@pagopa/io-wallet-utils 1.2.0 → 1.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (7) hide show
  1. package/dist/index.d.mts +20 -2
  2. package/dist/index.d.ts +20 -2
  3. package/dist/index.js +25 -2
  4. package/dist/index.js.map +1 -1
  5. package/dist/index.mjs +23 -1
  6. package/dist/index.mjs.map +1 -1
  7. package/package.json +3 -2
package/dist/index.d.mts CHANGED
@@ -1,4 +1,5 @@
1
1
  import z$1, { ZodError, z } from 'zod';
2
+ export { CallbackContext, HashAlgorithm, HashCallback, JwtSignerJwk, calculateJwkThumbprint, decodeJwt } from '@openid4vc/oauth2';
2
3
  export { ContentType, Fetch, JsonParseError, addSecondsToDate, createFetcher, dateToSeconds, decodeBase64, decodeUtf8String, encodeToBase64Url, encodeToUtf8String, objectToQueryParams, parseIfJson, setGlobalConfig, stringToJsonWithErrorHandling } from '@openid4vc/utils';
3
4
 
4
5
  /**
@@ -6,7 +7,8 @@ export { ContentType, Fetch, JsonParseError, addSecondsToDate, createFetcher, da
6
7
  */
7
8
  declare enum ItWalletSpecsVersion {
8
9
  V1_0 = "V1_0",
9
- V1_3 = "V1_3"
10
+ V1_3 = "V1_3",
11
+ V1_4 = "V1_4"
10
12
  }
11
13
  /**
12
14
  * Configuration options for the IO Wallet SDK
@@ -153,6 +155,21 @@ declare const hasStatusOrThrow: (status: number | number[], customError?: typeof
153
155
  */
154
156
  declare const parseRawHttpResponse: <T extends Record<string, unknown>>(response: Response) => Promise<T> | Promise<string>;
155
157
 
158
+ /**
159
+ * For the moment, these are all the supported algorithms in both
160
+ * {@link https://italia.github.io/eid-wallet-it-docs/releases/1.3.3/en/algorithms.html#cryptographic-algorithms|v1.3.3} and
161
+ * {@link https://italia.github.io/eid-wallet-it-docs/releases/1.0.2/en/algorithms.html#cryptographic-algorithms|v1.0.2},
162
+ * and in both specifications the `alg` field MUST be one of those values.
163
+ */
164
+ declare const zItwSupportedSignatureAlg: z$1.ZodEnum<{
165
+ ES256: "ES256";
166
+ ES384: "ES384";
167
+ ES512: "ES512";
168
+ PS256: "PS256";
169
+ PS384: "PS384";
170
+ PS512: "PS512";
171
+ }>;
172
+ type ItwSupportedSignatureAlg = z$1.infer<typeof zItwSupportedSignatureAlg>;
156
173
  declare const zHttpMethod: z$1.ZodEnum<{
157
174
  GET: "GET";
158
175
  POST: "POST";
@@ -175,10 +192,11 @@ interface RequestLike {
175
192
 
176
193
  type BaseSchema = z.ZodTypeAny;
177
194
  declare function parseWithErrorHandling<Schema extends BaseSchema>(schema: Schema, data: unknown, customErrorMessage?: string): z.infer<Schema>;
195
+ declare function formatError(message: string, prefix?: string): string;
178
196
 
179
197
  declare function verifyJwtIatOrThrow(options: {
180
198
  iat: number;
181
199
  now?: Date;
182
200
  }): void;
183
201
 
184
- export { type BaseSchema, CLOCK_SKEW_TOLERANCE_SECONDS, CONTENT_TYPES, type FetchHeaders, HEADERS, type HttpMethod, IoWalletSdkConfig, type IoWalletSdkConfigOptions, ItWalletSpecsVersion, ItWalletSpecsVersionError, MAX_IAT_AGE_SECONDS, type RequestLike, UnexpectedStatusCodeError, ValidationError, formatZodError, hasConfigVersion, hasStatusOrThrow, parseRawHttpResponse, parseWithErrorHandling, serializeAttrs, verifyJwtIatOrThrow, zHttpMethod };
202
