B;AAEjC,SAASC,EAAE,IAAIC,MAAM,QAAQ,MAAM;AACnC,SAASC,QAAQ,EAAEC,MAAM,QAAQ,wBAAwB;AAEzD,SACEC,8BAA8B,EAC9BC,gBAAgB,QACX,0BAA0B;AACjC,SAASC,aAAa,QAAQ,uBAAuB;AACrD,SAASC,aAAa,QAAQ,uBAAuB;AACrD,SAASC,0BAA0B,QAAQ,uCAAuC;AAElF,OAAO,MAAMC,sBAA6D,GACxE,MAAAA,CAAOC,UAAU,EAAEC,aAAa,EAAEC,KAAK,EAAEC,GAAG,KAAK;EAC/C,MAAM;IACJC,gBAAgB;IAChBC,yBAAyB;IACzBC,WAAW;IACXC,QAAQ,GAAGC;EACb,CAAC,GAAGL,GAAG;EAEP,MAAMM,QAAQ,GAAG,MAAML,gBAAgB,CAACM,YAAY,CAAC,CAAC,CAACC,IAAI,CAAEC,CAAC,IAAKA,CAAC,CAACC,GAAG,CAAC;EAEzE,IAAI,CAACJ,QAAQ,EAAE;IACbhB,MAAM,CAACqB,GAAG,CACRtB,QAAQ,CAACuB,KAAK,EACb,kCAAiCN,QAAS,0BAC7C,CAAC;IACD,MAAM,IAAIb,aAAa,CAAC,qBAAqB,CAAC;EAChD;EAEA,MAAMoB,oBAAoB,GAAGf,aAAa,CAACgB,GAAG,CAAEC,CAAC,IAC/CpB,0BAA0B,CAACE,UAAU,EAAEkB,CAAC,CAC1C,CAAC;EAED,IAAIhB,KAAK,CAACiB,SAAS,KAAK,UAAU,EAAE;IAClC;AACN;AACA;AACA;AACA;AACA;IACMH,oBAAoB,CAACI,IAAI,CAAC;MACxBC,IAAI,EAAE,sBAAsB;MAC5BC,UAAU,EAAEpB,KAAK,CAACqB,UAAU;MAC5BC,gBAAgB,EAAE,UAAU;MAC5BC,sBAAsB,EAAEnB;IAC1B,CAAC,CAAC;EACJ;EAEA,MAAMoB,SAAuB,GAAG;IAC9BC,MAAM,EAAE,KAAK;IACbC,GAAG,EAAE,OAAO;IACZC,SAAS,EAAE,MAAMzB,gBAAgB,CAACM,YAAY,CAAC;EACjD,CAAC;EAED,MAAMoB,OAAO,GAAGpC,8BAA8B,CAACU,gBAAgB,CAAC;EAEhE,MAAM2B,UAAU,GAAG,MAAM5C,gCAAgC,CAAC;IACxD6C,MAAM,EAAEnC,aAAa;IACrBoC,SAAS,EAAE;MACT,GAAGtC,gBAAgB;MACnBmC;IACF,CAAC;IACDI,2BAA2B,EAAE;MAC3BC,6BAA6B,EAAE;IACjC,CAAC;IACDC,GAAG,EAAE7C,MAAM,CAAC,CAAC;IACbkB,QAAQ;IACR4B,QAAQ,EAAErC,UAAU,CAACsC,iBAAiB;IACtCC,qBAAqB,EAAEvB,oBAAoB;IAC3CwB,6BAA6B,EAAE,CAAC,MAAM,CAAC;IACvClC,WAAW;IACXmC,IAAI,EAAE;MACJC,MAAM,EAAEhB;IACV;EACF,CAAC,CAAC;EAEF,MAAMiB,oBAAoB,GAAG,MAAMtD,6BAA6B,CAAC;IAC/D2C,MAAM,EAAEnC,aAAa;IACrBoC,SAAS,EAAE;MACTW,cAAc,EAAEjD,gBAAgB,CAACiD,cAAc;MAC/Cd;IACF,CAAC;IACDe,iBAAiB,EAAExC,yBAAyB;IAC5CyC,mBAAmB,EAAE9C,UAAU,CAACsC,iBAAiB;IACjDI,MAAM,EAAEhB,SAAS;IACjBU,GAAG,EAAE7C,MAAM,CAAC;EACd,CAAC,CAAC;EAEF,MAAM;IAAEwD;EAAY,CAAC,GAAG,MAAM3D,gCAAgC,CAAC;IAC7D6C,SAAS,EAAE;MACTzB,KAAK,EAAED;IACT,CAAC;IACDyC,kCAAkC,EAChChD,UAAU,CAACiD,qCAAqC;IAClDC,0BAA0B,EAAEnB,UAAU;IACtCoB,qBAAqB,EAAER,oBAAoB;IAC3CS,iBAAiB,EAAE/C;EACrB,CAAC,CAAC;EAEF,OAAO;IACLgD,gBAAgB,EAAEN,WAAW;IAC7BtC,QAAQ;IACR6C,YAAY,EAAEvB,UAAU,CAACwB,gBAAgB;IACzCvC;EACF,CAAC;AACH,CAAC"}
package/lib/module/credential/issuance/v1.3.3/03-complete-user-authorization.js CHANGED
@@ -1,18 +1,18 @@
1
1
  import { AuthorizationErrorShape, AuthorizationResultShape } from "../../../utils/auth";
2
2
  import parseUrl from "parse-url";
3
- import { fetchAuthorizationRequest, parseAuthorizeRequest } from "@pagopa/io-wallet-oid4vp";
3
+ import { createAuthorizationResponse, parseAuthorizeRequest, fetchAuthorizationResponse } from "@pagopa/io-wallet-oid4vp";
4
4
  import { sendAuthorizationResponseAndExtractCode } from "@pagopa/io-wallet-oid4vci";
5
5
  import { parseMrtdChallenge } from "@pagopa/io-wallet-oauth2";
6
- import { SignJWT } from "@pagopa/io-react-native-jwt";
7
6
  import { AuthorizationError, AuthorizationIdpError } from "../common/errors";
8
7
  import { LogLevel, Logger } from "../../../utils/logging";
9
8
  import { RemotePresentation as RemotePresentationFlow } from "../../presentation/v1.3.3";
10
- import { partialCallbacks } from "../../../utils/callbacks";
11
- import { sdkConfigV1_3 } from "../../../utils/config";
12
- import { IoWalletError, sdkUnexpectedStatusCodeToIssuerError } from "../../../utils/errors";
9
+ import { createVerifyJwtFromJwks, partialCallbacks } from "../../../utils/callbacks";
10
+ import { sdkConfigV1_3, sdkConfigV1_4 } from "../../../utils/config";
11
+ import { IoWalletError, IssuerResponseError } from "../../../utils/errors";
13
12
  import { mapToRequestObject } from "./mappers";
13
+ import { hasStatusOrThrow } from "../../../utils/misc";
14
14
  export const continueUserAuthorizationWithMRTDPoPChallenge = async authRedirectUrl => {
15
- Logger.log(LogLevel.DEBUG, `The requested credential is a PersonIdentificationData and requires MRTD PoP, starting MRTD PoP validation from auth redirect`);
15
+ Logger.log(LogLevel.DEBUG, "The requested credential is a PID and requires MRTD PoP, starting MRTD PoP validation from auth redirect");
16
16
  try {
17
17
  const parsedChallenge = parseMrtdChallenge({
18
18
  redirectUrl: authRedirectUrl
@@ -40,53 +40,45 @@ export const buildAuthorizationUrl = async (issuerRequestUri, clientId, issuerCo
40
40
  authUrl
41
41
  };
42
42
  };
43
- export const completeUserAuthorizationWithQueryMode = async authRedirectUrl => {
44
- Logger.log(LogLevel.DEBUG, `The requested credential is a PersonIdentificationData, completing the user authorization with query mode`);
43
+ export const completePidUserAuthorizationWithQueryMode = async authRedirectUrl => {
44
+ Logger.log(LogLevel.DEBUG, "The requested credential is a PID, completing the user authorization with query mode");
45
45
  const query = parseUrl(authRedirectUrl).query;
46
46
  return parseAuthorizationResponse(query);
47
47
  };
48
48
  export const getRequestedCredentialToBePresented = async function (issuerRequestUri, clientId, issuerConf) {
49
49
  let appFetch = arguments.length > 3 && arguments[3] !== undefined ? arguments[3] : fetch;
50
- Logger.log(LogLevel.DEBUG, `The requeste credential is not a PersonIdentificationData, requesting the credential to be presented`);
50
+ Logger.log(LogLevel.DEBUG, "The requested credential is not a PID, requesting the credential to be presented");
51
51
  const authzRequestEndpoint = issuerConf.authorization_endpoint;
52
52
  const params = new URLSearchParams({
53
53
  client_id: clientId,
54
54
  request_uri: issuerRequestUri
55
55
  });
56
56
  Logger.log(LogLevel.DEBUG, `Requesting the request object to ${authzRequestEndpoint}?${params.toString()}`);
57
- const authRequest = await fetchAuthorizationRequest({
58
- authorizeRequestUrl: `${authzRequestEndpoint}?${params.toString()}`,
59
- callbacks: {
60
- fetch: appFetch
61
- }
62
- }).catch(sdkUnexpectedStatusCodeToIssuerError);
57
+ const requestObjectJwt = await appFetch(`${authzRequestEndpoint}?${params.toString()}`, {
58
+ method: "GET"
59
+ }).then(hasStatusOrThrow(200, IssuerResponseError)).then(res => res.text());
63
60
  const parsedAuthRequest = await parseAuthorizeRequest({
64
61
  config: sdkConfigV1_3,
65
- requestObjectJwt: authRequest.requestObjectJwt,
66
- callbacks: partialCallbacks
62
+ requestObjectJwt,
63
+ callbacks: {
64
+ verifyJwt: createVerifyJwtFromJwks(issuerConf.keys)
65
+ }
67
66
  });
68
67
  return mapToRequestObject(parsedAuthRequest);
69
68
  };
69
+
70
+ // NOTE: this function is not used in the 1.3 issuance flow. It may be removed in the future.