+ export { type BaseSchema, CLOCK_SKEW_TOLERANCE_SECONDS, CONTENT_TYPES, type FetchHeaders, HEADERS, type HttpMethod, IoWalletSdkConfig, type IoWalletSdkConfigOptions, ItWalletSpecsVersion, ItWalletSpecsVersionError, type ItwSupportedSignatureAlg, MAX_IAT_AGE_SECONDS, type RequestLike, UnexpectedStatusCodeError, ValidationError, formatError, formatZodError, hasConfigVersion, hasStatusOrThrow, parseRawHttpResponse, parseWithErrorHandling, serializeAttrs, verifyJwtIatOrThrow, zHttpMethod, zItwSupportedSignatureAlg };
package/dist/index.d.ts CHANGED
@@ -1,4 +1,5 @@
1
1
  import z$1, { ZodError, z } from 'zod';
2
+ export { CallbackContext, HashAlgorithm, HashCallback, JwtSignerJwk, calculateJwkThumbprint, decodeJwt } from '@openid4vc/oauth2';
2
3
  export { ContentType, Fetch, JsonParseError, addSecondsToDate, createFetcher, dateToSeconds, decodeBase64, decodeUtf8String, encodeToBase64Url, encodeToUtf8String, objectToQueryParams, parseIfJson, setGlobalConfig, stringToJsonWithErrorHandling } from '@openid4vc/utils';
3
4
 
4
5
  /**
@@ -6,7 +7,8 @@ export { ContentType, Fetch, JsonParseError, addSecondsToDate, createFetcher, da
6
7
  */
7
8
  declare enum ItWalletSpecsVersion {
8
9
  V1_0 = "V1_0",
9
- V1_3 = "V1_3"
10
+ V1_3 = "V1_3",
11
+ V1_4 = "V1_4"
10
12
  }
11
13
  /**
12
14
  * Configuration options for the IO Wallet SDK
@@ -153,6 +155,21 @@ declare const hasStatusOrThrow: (status: number | number[], customError?: typeof
153
155
  */
154
156
  declare const parseRawHttpResponse: <T extends Record<string, unknown>>(response: Response) => Promise<T> | Promise<string>;
155
157
 
158
+ /**
159
+ * For the moment, these are all the supported algorithms in both
160
+ * {@link https://italia.github.io/eid-wallet-it-docs/releases/1.3.3/en/algorithms.html#cryptographic-algorithms|v1.3.3} and
161
+ * {@link https://italia.github.io/eid-wallet-it-docs/releases/1.0.2/en/algorithms.html#cryptographic-algorithms|v1.0.2},
162
+ * and in both specifications the `alg` field MUST be one of those values.
163
+ */
164
+ declare const zItwSupportedSignatureAlg: z$1.ZodEnum<{
165
+ ES256: "ES256";
166
+ ES384: "ES384";
167
+ ES512: "ES512";
168
+ PS256: "PS256";
169
+ PS384: "PS384";
170
+ PS512: "PS512";
171
+ }>;
172
+ type ItwSupportedSignatureAlg = z$1.infer<typeof zItwSupportedSignatureAlg>;
156
173
  declare const zHttpMethod: z$1.ZodEnum<{
157
174
  GET: "GET";
158
175
  POST: "POST";
@@ -175,10 +192,11 @@ interface RequestLike {
175
192
 
176
193
  type BaseSchema = z.ZodTypeAny;
177
194
  declare function parseWithErrorHandling<Schema extends BaseSchema>(schema: Schema, data: unknown, customErrorMessage?: string): z.infer<Schema>;
195
+ declare function formatError(message: string, prefix?: string): string;
178
196
 
179
197
  declare function verifyJwtIatOrThrow(options: {
180
198
  iat: number;
181
199
  now?: Date;
182
200
  }): void;
183
201
 
184
- export { type BaseSchema, CLOCK_SKEW_TOLERANCE_SECONDS, CONTENT_TYPES, type FetchHeaders, HEADERS, type HttpMethod, IoWalletSdkConfig, type IoWalletSdkConfigOptions, ItWalletSpecsVersion, ItWalletSpecsVersionError, MAX_IAT_AGE_SECONDS, type RequestLike, UnexpectedStatusCodeError, ValidationError, formatZodError, hasConfigVersion, hasStatusOrThrow, parseRawHttpResponse, parseWithErrorHandling, serializeAttrs, verifyJwtIatOrThrow, zHttpMethod };
202
+ export { type BaseSchema, CLOCK_SKEW_TOLERANCE_SECONDS, CONTENT_TYPES, type FetchHeaders, HEADERS, type HttpMethod, IoWalletSdkConfig, type IoWalletSdkConfigOptions, ItWalletSpecsVersion, ItWalletSpecsVersionError, type ItwSupportedSignatureAlg, MAX_IAT_AGE_SECONDS, type RequestLike, UnexpectedStatusCodeError, ValidationError, formatError, formatZodError, hasConfigVersion, hasStatusOrThrow, parseRawHttpResponse, parseWithErrorHandling, serializeAttrs, verifyJwtIatOrThrow, zHttpMethod, zItwSupportedSignatureAlg };