70
71
  export const completeUserAuthorizationWithFormPostJwtMode = async (requestObject, issuerConfig, pid, _ref) => {
71
72
  let {
72
- wiaCryptoContext,
73
- pidKeyTag,
74
73
  appFetch = fetch
75
74
  } = _ref;
76
- Logger.log(LogLevel.DEBUG, `The requeste credential is not a PersonIdentificationData, completing the user authorization with form_post.jwt mode`);
77
- const dcqlQueryResult = await RemotePresentationFlow.evaluateDcqlQuery(requestObject.dcql_query, [[pidKeyTag, pid]]);
78
- const authRequestObject = {
79
- nonce: requestObject.nonce,
80
- clientId: requestObject.client_id,
81
- responseUri: requestObject.response_uri
82
- };
83
- const remotePresentation = await RemotePresentationFlow.prepareRemotePresentations(dcqlQueryResult, authRequestObject);
84
- const authzResponsePayload = await createAuthzResponsePayload({
85
- state: requestObject.state,
86
- remotePresentation,
87
- wiaCryptoContext
75
+ Logger.log(LogLevel.DEBUG, "The requested credential is not a PID, completing the user authorization with form_post.jwt mode");
76
+ const authzResponse = await processPidPresentationAndCreateAuthzResponse({
77
+ requestObject,
78
+ issuerConfig,
79
+ pid
88
80
  });
89
- Logger.log(LogLevel.DEBUG, `Authz response payload: ${authzResponsePayload}`);
81
+ Logger.log(LogLevel.DEBUG, `Authz response: ${authzResponse}`);
90
82
  const issuerSigKey = issuerConfig.keys.find(key => key.use === "sig");
91
83
  if (!issuerSigKey) {
92
84
  const errorMessage = "No signature key found in Issuer Metadata JWKS";
@@ -94,13 +86,13 @@ export const completeUserAuthorizationWithFormPostJwtMode = async (requestObject
94
86
  throw new IoWalletError(errorMessage);
95
87
  }
96
88
  return sendAuthorizationResponseAndExtractCode({
97
- authorizationResponseJarm: authzResponsePayload,
89
+ authorizationResponseJarm: authzResponse.jarm.responseJwe,
98
90
  callbacks: {
99
91
  ...partialCallbacks,
100
92
  fetch: appFetch
101
93
  },
102
94
  iss: requestObject.iss,
103
- state: requestObject.state,
95
+ state: requestObject.state ?? "",
104
96
  presentationResponseUri: requestObject.response_uri,
105
97
  signer: {
106
98
  alg: "ES256",
@@ -109,6 +101,46 @@ export const completeUserAuthorizationWithFormPostJwtMode = async (requestObject
109
101
  }
110
102
  });
111
103
  };
104
+ export const completeEaaUserAuthorizationWithQueryMode = async function (requestObject, issuerConfig, pid, clientRedirectUri) {
105
+ let {
106
+ appFetch = fetch
107
+ } = arguments.length > 4 && arguments[4] !== undefined ? arguments[4] : {};
108
+ Logger.log(LogLevel.DEBUG, "The requested credential is not a PID, completing the user authorization with query mode");
109
+ const authzResponse = await processPidPresentationAndCreateAuthzResponse({
110
+ requestObject,
111
+ issuerConfig,
112
+ pid
113
+ });
114
+ Logger.log(LogLevel.DEBUG, `Authz response: ${authzResponse}`);
115
+ const {
116
+ redirect_uri
117
+ } = await fetchAuthorizationResponse({
118
+ authorizationResponseJarm: authzResponse.jarm.responseJwe,
119
+ presentationResponseUri: requestObject.response_uri,
120
+ callbacks: {
121
+ ...partialCallbacks,
122
+ fetch: appFetch
123
+ }
124
+ });
125
+ if (!redirect_uri) {
126
+ const errorMessage = "The authorization server did not return a redirect_uri to continue the authorization flow";
127
+ Logger.log(LogLevel.ERROR, errorMessage);
128
+ throw new AuthorizationError(errorMessage);
129
+ }
130
+ const response = await appFetch(redirect_uri).catch(() => null);
131
+ if (!response || !response.ok) {
132
+ const errorMessage = `An error occurred while completing the authorization flow. Ensure ${clientRedirectUri} is a valid HTTP url for redirect`;
133
+ Logger.log(LogLevel.ERROR, errorMessage);
134
+ throw new AuthorizationError(errorMessage);
135
+ }
136
+ const finalRedirectUri = response.url;
137
+ if (!finalRedirectUri || !finalRedirectUri.startsWith(clientRedirectUri)) {
138
+ const errorMessage = `The authorization server did not redirect to the provided client redirect URI. Expected: ${clientRedirectUri}, got: ${finalRedirectUri}`;
139
+ Logger.log(LogLevel.ERROR, errorMessage);
140
+ throw new AuthorizationError(errorMessage);
141
+ }
142
+ return parseAuthorizationResponse(parseUrl(finalRedirectUri).query);
143
+ };
112
144
 
113
145
  /**
114
146
  * Parse the authorization response and return the result which contains code, state and iss.
@@ -133,44 +165,50 @@ export const parseAuthorizationResponse = authRes => {
133
165
  };
134
166
 
135
167
  /**
136
- * Creates the authorization response payload to be sent.
137
- * This payload includes the state and the VP tokens for the presented credentials.
138
- * The payload is encoded in Base64.
139
- * @param state - The state parameter from the request object (optional).
140
- * @param remotePresentation The presentations to send, each with their VP token
141
- * @returns The Base64 encoded authorization response payload.
168
+ * Utility function to process the DCQL query for PID presentation and to create the authorization response to send to the Issuer.
169
+ * @param params.requestObject - The request object containing the DCQL query
170
+ * @param params.issuerConfig - The Issuer unified configuration
171
+ * @param params.pid - The PID credential to be presented, as a tuple of [keyTag, credential]
172
+ * @returns The authorization response containing the JARM to be sent to the Issuer
142
173
  */
143
- const createAuthzResponsePayload = async _ref2 => {
174
+ const processPidPresentationAndCreateAuthzResponse = async _ref2 => {
144
175
  let {
145
- state,
146
- remotePresentation,
147
- wiaCryptoContext
176
+ requestObject,
177
+ issuerConfig,
178
+ pid
148
179
  } = _ref2;
149
- const {
150
- kid
151
- } = await wiaCryptoContext.getPublicKey();
152
- return new SignJWT(wiaCryptoContext).setProtectedHeader({
153
- typ: "jwt",
154
- kid
155
- }).setPayload({
156
- /**
157
- * TODO [SIW-2264]: `state` coming from `requestObject` is marked as `optional`
158
- * At the moment, it is not entirely clear whether this value can indeed be omitted
159
- * and, if so, what the consequences of its absence might be.
160
- */
161
- ...(state ? {
162
- state
163
- } : {}),
164
- vp_token: remotePresentation.presentations.reduce((vp_token, _ref3) => {
165
- let {
166
- credentialId,
167
- vpToken
168
- } = _ref3;
169
- return {
170
- ...vp_token,
171
- [credentialId]: [vpToken]
172
- };
173
- }, {})
174
- }).setIssuedAt().setExpirationTime("1h").sign();
180
+ const dcqlQueryResult = await RemotePresentationFlow.evaluateDcqlQuery(requestObject.dcql_query, [pid]);
181
+ const remotePresentation = await RemotePresentationFlow.prepareRemotePresentations(dcqlQueryResult, {
182
+ clientId: requestObject.client_id,
183
+ nonce: requestObject.nonce,
184
+ responseUri: requestObject.response_uri
185
+ });
186
+ const vp_token = remotePresentation.presentations.reduce((acc, _ref3) => {
187
+ let {
188
+ credentialId,
189
+ vpToken
190
+ } = _ref3;
191
+ return {
192
+ ...acc,
193
+ [credentialId]: [vpToken]
194
+ };
195
+ }, {});
196
+ return createAuthorizationResponse({
197
+ // The SDK 1.4 config is used here in order to resolve the encryption data from the Request Object
198
+ // client_metadata, otherwise OpenID Federation clients always ignore client_metadata as per 1.3.3 specs.
199
+ config: sdkConfigV1_4,
200
+ requestObject,
201
+ rpJwks: {
202
+ jwks: {
203
+ keys: issuerConfig.keys
204
+ },
205
+ encrypted_response_enc_values_supported: issuerConfig.encrypted_response_enc_values_supported
206
+ },
207
+ vp_token,
208
+ callbacks: {
209
+ encryptJwe: partialCallbacks.encryptJwe,
210
+ generateRandom: partialCallbacks.generateRandom
211
+ }
212
+ });
175
213
  };
176
214
  //# sourceMappingURL=03-complete-user-authorization.js.map
package/lib/module/credential/issuance/v1.3.3/03-complete-user-authorization.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"names":["AuthorizationErrorShape","AuthorizationResultShape","parseUrl","fetchAuthorizationRequest","parseAuthorizeRequest","sendAuthorizationResponseAndExtractCode","parseMrtdChallenge","SignJWT","AuthorizationError","AuthorizationIdpError","LogLevel","Logger","RemotePresentation","RemotePresentationFlow","partialCallbacks","sdkConfigV1_3","IoWalletError","sdkUnexpectedStatusCodeToIssuerError","mapToRequestObject","continueUserAuthorizationWithMRTDPoPChallenge","authRedirectUrl","log","DEBUG","parsedChallenge","redirectUrl","challenge_info","challengeJwt","err","errorMessage","Error","message","ERROR","buildAuthorizationUrl","issuerRequestUri","clientId","issuerConf","idpHint","authzRequestEndpoint","authorization_endpoint","params","URLSearchParams","client_id","request_uri","append","authUrl","completeUserAuthorizationWithQueryMode","query","parseAuthorizationResponse","getRequestedCredentialToBePresented","appFetch","arguments","length","undefined","fetch","toString","authRequest","authorizeRequestUrl","callbacks","catch","parsedAuthRequest","config","requestObjectJwt","completeUserAuthorizationWithFormPostJwtMode","requestObject","issuerConfig","pid","_ref","wiaCryptoContext","pidKeyTag","dcqlQueryResult","evaluateDcqlQuery","dcql_query","authRequestObject","nonce","responseUri","response_uri","remotePresentation","prepareRemotePresentations","authzResponsePayload","createAuthzResponsePayload","state","issuerSigKey","keys","find","key","use","authorizationResponseJarm","iss","presentationResponseUri","signer","alg","method","publicJwk","authRes","authResParsed","safeParse","success","authErr","error","JSON","stringify","data