package/dist/index.js CHANGED
@@ -34,6 +34,7 @@ __export(index_exports, {
34
34
  CONTENT_TYPES: () => CONTENT_TYPES,
35
35
  ContentType: () => import_utils.ContentType,
36
36
  HEADERS: () => HEADERS,
37
+ HashAlgorithm: () => import_oauth2.HashAlgorithm,
37
38
  IoWalletSdkConfig: () => IoWalletSdkConfig,
38
39
  ItWalletSpecsVersion: () => ItWalletSpecsVersion,
39
40
  ItWalletSpecsVersionError: () => ItWalletSpecsVersionError,
@@ -42,12 +43,15 @@ __export(index_exports, {
42
43
  UnexpectedStatusCodeError: () => UnexpectedStatusCodeError,
43
44
  ValidationError: () => ValidationError,
44
45
  addSecondsToDate: () => import_utils.addSecondsToDate,
46
+ calculateJwkThumbprint: () => import_oauth2.calculateJwkThumbprint,
45
47
  createFetcher: () => import_utils.createFetcher,
46
48
  dateToSeconds: () => import_utils.dateToSeconds,
47
49
  decodeBase64: () => import_utils.decodeBase64,
50
+ decodeJwt: () => import_oauth2.decodeJwt,
48
51
  decodeUtf8String: () => import_utils.decodeUtf8String,
49
52
  encodeToBase64Url: () => import_utils.encodeToBase64Url,
50
53
  encodeToUtf8String: () => import_utils.encodeToUtf8String,
54
+ formatError: () => formatError,
51
55
  formatZodError: () => formatZodError,
52
56
  hasConfigVersion: () => hasConfigVersion,
53
57
  hasStatusOrThrow: () => hasStatusOrThrow,
@@ -59,7 +63,8 @@ __export(index_exports, {
59
63
  setGlobalConfig: () => import_utils.setGlobalConfig,
60
64
  stringToJsonWithErrorHandling: () => import_utils.stringToJsonWithErrorHandling,
61
65
  verifyJwtIatOrThrow: () => verifyJwtIatOrThrow,
62
- zHttpMethod: () => zHttpMethod
66
+ zHttpMethod: () => zHttpMethod,
67
+ zItwSupportedSignatureAlg: () => zItwSupportedSignatureAlg
63
68
  });
64
69
  module.exports = __toCommonJS(index_exports);
65
70
 
@@ -67,6 +72,7 @@ module.exports = __toCommonJS(index_exports);
67
72
  var ItWalletSpecsVersion = /* @__PURE__ */ ((ItWalletSpecsVersion2) => {
68
73
  ItWalletSpecsVersion2["V1_0"] = "V1_0";
69
74
  ItWalletSpecsVersion2["V1_3"] = "V1_3";
75
+ ItWalletSpecsVersion2["V1_4"] = "V1_4";
70
76
  return ItWalletSpecsVersion2;
71
77
  })(ItWalletSpecsVersion || {});
72
78
  function hasConfigVersion(options, version) {
@@ -256,9 +262,20 @@ function parseWithErrorHandling(schema, data, customErrorMessage) {
256
262
  }
257
263
  return parseResult.data;
258
264
  }
265
+ function formatError(message, prefix) {
266
+ return prefix ? `${prefix} ${message}` : message;
267
+ }
259
268
 
260
269
  // src/validation.ts
261
270
  var import_zod = __toESM(require("zod"));
271
+ var zItwSupportedSignatureAlg = import_zod.default.enum([
272
+ "ES256",
273
+ "ES384",
274
+ "ES512",
275
+ "PS256",
276
+ "PS384",
277
+ "PS512"
278
+ ]);
262
279
  var zHttpMethod = import_zod.default.enum([
263
280
  "GET",
264
281
  "POST",
@@ -284,6 +301,7 @@ function verifyJwtIatOrThrow(options) {
284
301
  }
285
302
 
286
303
  // src/index.ts
304
+ var import_oauth2 = require("@openid4vc/oauth2");
287
305
  var import_utils = require("@openid4vc/utils");
288
306
  // Annotate the CommonJS export names for ESM import in node:
289
307
  0 && (module.exports = {
@@ -291,6 +309,7 @@ var import_utils = require("@openid4vc/utils");
291
309