","error_description","_ref2","kid","getPublicKey","setProtectedHeader","typ","setPayload","vp_token","presentations","reduce","_ref3","credentialId","vpToken","setIssuedAt","setExpirationTime","sign"],"sourceRoot":"../../../../../src","sources":["credential/issuance/v1.3.3/03-complete-user-authorization.ts"],"mappings":"AAAA,SACEA,uBAAuB,EACvBC,wBAAwB,QAEnB,qBAAqB;AAC5B,OAAOC,QAAQ,MAAM,WAAW;AAEhC,SACEC,yBAAyB,EACzBC,qBAAqB,QAChB,0BAA0B;AACjC,SAASC,uCAAuC,QAAQ,2BAA2B;AACnF,SAASC,kBAAkB,QAAQ,0BAA0B;AAC7D,SAASC,OAAO,QAA4B,6BAA6B;AACzE,SAASC,kBAAkB,EAAEC,qBAAqB,QAAQ,kBAAkB;AAC5E,SAASC,QAAQ,EAAEC,MAAM,QAAQ,wBAAwB;AACzD,SAASC,kBAAkB,IAAIC,sBAAsB,QAAQ,2BAA2B;AACxF,SAASC,gBAAgB,QAAQ,0BAA0B;AAC3D,SAASC,aAAa,QAAQ,uBAAuB;AACrD,SACEC,aAAa,EACbC,oCAAoC,QAC/B,uBAAuB;AAE9B,SAASC,kBAAkB,QAAQ,WAAW;AAG9C,OAAO,MAAMC,6CAA2G,GACtH,MAAOC,eAAe,IAAK;EACzBT,MAAM,CAACU,GAAG,CACRX,QAAQ,CAACY,KAAK,EACb,+HACH,CAAC;EACD,IAAI;IACF,MAAMC,eAAe,GAAGjB,kBAAkB,CAAC;MACzCkB,WAAW,EAAEJ;IACf,CAAC,CAAC;IACF,OAAO;MAAEK,cAAc,EAAEF,eAAe,CAACG;IAAa,CAAC;EACzD,CAAC,CAAC,OAAOC,GAAG,EAAE;IACZ,MAAMC,YAAY,GAChBD,GAAG,YAAYE,KAAK,GAAGF,GAAG,CAACG,OAAO,GAAG,+BAA+B;IACtEnB,MAAM,CAACU,GAAG,CACRX,QAAQ,CAACqB,KAAK,EACb,mDAAkDH,YAAa,EAClE,CAAC;IACD,MAAM,IAAIpB,kBAAkB,CAACoB,YAAY,CAAC;EAC5C;AACF,CAAC;AAEH,OAAO,MAAMI,qBAA2D,GACtE,MAAAA,CAAOC,gBAAgB,EAAEC,QAAQ,EAAEC,UAAU,EAAEC,OAAO,KAAK;EACzD,MAAMC,oBAAoB,GAAGF,UAAU,CAACG,sBAAsB;EAE9D,MAAMC,MAAM,GAAG,IAAIC,eAAe,CAAC;IACjCC,SAAS,EAAEP,QAAQ;IACnBQ,WAAW,EAAET;EACf,CAAC,CAAC;EAEF,IAAIG,OAAO,EAAE;IACXG,MAAM,CAACI,MAAM,CAAC,SAAS,EAAEP,OAAO,CAAC;EACnC;EAEA,MAAMQ,OAAO,GAAI,GAAEP,oBAAqB,IAAGE,MAAO,EAAC;EAEnD,OAAO;IAAEK;EAAQ,CAAC;AACpB,CAAC;AAEH,OAAO,MAAMC,sCAA6F,GACxG,MAAOzB,eAAe,IAAK;EACzBT,MAAM,CAACU,GAAG,CACRX,QAAQ,CAACY,KAAK,EACb,2GACH,CAAC;EACD,MAAMwB,KAAK,GAAG5C,QAAQ,CAACkB,eAAe,CAAC,CAAC0B,KAAK;EAE7C,OAAOC,0BAA0B,CAACD,KAAK,CAAC;AAC1C,CAAC;AAEH,OAAO,MAAME,mCAAuF,GAClG,eAAAA,CAAOf,gBAAgB,EAAEC,QAAQ,EAAEC,UAAU,EAAuB;EAAA,IAArBc,QAAQ,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAGG,KAAK;EAC7D1C,MAAM,CAACU,GAAG,CACRX,QAAQ,CAACY,KAAK,EACb,sGACH,CAAC;EAED,MAAMe,oBAAoB,GAAGF,UAAU,CAACG,sBAAsB;EAC9D,MAAMC,MAAM,GAAG,IAAIC,eAAe,CAAC;IACjCC,SAAS,EAAEP,QAAQ;IACnBQ,WAAW,EAAET;EACf,CAAC,CAAC;EAEFtB,MAAM,CAACU,GAAG,CACRX,QAAQ,CAACY,KAAK,EACb,oCAAmCe,oBAAqB,IAAGE,MAAM,CAACe,QAAQ,CAAC,CAAE,EAChF,CAAC;EAED,MAAMC,WAAW,GAAG,MAAMpD,yBAAyB,CAAC;IAClDqD,mBAAmB,EAAG,GAAEnB,oBAAqB,IAAGE,MAAM,CAACe,QAAQ,CAAC,CAAE,EAAC;IACnEG,SAAS,EAAE;MACTJ,KAAK,EAAEJ;IACT;EACF,CAAC,CAAC,CAACS,KAAK,CAACzC,oCAAoC,CAAC;EAE9C,MAAM0C,iBAAiB,GAAG,MAAMvD,qBAAqB,CAAC;IACpDwD,MAAM,EAAE7C,aAAa;IACrB8C,gBAAgB,EAAEN,WAAW,CAACM,gBAAgB;IAC9CJ,SAAS,EAAE3C;EACb,CAAC,CAAC;EAEF,OAAOI,kBAAkB,CAACyC,iBAAiB,CAAC;AAC9C,CAAC;AAEH,OAAO,MAAMG,4CAAyG,GACpH,MAAAA,CACEC,aAAa,EACbC,YAAY,EACZC,GAAG,EAAAC,IAAA,KAEA;EAAA,IADH;IAAEC,gBAAgB;IAAEC,SAAS;IAAEnB,QAAQ,GAAGI;EAAM,CAAC,GAAAa,IAAA;EAEjDvD,MAAM,CAACU,GAAG,CACRX,QAAQ,CAACY,KAAK,EACb,sHACH,CAAC;EAED,MAAM+C,eAAe,GAAG,MAAMxD,sBAAsB,CAACyD,iBAAiB,CACpEP,aAAa,CAACQ,UAAU,EACxB,CAAC,CAACH,SAAS,EAAEH,GAAG,CAAC,CACnB,CAAC;EAED,MAAMO,iBAAiB,GAAG;IACxBC,KAAK,EAAEV,aAAa,CAACU,KAAK;IAC1BvC,QAAQ,EAAE6B,aAAa,CAACtB,SAAS;IACjCiC,WAAW,EAAEX,aAAa,CAACY;EAC7B,CAAC;EAED,MAAMC,kBAAkB,GACtB,MAAM/D,sBAAsB,CAACgE,0BAA0B,CACrDR,eAAe,EACfG,iBACF,CAAC;EAEH,MAAMM,oBAAoB,GAAG,MAAMC,0BAA0B,CAAC;IAC5DC,KAAK,EAAEjB,aAAa,CAACiB,KAAK;IAC1BJ,kBAAkB;IAClBT;EACF,CAAC,CAAC;EAEFxD,MAAM,CAACU,GAAG,CACRX,QAAQ,CAACY,KAAK,EACb,2BAA0BwD,oBAAqB,EAClD,CAAC;EAED,MAAMG,YAAY,GAAGjB,YAAY,CAACkB,IAAI,CAACC,IAAI,CAAEC,GAAG,IAAKA,GAAG,CAACC,GAAG,KAAK,KAAK,CAAC;EACvE,IAAI,CAACJ,YAAY,EAAE;IACjB,MAAMrD,YAAY,GAAG,gDAAgD;IACrEjB,MAAM,CAACU,GAAG,CAACX,QAAQ,CAACqB,KAAK,EAAEH,YAAY,CAAC;IACxC,MAAM,IAAIZ,aAAa,CAACY,YAAY,CAAC;EACvC;EAEA,OAAOvB,uCAAuC,CAAC;IAC7CiF,yBAAyB,EAAER,oBAAoB;IAC/CrB,SAAS,EAAE;MACT,GAAG3C,gBAAgB;MACnBuC,KAAK,EAAEJ;IACT,CAAC;IACDsC,GAAG,EAAExB,aAAa,CAACwB,GAAG;IACtBP,KAAK,EAAEjB,aAAa,CAACiB,KAAM;IAC3BQ,uBAAuB,EAAEzB,aAAa,CAACY,YAAY;IACnDc,MAAM,EAAE;MACNC,GAAG,EAAE,OAAO;MACZC,MAAM,EAAE,KAAK;MACbC,SAAS,EAAEX;IACb;EACF,CAAC,CAAC;AACJ,CAAC;;AAEH;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,MAAMlC,0BAA0B,GACrC8C,OAAgB,IACQ;EACxB,MAAMC,aAAa,GAAG7F,wBAAwB,CAAC8F,SAAS,CAACF,OAAO,CAAC;EACjE,IAAI,CAACC,aAAa,CAACE,OAAO,EAAE;IAC1B,MAAMC,OAAO,GAAGjG,uBAAuB,CAAC+F,SAAS,CAACF,OAAO,CAAC;IAC1D,IAAI,CAACI,OAAO,CAACD,OAAO,EAAE;MACpBrF,MAAM,CAACU,GAAG,CACRX,QAAQ,CAACqB,KAAK,EACb,mDAAkD+D,aAAa,CAACI,KAAK,CAACpE,OAAQ,EACjF,CAAC;MACD,MAAM,IAAItB,kBAAkB,CAACsF,aAAa,CAACI,KAAK,CAACpE,OAAO,CAAC,CAAC,CAAC;IAC7D;;IACAnB,MAAM,CAACU,GAAG,CACRX,QAAQ,CAACqB,KAAK,EACb,2CAA0CoE,IAAI,CAACC,SAAS,CAACH,OAAO,CAAE,EACrE,CAAC;IACD,MAAM,IAAIxF,qBAAqB,CAC7BwF,OAAO,CAACI,IAAI,CAACH,KAAK,EAClBD,OAAO,CAACI,IAAI,CAACC,iBACf,CAAC;EACH;EACA,OAAOR,aAAa,CAACO,IAAI;AAC3B,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,MAAMtB,0BAA0B,GAAG,MAAAwB,KAAA,IAQZ;EAAA,IARmB;IACxCvB,KAAK;IACLJ,kBAAkB;IAClBT;EAKF,CAAC,GAAAoC,KAAA;EACC,MAAM;IAAEC;EAAI,CAAC,GAAG,MAAMrC,gBAAgB,CAACsC,YAAY,CAAC,CAAC;EAErD,OAAO,IAAIlG,OAAO,CAAC4D,gBAAgB,CAAC,CACjCuC,kBAAkB,CAAC;IAClBC,GAAG,EAAE,KAAK;IACVH;EACF,CAAC,CAAC,CACDI,UAAU,CAAC;IACV;AACN;AACA;AACA;AACA;IACM,IAAI5B,KAAK,GAAG;MAAEA;IAAM,CAAC,GAAG,CAAC,CAAC,CAAC;IAC3B6B,QAAQ,EAAEjC,kBAAkB,CAACkC,aAAa,CAACC,MAAM,CAC/C,CAACF,QAAQ,EAAAG,KAAA;MAAA,IAAE;QAAEC,YAAY;QAAEC;MAAQ,CAAC,GAAAF,KAAA;MAAA,OAAM;QACxC,GAAGH,QAAQ;QACX,CAACI,YAAY,GAAG,CAACC,OAAO;MAC1B,CAAC;IAAA,CAAC,EACF,CAAC,CACH;EACF,CAAC,CAAC,CACDC,WAAW,CAAC,CAAC,CACbC,iBAAiB,CAAC,IAAI,CAAC,CACvBC,IAAI,CAAC,CAAC;AACX,CAAC"}
1
+ {"version":3,"names":["AuthorizationErrorShape","AuthorizationResultShape","parseUrl","createAuthorizationResponse","parseAuthorizeRequest","fetchAuthorizationResponse","sendAuthorizationResponseAndExtractCode","parseMrtdChallenge","AuthorizationError","AuthorizationIdpError","LogLevel","Logger","RemotePresentation","RemotePresentationFlow","createVerifyJwtFromJwks","partialCallbacks","sdkConfigV1_3","sdkConfigV1_4","IoWalletError","IssuerResponseError","mapToRequestObject","hasStatusOrThrow","continueUserAuthorizationWithMRTDPoPChallenge","authRedirectUrl","log","DEBUG","parsedChallenge","redirectUrl","challenge_info","challengeJwt","err","errorMessage","Error","message","ERROR","buildAuthorizationUrl","issuerRequestUri","clientId","issuerConf","idpHint","authzRequestEndpoint","authorization_endpoint","params","URLSearchParams","client_id","request_uri","append","authUrl","completePidUserAuthorizationWithQueryMode","query","parseAuthorizationResponse","getRequestedCredentialToBePresented","appFetch","arguments","length","undefined","fetch","toString","requestObjectJwt","method","then","res","text","parsedAuthRequest","config","callbacks","verifyJwt","keys","completeUserAuthorizationWithFormPostJwtMode","requestObject","issuerConfig","pid","_ref","authzResponse","processPidPresentationAndCreateAuthzResponse","issuerSigKey","find","key","use","authorizationResponseJarm","jarm","responseJwe","iss","state","presentationResponseUri","response_uri","signer","alg","publicJwk","completeEaaUserAuthorizationWithQueryMode","clientRedirectUri","redirect_uri","response","catch","ok","finalRedirectUri","url","startsWith","authRes","authResParsed","safeParse","success","authErr","error","JSON","stringify","data","error_description","_ref2","dcqlQueryResult","evaluateDcqlQuery","dcql_query","remotePresentation","prepareRemotePresentations","nonce","responseUri","vp_token","presentations","reduce","acc","_ref3","credentialId","vpToken","rpJwks","jwks","encrypted_response_enc_values_supported","encryptJwe","generateRandom"],"sourceRoot":"../../../../../src","sources":["credential/issuance/v1.3.3/03-complete-user-authorization.ts"],"mappings":"AAAA,SACEA,uBAAuB,EACvBC,wBAAwB,QAEnB,qBAAqB;AAC5B,OAAOC,QAAQ,MAAM,WAAW;AAEhC,SACEC,2BAA2B,EAC3BC,qBAAqB,EACrBC,0BAA0B,QAErB,0BAA0B;AACjC,SAASC,uCAAuC,QAAQ,2BAA2B;AAEnF,SAASC,kBAAkB,QAAQ,0BAA0B;AAC7D,SAASC,kBAAkB,EAAEC,qBAAqB,QAAQ,kBAAkB;AAC5E,SAASC,QAAQ,EAAEC,MAAM,QAAQ,wBAAwB;AACzD,SAASC,kBAAkB,IAAIC,sBAAsB,QAAQ,2BAA2B;AACxF,SACEC,uBAAuB,EACvBC,gBAAgB,QACX,0BAA0B;AACjC,SAASC,aAAa,EAAEC,aAAa,QAAQ,uBAAuB;AACpE,SAASC,aAAa,EAAEC,mBAAmB,QAAQ,uBAAuB;AAE1E,SAASC,kBAAkB,QAAQ,WAAW;AAE9C,SAASC,gBAAgB,QAAQ,qBAAqB;AAEtD,OAAO,MAAMC,6CAA2G,GACtH,MAAOC,eAAe,IAAK;EACzBZ,MAAM,CAACa,GAAG,CACRd,QAAQ,CAACe,KAAK,EACd,0GACF,CAAC;EACD,IAAI;IACF,MAAMC,eAAe,GAAGnB,kBAAkB,CAAC;MACzCoB,WAAW,EAAEJ;IACf,CAAC,CAAC;IACF,OAAO;MAAEK,cAAc,EAAEF,eAAe,CAACG;IAAa,CAAC;EACzD,CAAC,CAAC,OAAOC,GAAG,EAAE;IACZ,MAAMC,YAAY,GAChBD,GAAG,YAAYE,KAAK,GAAGF,GAAG,CAACG,OAAO,GAAG,+BAA+B;IACtEtB,MAAM,CAACa,GAAG,CACRd,QAAQ,CAACwB,KAAK,EACb,mDAAkDH,YAAa,EAClE,CAAC;IACD,MAAM,IAAIvB,kBAAkB,CAACuB,YAAY,CAAC;EAC5C;AACF,CAAC;AAEH,OAAO,MAAMI,qBAA2D,GACtE,MAAAA,CAAOC,gBAAgB,EAAEC,QAAQ,EAAEC,UAAU,EAAEC,OAAO,KAAK;EACzD,MAAMC,oBAAoB,GAAGF,UAAU,CAACG,sBAAsB;EAE9D,MAAMC,MAAM,GAAG,IAAIC,eAAe,CAAC;IACjCC,SAAS,EAAEP,QAAQ;IACnBQ,WAAW,EAAET;EACf,CAAC,CAAC;EAEF,IAAIG,OAAO,EAAE;IACXG,MAAM,CAACI,MAAM,CAAC,SAAS,EAAEP,OAAO,CAAC;EACnC;EAEA,MAAMQ,OAAO,GAAI,GAAEP,oBAAqB,IAAGE,MAAO,EAAC;EAEnD,OAAO;IAAEK;EAAQ,CAAC;AACpB,CAAC;AAEH,OAAO,MAAMC,yCAAmG,GAC9G,MAAOzB,eAAe,IAAK;EACzBZ,MAAM,CAACa,GAAG,CACRd,QAAQ,CAACe,KAAK,EACd,sFACF,CAAC;EACD,MAAMwB,KAAK,GAAG/C,QAAQ,CAACqB,eAAe,CAAC,CAAC0B,KAAK;EAE7C,OAAOC,0BAA0B,CAACD,KAAK,CAAC;AAC1C,CAAC;AAEH,OAAO,MAAME,mCAAuF,GAClG,eAAAA,CAAOf,gBAAgB,EAAEC,QAAQ,EAAEC,UAAU,EAAuB;EAAA,IAArBc,QAAQ,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAGG,KAAK;EAC7D7C,MAAM,CAACa,GAAG,CACRd,QAAQ,CAACe,KAAK,EACd,kFACF,CAAC;EAED,MAAMe,oBAAoB,GAAGF,UAAU,CAACG,sBAAsB;EAC9D,MAAMC,MAAM,GAAG,IAAIC,eAAe,CAAC;IACjCC,SAAS,EAAEP,QAAQ;IACnBQ,WAAW,EAAET;EACf,CAAC,CAAC;EAEFzB,MAAM,CAACa,GAAG,CACRd,QAAQ,CAACe,KAAK,EACb,oCAAmCe,oBAAqB,IAAGE,MAAM,CAACe,QAAQ,CAAC,CAAE,EAChF,CAAC;EAED,MAAMC,gBAAgB,GAAG,MAAMN,QAAQ,CACpC,GAAEZ,oBAAqB,IAAGE,MAAM,CAACe,QAAQ,CAAC,CAAE,EAAC,EAC9C;IAAEE,MAAM,EAAE;EAAM,CAClB,CAAC,CACEC,IAAI,CAACvC,gBAAgB,CAAC,GAAG,EAAEF,mBAAmB,CAAC,CAAC,CAChDyC,IAAI,CAAEC,GAAG,IAAKA,GAAG,CAACC,IAAI,CAAC,CAAC,CAAC;EAE5B,MAAMC,iBAAiB,GAAG,MAAM3D,qBAAqB,CAAC;IACpD4D,MAAM,EAAEhD,aAAa;IACrB0C,gBAAgB;IAChBO,SAAS,EAAE;MACTC,SAAS,EAAEpD,uBAAuB,CAACwB,UAAU,CAAC6B,IAAI;IACpD;EACF,CAAC,CAAC;EAEF,OAAO/C,kBAAkB,CAAC2C,iBAAiB,CAAC;AAC9C,CAAC;;AAEH;AACA,OAAO,MAAMK,4CAAyG,GACpH,MAAAA,CAAOC,aAAa,EAAEC,YAAY,EAAEC,GAAG,EAAAC,IAAA,KAA2B;EAAA,IAAzB;IAAEpB,QAAQ,GAAGI;EAAM,CAAC,GAAAgB,IAAA;EAC3D7D,MAAM,CAACa,GAAG,CACRd,QAAQ,CAACe,KAAK,EACd,kGACF,CAAC;EAED,MAAMgD,aAAa,GAAG,MAAMC,4CAA4C,CAAC;IACvEL,aAAa;IACbC,YAAY;IACZC;EACF,CAAC,CAAC;EAEF5D,MAAM,CAACa,GAAG,CAACd,QAAQ,CAACe,KAAK,EAAG,mBAAkBgD,aAAc,EAAC,CAAC;EAE9D,MAAME,YAAY,GAAGL,YAAY,CAACH,IAAI,CAACS,IAAI,CAAEC,GAAG,IAAKA,GAAG,CAACC,GAAG,KAAK,KAAK,CAAC;EACvE,IAAI,CAACH,YAAY,EAAE;IACjB,MAAM5C,YAAY,GAAG,gDAAgD;IACrEpB,MAAM,CAACa,GAAG,CAACd,QAAQ,CAACwB,KAAK,EAAEH,YAAY,CAAC;IACxC,MAAM,IAAIb,aAAa,CAACa,YAAY,CAAC;EACvC;EAEA,OAAOzB,uCAAuC,CAAC;IAC7CyE,yBAAyB,EAAEN,aAAa,CAACO,IAAI,CAACC,WAAW;IACzDhB,SAAS,EAAE;MACT,GAAGlD,gBAAgB;MACnByC,KAAK,EAAEJ;IACT,CAAC;IACD8B,GAAG,EAAEb,aAAa,CAACa,GAAG;IACtBC,KAAK,EAAEd,aAAa,CAACc,KAAK,IAAI,EAAE;IAChCC,uBAAuB,EAAEf,aAAa,CAACgB,YAAY;IACnDC,MAAM,EAAE;MACNC,GAAG,EAAE,OAAO;MACZ5B,MAAM,EAAE,KAAK;MACb6B,SAAS,EAAEb;IACb;EACF,CAAC,CAAC;AACJ,CAAC;AAEH,OAAO,MAAMc,yCAAmG,GAC9G,eAAAA,CACEpB,aAAa,EACbC,YAAY,EACZC,GAAG,EACHmB,iBAAiB,EAEd;EAAA,IADH;IAAEtC,QAAQ,GAAGI;EAAM,CAAC,GAAAH,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,CAAC,CAAC;EAEzB1C,MAAM,CAACa,GAAG,CACRd,QAAQ,CAACe,KAAK,EACd,0FACF,CAAC;EAED,MAAMgD,aAAa,GAAG,MAAMC,4CAA4C,CAAC;IACvEL,aAAa;IACbC,YAAY;IACZC;EACF,CAAC,CAAC;EAEF5D,MAAM,CAACa,GAAG,CAACd,QAAQ,CAACe,KAAK,EAAG,mBAAkBgD,aAAc,EAAC,CAAC;EAE9D,MAAM;IAAEkB;EAAa,CAAC,GAAG,MAAMtF,0BAA0B,CAAC;IACxD0E,yBAAyB,EAAEN,aAAa,CAACO,IAAI,CAACC,WAAW;IACzDG,uBAAuB,EAAEf,aAAa,CAACgB,YAAY;IACnDpB,SAAS,EAAE;MACT,GAAGlD,gBAAgB;MACnByC,KAAK,EAAEJ;IACT;EACF,CAAC,CAAC;EAEF,IAAI,CAACuC,YAAY,EAAE;IACjB,MAAM5D,YAAY,GAChB,2FAA2F;IAC7FpB,MAAM,CAACa,GAAG,CAACd,QAAQ,CAACwB,KAAK,EAAEH,YAAY,CAAC;IACxC,MAAM,IAAIvB,kBAAkB,CAACuB,YAAY,CAAC;EAC5C;EAEA,MAAM6D,QAAQ,GAAG,MAAMxC,QAAQ,CAACuC,YAAY,CAAC,CAACE,KAAK,CAAC,MAAM,IAAI,CAAC;EAE/D,IAAI,CAACD,QAAQ,IAAI,CAACA,QAAQ,CAACE,EAAE,EAAE;IAC7B,MAAM/D,YAAY,GAAI,qEAAoE2D,iBAAkB,mCAAkC;IAC9I/E,MAAM,CAACa,GAAG,CAACd,QAAQ,CAACwB,KAAK,EAAEH,YAAY,CAAC;IACxC,MAAM,IAAIvB,kBAAkB,CAACuB,YAAY,CAAC;EAC5C;EAEA,MAAMgE,gBAAgB,GAAGH,QAAQ,CAACI,GAAG;EAErC,IAAI,CAACD,gBAAgB,IAAI,CAACA,gBAAgB,CAACE,UAAU,CAACP,iBAAiB,CAAC,EAAE;IACxE,MAAM3D,YAAY,GAAI,4FAA2F2D,iBAAkB,UAASK,gBAAiB,EAAC;IAC9JpF,MAAM,CAACa,GAAG,CAACd,QAAQ,CAACwB,KAAK,EAAEH,YAAY,CAAC;IACxC,MAAM,IAAIvB,kBAAkB,CAACuB,YAAY,CAAC;EAC5C;EAEA,OAAOmB,0BAA0B,CAAChD,QAAQ,CAAC6F,gBAAgB,CAAC,CAAC9C,KAAK,CAAC;AACrE,CAAC;;AAEH;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,MAAMC,0BAA0B,GACrCgD,OAAgB,IACQ;EACxB,MAAMC,aAAa,GAAGlG,wBAAwB,CAACmG,SAAS,CAACF,OAAO,CAAC;EACjE,IAAI,CAACC,aAAa,CAACE,OAAO,EAAE;IAC1B,MAAMC,OAAO,GAAGtG,uBAAuB,CAACoG,SAAS,CAACF,OAAO,CAAC;IAC1D,IAAI,CAACI,OAAO,CAACD,OAAO,EAAE;MACpB1F,MAAM,CAACa,GAAG,CACRd,QAAQ,CAACwB,KAAK,EACb,mDAAkDiE,aAAa,CAACI,KAAK,CAACtE,OAAQ,EACjF,CAAC;MACD,MAAM,IAAIzB,kBAAkB,CAAC2F,aAAa,CAACI,KAAK,CAACtE,OAAO,CAAC,CAAC,CAAC;IAC7D;;IACAtB,MAAM,CAACa,GAAG,CACRd,QAAQ,CAACwB,KAAK,EACb,2CAA0CsE,IAAI,CAACC,SAAS,CAACH,OAAO,CAAE,EACrE,CAAC;IACD,MAAM,IAAI7F,qBAAqB,CAC7B6F,OAAO,CAACI,IAAI,CAACH,KAAK,EAClBD,OAAO,CAACI,IAAI,CAACC,iBACf,CAAC;EACH;EACA,OAAOR,aAAa,CAACO,IAAI;AAC3B,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA,MAAMhC,4CAA4C,GAAG,MAAAkC,KAAA,IAQH;EAAA,IARU;IAC1DvC,aAAa;IACbC,YAAY;IACZC;EAKF,CAAC,GAAAqC,KAAA;EACC,MAAMC,eAAe,GAAG,MAAMhG,sBAAsB,CAACiG,iBAAiB,CACpEzC,aAAa,CAAC0C,UAAU,EACxB,CAACxC,GAAG,CACN,CAAC;EAED,MAAMyC,kBAAkB,GACtB,MAAMnG,sBAAsB,CAACoG,0BAA0B,CAACJ,eAAe,EAAE;IACvExE,QAAQ,EAAEgC,aAAa,CAACzB,SAAS;IACjCsE,KAAK,EAAE7C,aAAa,CAAC6C,KAAK;IAC1BC,WAAW,EAAE9C,aAAa,CAACgB;EAC7B,CAAC,CAAC;EAEJ,MAAM+B,QAAQ,GAAGJ,kBAAkB,CAACK,aAAa,CAACC,MAAM,CACtD,CAACC,GAAG,EAAAC,KAAA;IAAA,IAAE;MAAEC,YAAY;MAAEC;IAAQ,CAAC,GAAAF,KAAA;IAAA,OAAM;MAAE,GAAGD,GAAG;MAAE,CAACE,YAAY,GAAG,CAACC,OAAO;IAAE,CAAC;EAAA,CAAC,EAC3E,CAAC,CACH,CAAC;EAED,OAAOvH,2BAA2B,CAAC;IACjC;IACA;IACA6D,MAAM,EAAE/C,aAAa;IACrBoD,aAAa;IACbsD,MAAM,EAAE;MACNC,IAAI,EAAE;QAAEzD,IAAI,EAAEG,YAAY,CAACH;MAAK,CAAkB;MAClD0D,uCAAuC,EACrCvD,YAAY,CAACuD;IACjB,CAAC;IACDT,QAAQ;IACRnD,SAAS,EAAE;MACT6D,UAAU,EAAE/G,gBAAgB,CAAC+G,UAAU;MACvCC,cAAc,EAAEhH,gBAAgB,CAACgH;IACnC;EACF,CAAC,CAAC;AACJ,CAAC"}
package/lib/module/credential/issuance/v1.3.3/04-authorize-access.js CHANGED
@@ -1,10 +1,8 @@
1
- import { SignJWT } from "@pagopa/io-react-native-jwt";
2
- import { createTokenDPoP, fetchTokenResponse } from "@pagopa/io-wallet-oauth2";
1
+ import { createClientAttestationPopJwt, createTokenDPoP, fetchTokenResponse } from "@pagopa/io-wallet-oauth2";
3
2
  import { v4 as uuidv4 } from "uuid";
4
- import { createPopToken } from "../../../utils/pop";
5
- import * as WalletInstanceAttestation from "../../../wallet-instance-attestation/v1.0.0/utils";
6
- import { partialCallbacks } from "../../../utils/callbacks";
3
+ import { createSignJwtFromCryptoContext, partialCallbacks } from "../../../utils/callbacks";
7
4
  import { IoWalletError } from "../../../utils/errors";
5
+ import { sdkConfigV1_3 } from "../../../utils/config";
8
6
  export const authorizeAccess = async (issuerConf, code, redirectUri, codeVerifier, context) => {
9
7
  const {
10
8
  appFetch = fetch,
@@ -12,31 +10,36 @@ export const authorizeAccess = async (issuerConf, code, redirectUri, codeVerifie
12
10
  wiaCryptoContext,
13
11
  dPopCryptoContext
14
12
  } = context;
15
- const dPopSignerJwk = await dPopCryptoContext.getPublicKey();
16
13
  const tokenDPoP = await createTokenDPoP({
17
14
  callbacks: {
18
15
  ...partialCallbacks,
19
- signJwt: async (_, payload) => ({
20
- jwt: await new SignJWT(wiaCryptoContext).setPayload(payload).sign(),
21
- signerJwk: dPopSignerJwk
22
- })
16
+ signJwt: createSignJwtFromCryptoContext(dPopCryptoContext)
23
17
  },
24
18
  signer: {
25
- alg: "ES256",
26
19
  method: "jwk",
27
- publicJwk: dPopSignerJwk
20
+ alg: "ES256",
21
+ publicJwk: await dPopCryptoContext.getPublicKey()
28
22
  },
23
+ jti: uuidv4(),
29
24
  tokenRequest: {
30
25
  method: "POST",
31
26
  url: issuerConf.token_endpoint
32
27
  }
33
28
  });
34
- const iss = WalletInstanceAttestation.decode(walletInstanceAttestation).payload.cnf.jwk.kid;
35
- const signedWiaPoP = await createPopToken({
36
- jti: uuidv4(),
37
- aud: issuerConf.credential_issuer,
38
- iss
39
- }, wiaCryptoContext);
29
+ const clientAttestationDPoP = await createClientAttestationPopJwt({
30
+ config: sdkConfigV1_3,
31
+ callbacks: {
32
+ generateRandom: partialCallbacks.generateRandom,
33
+ signJwt: createSignJwtFromCryptoContext(wiaCryptoContext)
34
+ },
35
+ clientAttestation: walletInstanceAttestation,
36
+ authorizationServer: issuerConf.credential_issuer,
37
+ signer: {
38
+ method: "jwk",
39
+ alg: "ES256",
40
+ publicJwk: await wiaCryptoContext.getPublicKey()
41
+ }
42
+ });
40
43
  const tokenResponse = await fetchTokenResponse({
41
44
  accessTokenEndpoint: issuerConf.token_endpoint,
42
45
  callbacks: {
@@ -45,7 +48,7 @@ export const authorizeAccess = async (issuerConf, code, redirectUri, codeVerifie
45
48
  },
46
49
  walletAttestation: walletInstanceAttestation,
47
50
  dPoP: tokenDPoP.jwt,
48
- clientAttestationDPoP: signedWiaPoP,
51
+ clientAttestationDPoP,
49
52
  accessTokenRequest: {
50
53
  code,
51
54
  grant_type: "authorization_code",