  CONTENT_TYPES,
292
310
  ContentType,
293
311
  HEADERS,
312
+ HashAlgorithm,
294
313
  IoWalletSdkConfig,
295
314
  ItWalletSpecsVersion,
296
315
  ItWalletSpecsVersionError,
@@ -299,12 +318,15 @@ var import_utils = require("@openid4vc/utils");
299
318
  UnexpectedStatusCodeError,
300
319
  ValidationError,
301
320
  addSecondsToDate,
321
+ calculateJwkThumbprint,
302
322
  createFetcher,
303
323
  dateToSeconds,
304
324
  decodeBase64,
325
+ decodeJwt,
305
326
  decodeUtf8String,
306
327
  encodeToBase64Url,
307
328
  encodeToUtf8String,
329
+ formatError,
308
330
  formatZodError,
309
331
  hasConfigVersion,
310
332
  hasStatusOrThrow,
@@ -316,6 +338,7 @@ var import_utils = require("@openid4vc/utils");
316
338
  setGlobalConfig,
317
339
  stringToJsonWithErrorHandling,
318
340
  verifyJwtIatOrThrow,
319
- zHttpMethod
341
+ zHttpMethod,
342
+ zItwSupportedSignatureAlg
320
343
  });
321
344
  //# sourceMappingURL=index.js.map
package/dist/index.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../src/index.ts","../src/config.ts","../src/constants.ts","../src/errors/parse.ts","../src/errors/errors.ts","../src/fetcher.ts","../src/parse.ts","../src/validation.ts","../src/verify.ts"],"sourcesContent":["export * from \"./config\";\nexport * from \"./constants\";\nexport * from \"./errors\";\nexport * from \"./fetcher\";\nexport type * from \"./globals\";\nexport * from \"./parse\";\nexport * from \"./validation\";\nexport * from \"./verify\";\n\nexport {\n ContentType,\n type Fetch,\n JsonParseError,\n addSecondsToDate,\n createFetcher,\n dateToSeconds,\n decodeBase64,\n decodeUtf8String,\n encodeToBase64Url,\n encodeToUtf8String,\n objectToQueryParams,\n parseIfJson,\n setGlobalConfig,\n stringToJsonWithErrorHandling,\n} from \"@openid4vc/utils\";\n","/**\n * Supported versions of the Italian Wallet technical specifications\n */\nexport enum ItWalletSpecsVersion {\n V1_0 = \"V1_0\",\n V1_3 = \"V1_3\",\n}\n\n/**\n * Configuration options for the IO Wallet SDK\n */\nexport interface IoWalletSdkConfigOptions<\n V extends ItWalletSpecsVersion = ItWalletSpecsVersion,\n> {\n /**\n * The version of the Italian Wallet specification to use.\n * REQUIRED - must be explicitly set by the user.\n *\n * @example\n * const config = new IoWalletSdkConfig({ itWalletSpecsVersion: ItWalletSpecsVersion.V1_3 });\n */\n itWalletSpecsVersion: V;\n}\n\ninterface WithConfig {\n config: IoWalletSdkConfig;\n}\n\ntype WithConfigVersion<\n T extends WithConfig,\n V extends ItWalletSpecsVersion,\n> = T extends { config: IoWalletSdkConfig<V> } ? T : never;\n\n/**\n * Type guard to check if the provided options have a specific config version\n *\n * @param options - The options object containing the config to check\n * @param version - The version to check against\n * @returns True if the options' config version matches the provided version\n */\nexport function hasConfigVersion<\n T extends WithConfig,\n V extends ItWalletSpecsVersion,\n>(options: T, version: V): options is WithConfigVersion<T, V> {\n return options.config.itWalletSpecsVersion === version;\n}\n\n/**\n * Configuration class for the IO Wallet SDK\n *\n * This class manages the version of the Italian Wallet technical specifications\n * to use throughout the SDK. The version determines the format of credential\n * requests and responses.