package/lib/module/credential/issuance/v1.3.3/04-authorize-access.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"names":["SignJWT","createTokenDPoP","fetchTokenResponse","v4","uuidv4","createPopToken","WalletInstanceAttestation","partialCallbacks","IoWalletError","authorizeAccess","issuerConf","code","redirectUri","codeVerifier","context","appFetch","fetch","walletInstanceAttestation","wiaCryptoContext","dPopCryptoContext","dPopSignerJwk","getPublicKey","tokenDPoP","callbacks","signJwt","_","payload","jwt","setPayload","sign","signerJwk","signer","alg","method","publicJwk","tokenRequest","url","token_endpoint","iss","decode","cnf","jwk","kid","signedWiaPoP","jti","aud","credential_issuer","tokenResponse","accessTokenEndpoint","walletAttestation","dPoP","clientAttestationDPoP","accessTokenRequest","grant_type","code_verifier","redirect_uri","authorization_details","accessToken"],"sourceRoot":"../../../../../src","sources":["credential/issuance/v1.3.3/04-authorize-access.ts"],"mappings":"AAAA,SAASA,OAAO,QAAQ,6BAA6B;AACrD,SAASC,eAAe,EAAEC,kBAAkB,QAAQ,0BAA0B;AAC9E,SAASC,EAAE,IAAIC,MAAM,QAAQ,MAAM;AACnC,SAASC,cAAc,QAAQ,oBAAoB;AACnD,OAAO,KAAKC,yBAAyB,MAAM,mDAAmD;AAC9F,SAASC,gBAAgB,QAAQ,0BAA0B;AAC3D,SAASC,aAAa,QAAQ,uBAAuB;AAGrD,OAAO,MAAMC,eAA+C,GAAG,MAAAA,CAC7DC,UAAU,EACVC,IAAI,EACJC,WAAW,EACXC,YAAY,EACZC,OAAO,KACJ;EACH,MAAM;IACJC,QAAQ,GAAGC,KAAK;IAChBC,yBAAyB;IACzBC,gBAAgB;IAChBC;EACF,CAAC,GAAGL,OAAO;EAEX,MAAMM,aAAa,GAAG,MAAMD,iBAAiB,CAACE,YAAY,CAAC,CAAC;EAC5D,MAAMC,SAAS,GAAG,MAAMrB,eAAe,CAAC;IACtCsB,SAAS,EAAE;MACT,GAAGhB,gBAAgB;MACnBiB,OAAO,EAAE,MAAAA,CAAOC,CAAC,EAAEC,OAAO,MAAM;QAC9BC,GAAG,EAAE,MAAM,IAAI3B,OAAO,CAACkB,gBAAgB,CAAC,CAACU,UAAU,CAACF,OAAO,CAAC,CAACG,IAAI,CAAC,CAAC;QACnEC,SAAS,EAAEV;MACb,CAAC;IACH,CAAC;IACDW,MAAM,EAAE;MACNC,GAAG,EAAE,OAAO;MACZC,MAAM,EAAE,KAAK;MACbC,SAAS,EAAEd;IACb,CAAC;IACDe,YAAY,EAAE;MACZF,MAAM,EAAE,MAAM;MACdG,GAAG,EAAE1B,UAAU,CAAC2B;IAClB;EACF,CAAC,CAAC;EAEF,MAAMC,GAAG,GAAGhC,yBAAyB,CAACiC,MAAM,CAACtB,yBAAyB,CAAC,CACpES,OAAO,CAACc,GAAG,CAACC,GAAG,CAACC,GAAG;EAEtB,MAAMC,YAAY,GAAG,MAAMtC,cAAc,CACvC;IACEuC,GAAG,EAAExC,MAAM,CAAC,CAAC;IACbyC,GAAG,EAAEnC,UAAU,CAACoC,iBAAiB;IACjCR;EACF,CAAC,EACDpB,gBACF,CAAC;EAED,MAAM6B,aAAa,GAAG,MAAM7C,kBAAkB,CAAC;IAC7C8C,mBAAmB,EAAEtC,UAAU,CAAC2B,cAAc;IAC9Cd,SAAS,EAAE;MACT,GAAGhB,gBAAgB;MACnBS,KAAK,EAAED;IACT,CAAC;IACDkC,iBAAiB,EAAEhC,yBAAyB;IAC5CiC,IAAI,EAAE5B,SAAS,CAACK,GAAG;IACnBwB,qBAAqB,EAAER,YAAY;IACnCS,kBAAkB,EAAE;MAClBzC,IAAI;MACJ0C,UAAU,EAAE,oBAAoB;MAChCC,aAAa,EAAEzC,YAAY;MAC3B0C,YAAY,EAAE3C;IAChB;EACF,CAAC,CAAC;;EAEF;EACA;EACA,IAAI,CAACmC,aAAa,CAACS,qBAAqB,EAAE;IACxC,MAAM,IAAIhD,aAAa,CACrB,6DACF,CAAC;EACH;EAEA,OAAO;IACLiD,WAAW,EAAEV;EACf,CAAC;AACH,CAAC"}
1
+ {"version":3,"names":["createClientAttestationPopJwt","createTokenDPoP","fetchTokenResponse","v4","uuidv4","createSignJwtFromCryptoContext","partialCallbacks","IoWalletError","sdkConfigV1_3","authorizeAccess","issuerConf","code","redirectUri","codeVerifier","context","appFetch","fetch","walletInstanceAttestation","wiaCryptoContext","dPopCryptoContext","tokenDPoP","callbacks","signJwt","signer","method","alg","publicJwk","getPublicKey","jti","tokenRequest","url","token_endpoint","clientAttestationDPoP","config","generateRandom","clientAttestation","authorizationServer","credential_issuer","tokenResponse","accessTokenEndpoint","walletAttestation","dPoP","jwt","accessTokenRequest","grant_type","code_verifier","redirect_uri","authorization_details","accessToken"],"sourceRoot":"../../../../../src","sources":["credential/issuance/v1.3.3/04-authorize-access.ts"],"mappings":"AAAA,SACEA,6BAA6B,EAC7BC,eAAe,EACfC,kBAAkB,QACb,0BAA0B;AACjC,SAASC,EAAE,IAAIC,MAAM,QAAQ,MAAM;AACnC,SACEC,8BAA8B,EAC9BC,gBAAgB,QACX,0BAA0B;AACjC,SAASC,aAAa,QAAQ,uBAAuB;AACrD,SAASC,aAAa,QAAQ,uBAAuB;AAGrD,OAAO,MAAMC,eAA+C,GAAG,MAAAA,CAC7DC,UAAU,EACVC,IAAI,EACJC,WAAW,EACXC,YAAY,EACZC,OAAO,KACJ;EACH,MAAM;IACJC,QAAQ,GAAGC,KAAK;IAChBC,yBAAyB;IACzBC,gBAAgB;IAChBC;EACF,CAAC,GAAGL,OAAO;EAEX,MAAMM,SAAS,GAAG,MAAMnB,eAAe,CAAC;IACtCoB,SAAS,EAAE;MACT,GAAGf,gBAAgB;MACnBgB,OAAO,EAAEjB,8BAA8B,CAACc,iBAAiB;IAC3D,CAAC;IACDI,MAAM,EAAE;MACNC,MAAM,EAAE,KAAK;MACbC,GAAG,EAAE,OAAO;MACZC,SAAS,EAAE,MAAMP,iBAAiB,CAACQ,YAAY,CAAC;IAClD,CAAC;IACDC,GAAG,EAAExB,MAAM,CAAC,CAAC;IACbyB,YAAY,EAAE;MACZL,MAAM,EAAE,MAAM;MACdM,GAAG,EAAEpB,UAAU,CAACqB;IAClB;EACF,CAAC,CAAC;EAEF,MAAMC,qBAAqB,GAAG,MAAMhC,6BAA6B,CAAC;IAChEiC,MAAM,EAAEzB,aAAa;IACrBa,SAAS,EAAE;MACTa,cAAc,EAAE5B,gBAAgB,CAAC4B,cAAc;MAC/CZ,OAAO,EAAEjB,8BAA8B,CAACa,gBAAgB;IAC1D,CAAC;IACDiB,iBAAiB,EAAElB,yBAAyB;IAC5CmB,mBAAmB,EAAE1B,UAAU,CAAC2B,iBAAiB;IACjDd,MAAM,EAAE;MACNC,MAAM,EAAE,KAAK;MACbC,GAAG,EAAE,OAAO;MACZC,SAAS,EAAE,MAAMR,gBAAgB,CAACS,YAAY,CAAC;IACjD;EACF,CAAC,CAAC;EAEF,MAAMW,aAAa,GAAG,MAAMpC,kBAAkB,CAAC;IAC7CqC,mBAAmB,EAAE7B,UAAU,CAACqB,cAAc;IAC9CV,SAAS,EAAE;MACT,GAAGf,gBAAgB;MACnBU,KAAK,EAAED;IACT,CAAC;IACDyB,iBAAiB,EAAEvB,yBAAyB;IAC5CwB,IAAI,EAAErB,SAAS,CAACsB,GAAG;IACnBV,qBAAqB;IACrBW,kBAAkB,EAAE;MAClBhC,IAAI;MACJiC,UAAU,EAAE,oBAAoB;MAChCC,aAAa,EAAEhC,YAAY;MAC3BiC,YAAY,EAAElC;IAChB;EACF,CAAC,CAAC;;EAEF;EACA;EACA,IAAI,CAAC0B,aAAa,CAACS,qBAAqB,EAAE;IACxC,MAAM,IAAIxC,aAAa,CACrB,6DACF,CAAC;EACH;EAEA,OAAO;IACLyC,WAAW,EAAEV;EACf,CAAC;AACH,CAAC"}