\n *\n * @example Basic usage\n * const config = new IoWalletSdkConfig({ itWalletSpecsVersion: ItWalletSpecsVersion.V1_0 });\n * console.log(config.itWalletSpecsVersion); // ItWalletSpecsVersion.V1_0\n *\n * @example Type guard usage\n * if (config.isVersion(ItWalletSpecsVersion.V1_3)) {\n * // TypeScript narrows config.itWalletSpecsVersion to ItWalletSpecsVersion.V1_3\n * }\n */\nexport class IoWalletSdkConfig<\n V extends ItWalletSpecsVersion = ItWalletSpecsVersion,\n> {\n public readonly itWalletSpecsVersion: V;\n\n constructor(options: IoWalletSdkConfigOptions<V>) {\n this.itWalletSpecsVersion = options.itWalletSpecsVersion;\n }\n\n /**\n * Type guard for version checking\n *\n * @param version - The version to check against\n * @returns True if the config's version matches the provided version\n *\n * @internal\n */\n isVersion<W extends ItWalletSpecsVersion>(\n version: W,\n ): this is IoWalletSdkConfig<W> {\n const currentVersion: ItWalletSpecsVersion = this.itWalletSpecsVersion;\n return currentVersion === version;\n }\n}\n","/**\n * HTTP Content-Type constants for OAuth2 requests\n */\nexport const CONTENT_TYPES = {\n FORM_URLENCODED: \"application/x-www-form-urlencoded\",\n JSON: \"application/json\",\n} as const;\n\n/**\n * HTTP Header constants\n */\nexport const HEADERS = {\n AUTHORIZATION: \"Authorization\",\n CONTENT_TYPE: \"Content-Type\",\n DPOP: \"DPoP\",\n OAUTH_CLIENT_ATTESTATION: \"OAuth-Client-Attestation\",\n OAUTH_CLIENT_ATTESTATION_POP: \"OAuth-Client-Attestation-PoP\",\n} as const;\n\nexport const MAX_IAT_AGE_SECONDS = 5 * 60;\nexport const CLOCK_SKEW_TOLERANCE_SECONDS = 60;\n","import type z from \"zod\";\n\n/**\n * Some code comes from `zod-validation-error` package (MIT License) and\n * was slightly simplified to fit our needs.\n */\nconst constants = {\n identifierRegex: /[$_\\p{ID_Start}][$\\u200c\\u200d\\p{ID_Continue}]*/u,\n issueSeparator: \"\\n\\t- \",\n unionSeparator: \", or \",\n};\n\nfunction escapeQuotes(str: string): string {\n return str.replace(/\\\\/g, \"\\\\\\\\\").replace(/\"/g, '\\\\\"');\n}\n\ntype ZodIssue = z.ZodError[\"issues\"][number];\n\nfunction joinPath(path: PropertyKey[]): string {\n if (path.length === 1 && path[0] !== undefined) {\n return String(path[0]);\n }\n\n return path.reduce<string>((acc, item) => {\n // handle numeric indices\n if (typeof item === \"number\") {\n return `${acc}[${item.toString()}]`;\n }\n\n if (typeof item === \"symbol\") {\n return `${acc}[${JSON.stringify(String(item))}]`;\n }\n\n // handle quoted values\n if (item.includes('\"')) {\n return `${acc}[\"${escapeQuotes(item)}\"]`;\n }\n\n // handle special characters\n if (!constants.identifierRegex.test(item)) {\n return `${acc}[\"${item}\"]`;\n }\n\n // handle normal values\n const separator = acc.length === 0 ? \"\" : \".\";\n return acc + separator + item;\n }, \"\");\n}\nfunction getMessageFromZodIssue(issue: ZodIssue): string {\n if (issue.code === \"invalid_union\") {\n return getMessageFromUnionErrors(issue.errors);\n }\n\n if (issue.path.length !== 0) {\n // handle array indices\n if (issue.path.length === 1) {\n const identifier = issue.path[0];\n\n if (typeof identifier === \"number\") {\n return `${issue.message} at index ${identifier}`;\n }\n }\n\n return `${issue.message} at \"${joinPath(issue.path)}\"`;\n }\n\n return issue.message;\n}\n\nfunction getMessageFromUnionErrors(unionErrors: ZodIssue[][]): string {\n return unionErrors\n .reduce<string[]>((acc, issues) => {\n const newIssues = issues\n .map((issue) => getMessageFromZodIssue(issue))\n .join(constants.issueSeparator);\n\n if (!acc.includes(newIssues)) acc.push(newIssues);\n\n return acc;\n }, [])\n .join(constants.unionSeparator);\n}\n\nexport function formatZodError(error?: z.ZodError): string {\n if (!error) return \"\";\n\n return `\\t- ${error?.issues.map((issue) => getMessageFromZodIssue(issue)).join(constants.issueSeparator)}`;\n}\n","import type { ZodError, z } from \"zod\";\n\nimport { formatZodError } from \"./parse\";\n\n// An error reason that supports both a string and a generic JSON object\ntype GenericErrorReason = Record<string, unknown> | string;\n\n/**\n * utility to format a set of attributes into an error message string\n *\n * @example\n * // returns \"foo=value bar=(list, item)\"\n * serializeAttrs({ foo: \"value\", bar: [\"list\", \"item\"] })\n *\n * @param attrs A key value record set\n * @returns a human-readable serialization of the set\n */\nexport const serializeAttrs = (\n attrs: Record<string, GenericErrorReason | number | string[] | undefined>,\n): string =>\n Object.entries(attrs)\n .filter(([, v]) => v !== undefined)\n .map(([k, v]) => {\n if (Array.isArray(v)) return [k, `(${v.join(\", \")})`];\n if (typeof v !== \"string\") return [k, JSON.stringify(v)];\n return [k, v];\n })\n .map((_) => _.join(\"=\"))\n .join(\" \");\n\n/**\n * An error subclass thrown when an HTTP request has a status code different from the one expected.\n */\nexport class UnexpectedStatusCodeError extends Error {\n code = \"ERR_UNEXPECTED_STATUS_CODE\";\n reason: GenericErrorReason;\n statusCode: number;\n\n constructor({\n message,\n reason,\n statusCode,\n }: {\n message: string;\n reason: GenericErrorReason;\n statusCode: number;\n }) {\n super(serializeAttrs({ message, reason, statusCode }));\n this.reason = reason;\n this.statusCode = statusCode;\n }\n}\n\n/**\n * An error subclass thrown when an unsupported Italian Wallet specification version is requested.\n *\n * This error is thrown when:\n * - A feature or method is called with a version that it doesn't support\n * - An invalid version identifier is provided\n *\n * @example\n * throw new ItWalletSpecsVersionError(\n * 'createCredentialRequest',\n * '2.0.0',\n * [ItWalletSpecsVersion.V1_0, ItWalletSpecsVersion.V1_3]\n * );\n * // Error: Feature \"createCredentialRequest\" does not support version 2.0.0.\n * // Supported versions: V1_0, V1_3\n */\nexport class ItWalletSpecsVersionError extends Error {\n public readonly code = \"IT_WALLET_SPECS_VERSION_ERROR\";\n\n constructor(\n public readonly feature: string,\n public readonly requestedVersion: string,\n public readonly supportedVersions: readonly string[],\n ) {\n super(\n `Feature \"${feature}\" does not support version ${requestedVersion}.\\n` +\n `Supported versions: ${supportedVersions.join(\", \")}`,\n );\n this.name = \"ItWalletSpecsVersionError\";\n\n // Maintain proper stack trace for V8 engines (Node.js, Chrome)\n const ErrorConstructor = Error as {\n captureStackTrace?: (target: object, constructor: unknown) => void;\n };\n if (typeof ErrorConstructor.captureStackTrace === \"function\") {\n ErrorConstructor.captureStackTrace(this, ItWalletSpecsVersionError);\n }\n }\n}\n\nexport class ValidationError extends Error {\n public zodError: ZodError | undefined;\n\n constructor(message: string, zodError?: z.ZodError) {\n super(message);\n\n const formattedError = formatZodError(zodError);\n this.message = `${message}\\n${formattedError}`;\n\n Object.defineProperty(this, \"zodError\", {\n enumerable: false,\n value: zodError,\n writable: false,\n });\n }\n}\n","import { UnexpectedStatusCodeError } from \"./errors\";\n\n/**\n * Check if a response is in the expected status, otherwise throw an error\n * @param status - The expected status\n * @param customError - A custom error compatible with {@link UnexpectedStatusCodeError}\n * @throws UnexpectedStatusCodeError if the status is different from the one expected\n * @returns The given response object\n */\nexport const hasStatusOrThrow =\n (status: number | number[], customError?: typeof UnexpectedStatusCodeError) =>\n async (res: Response): Promise<Response> => {\n if (\n Array.isArray(status)\n ? !status.includes(res.status)\n : res.status !== status\n ) {\n const ErrorClass = customError ?? UnexpectedStatusCodeError;\n throw new ErrorClass({\n message: `Http request failed. Expected ${status}, got ${res.status}, url: ${res.url}`,\n reason: await parseRawHttpResponse(res), // Pass the response body as reason so the original error can surface\n statusCode: res.status,\n });\n }\n return res;\n };\n\n/**\n * Utility function to parse a raw HTTP response as JSON if supported, otherwise as text.\n */\nexport const parseRawHttpResponse = <T extends Record<string, unknown>>(\n response: Response,\n) =>\n response.headers.get(\"content-type\")?.includes(\"application/json\")\n ? (response.json() as Promise<T>)\n : response.text();\n","import { z } from \"zod\";\n\nimport { ValidationError } from \"./errors/errors\";\n\nexport type BaseSchema = z.ZodTypeAny;\n\nconst SAFE_STRINGIFY_MAX_LENGTH = 200;\n\nfunction safeStringify(value: unknown): string {\n try {\n const result = JSON.stringify(value, (_key, val) =>\n typeof val === \"bigint\" ? `[BigInt: ${val}]` : val,\n );\n if (result === undefined) {\n return String(value);\n }\n return result.length > SAFE_STRINGIFY_MAX_LENGTH\n ? `${result.slice(0, SAFE_STRINGIFY_MAX_LENGTH)}…`\n : result;\n } catch {\n return \"[unserializable]\";\n }\n}\n\nexport function parseWithErrorHandling<Schema extends BaseSchema>(\n schema: Schema,\n data: unknown,\n customErrorMessage?: string,\n): z.infer<Schema> {\n const parseResult = schema.safeParse(data);\n\n if (!parseResult.success) {\n throw new ValidationError(\n customErrorMessage ??\n `Error validating schema with data ${safeStringify(data)}`,\n parseResult.error,\n );\n }\n\n return parseResult.data;\n}\n","import z from \"zod\";\n\nexport const zHttpMethod = z.enum([\n \"GET\",\n \"POST\",\n \"PUT\",\n \"DELETE\",\n \"HEAD\",\n \"OPTIONS\",\n \"TRACE\",\n \"CONNECT\",\n \"PATCH\",\n]);\nexport type HttpMethod = z.infer<typeof zHttpMethod>;\n","import { CLOCK_SKEW_TOLERANCE_SECONDS, MAX_IAT_AGE_SECONDS } from \"./constants\";\n\nexport function verifyJwtIatOrThrow(options: { iat: number; now?: Date }) {\n const now = options.now ?? new Date();\n const nowSeconds = Math.floor(now.getTime() / 1000);\n\n if (nowSeconds - options.iat > MAX_IAT_AGE_SECONDS) {\n throw new Error(\"iat claim in JWT is too old (must be within 5 minutes)\");\n }\n\n if (options.iat - nowSeconds > CLOCK_SKEW_TOLERANCE_SECONDS) {\n throw new Error(\"iat claim in JWT is too far in the future\");\n }\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;;ACGO,IAAK,uBAAL,kBAAKA,0BAAL;AACL,EAAAA,sBAAA,UAAO;AACP,EAAAA,sBAAA,UAAO;AAFG,SAAAA;AAAA,GAAA;AAqCL,SAAS,iBAGd,SAAY,SAAgD;AAC5D,SAAO,QAAQ,OAAO,yBAAyB;AACjD;AAkBO,IAAM,oBAAN,MAEL;AAAA,EACgB;AAAA,EAEhB,YAAY,SAAsC;AAChD,SAAK,uBAAuB,QAAQ;AAAA,EACtC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAUA,UACE,SAC8B;AAC9B,UAAM,iBAAuC,KAAK;AAClD,WAAO,mBAAmB;AAAA,EAC5B;AACF;;;ACnFO,IAAM,gBAAgB;AAAA,EAC3B,iBAAiB;AAAA,EACjB,MAAM;AACR;AAKO,IAAM,UAAU;AAAA,EACrB,eAAe;AAAA,EACf,cAAc;AAAA,EACd,MAAM;AAAA,EACN,0BAA0B;AAAA,EAC1B,8BAA8B;AAChC;AAEO,IAAM,sBAAsB,IAAI;AAChC,IAAM,+BAA+B;;;ACd5C,IAAM,YAAY;AAAA,EAChB,iBAAiB;AAAA,EACjB,gBAAgB;AAAA,EAChB,gBAAgB;AAClB;AAEA,SAAS,aAAa,KAAqB;AACzC,SAAO,IAAI,QAAQ,OAAO,MAAM,EAAE,QAAQ,MAAM,KAAK;AACvD;AAIA,SAAS,SAAS,MAA6B;AAC7C,MAAI,KAAK,WAAW,KAAK,KAAK,CAAC,MAAM,QAAW;AAC9C,WAAO,OAAO,KAAK,CAAC,CAAC;AAAA,EACvB;AAEA,SAAO,KAAK,OAAe,CAAC,KAAK,SAAS;AAExC,QAAI,OAAO,SAAS,UAAU;AAC5B,aAAO,GAAG,GAAG,IAAI,KAAK,SAAS,CAAC;AAAA,IAClC;AAEA,QAAI,OAAO,SAAS,UAAU;AAC5B,aAAO,GAAG,GAAG,IAAI,KAAK,UAAU,OAAO,IAAI,CAAC,CAAC;AAAA,IAC/C;AAGA,QAAI,KAAK,SAAS,GAAG,GAAG;AACtB,aAAO,GAAG,GAAG,KAAK,aAAa,IAAI,CAAC;AAAA,IACtC;AAGA,QAAI,CAAC,UAAU,gBAAgB,KAAK,IAAI,GAAG;AACzC,aAAO,GAAG,GAAG,KAAK,IAAI;AAAA,IACxB;AAGA,UAAM,YAAY,IAAI,WAAW,IAAI,KAAK;AAC1C,WAAO,MAAM,YAAY;AAAA,EAC3B,GAAG,EAAE;AACP;AACA,SAAS,uBAAuB,OAAyB;AACvD,MAAI,MAAM,SAAS,iBAAiB;AAClC,WAAO,0BAA0B,MAAM,MAAM;AAAA,EAC/C;AAEA,MAAI,MAAM,KAAK,WAAW,GAAG;AAE3B,QAAI,MAAM,KAAK,WAAW,GAAG;AAC3B,YAAM,aAAa,MAAM,KAAK,CAAC;AAE/B,UAAI,OAAO,eAAe,UAAU;AAClC,eAAO,GAAG,MAAM,OAAO,aAAa,UAAU;AAAA,MAChD;AAAA,IACF;AAEA,WAAO,GAAG,MAAM,OAAO,QAAQ,SAAS,MAAM,IAAI,CAAC;AAAA,EACrD;AAEA,SAAO,MAAM;AACf;AAEA,SAAS,0BAA0B,aAAmC;AACpE,SAAO,YACJ,OAAiB,CAAC,KAAK,WAAW;AACjC,UAAM,YAAY,OACf,IAAI,CAAC,UAAU,uBAAuB,KAAK,CAAC,EAC5C,KAAK,UAAU,cAAc;AAEhC,QAAI,CAAC,IAAI,SAAS,SAAS,EAAG,KAAI,KAAK,SAAS;AAEhD,WAAO;AAAA,EACT,GAAG,CAAC,CAAC,EACJ,KAAK,UAAU,cAAc;AAClC;AAEO,SAAS,eAAe,OAA4B;AACzD,MAAI,CAAC,MAAO,QAAO;AAEnB,SAAO,MAAO,OAAO,OAAO,IAAI,CAAC,UAAU,uBAAuB,KAAK,CAAC,EAAE,KAAK,UAAU,cAAc,CAAC;AAC1G;;;ACtEO,IAAM,iBAAiB,CAC5B,UAEA,OAAO,QAAQ,KAAK,EACjB,OAAO,CAAC,CAAC,EAAE,CAAC,MAAM,MAAM,MAAS,EACjC,IAAI,CAAC,CAAC,GAAG,CAAC,MAAM;AACf,MAAI,MAAM,QAAQ,CAAC,EAAG,QAAO,CAAC,GAAG,IAAI,EAAE,KAAK,IAAI,CAAC,GAAG;AACpD,MAAI,OAAO,MAAM,SAAU,QAAO,CAAC,GAAG,KAAK,UAAU,CAAC,CAAC;AACvD,SAAO,CAAC,GAAG,CAAC;AACd,CAAC,EACA,IAAI,CAAC,MAAM,EAAE,KAAK,GAAG,CAAC,EACtB,KAAK,GAAG;AAKN,IAAM,4BAAN,cAAwC,MAAM;AAAA,EACnD,OAAO;AAAA,EACP;AAAA,EACA;AAAA,EAEA,YAAY;AAAA,IACV;AAAA,IACA;AAAA,IACA;AAAA,EACF,GAIG;AACD,UAAM,eAAe,EAAE,SAAS,QAAQ,WAAW,CAAC,CAAC;AACrD,SAAK,SAAS;AACd,SAAK,aAAa;AAAA,EACpB;AACF;AAkBO,IAAM,4BAAN,MAAM,mCAAkC,MAAM;AAAA,EAGnD,YACkB,SACA,kBACA,mBAChB;AACA;AAAA,MACE,YAAY,OAAO,8BAA8B,gBAAgB;AAAA,sBACxC,kBAAkB,KAAK,IAAI,CAAC;AAAA,IACvD;AAPgB;AACA;AACA;AAMhB,SAAK,OAAO;AAGZ,UAAM,mBAAmB;AAGzB,QAAI,OAAO,iBAAiB,sBAAsB,YAAY;AAC5D,uBAAiB,kBAAkB,MAAM,0BAAyB;AAAA,IACpE;AAAA,EACF;AAAA,EApBgB,OAAO;AAqBzB;AAEO,IAAM,kBAAN,cAA8B,MAAM;AAAA,EAClC;AAAA,EAEP,YAAY,SAAiB,UAAuB;AAClD,UAAM,OAAO;AAEb,UAAM,iBAAiB,eAAe,QAAQ;AAC9C,SAAK,UAAU,GAAG,OAAO;AAAA,EAAK,cAAc;AAE5C,WAAO,eAAe,MAAM,YAAY;AAAA,MACtC,YAAY;AAAA,MACZ,OAAO;AAAA,MACP,UAAU;AAAA,IACZ,CAAC;AAAA,EACH;AACF;;;ACnGO,IAAM,mBACX,CAAC,QAA2B,gBAC5B,OAAO,QAAqC;AAC1C,MACE,MAAM,QAAQ,MAAM,IAChB,CAAC,OAAO,SAAS,IAAI,MAAM,IAC3B,IAAI,WAAW,QACnB;AACA,UAAM,aAAa,eAAe;AAClC,UAAM,IAAI,WAAW;AAAA,MACnB,SAAS,iCAAiC,MAAM,SAAS,IAAI,MAAM,UAAU,IAAI,GAAG;AAAA,MACpF,QAAQ,MAAM,qBAAqB,GAAG;AAAA;AAAA,MACtC,YAAY,IAAI;AAAA,IAClB,CAAC;AAAA,EACH;AACA,SAAO;AACT;AAKK,IAAM,uBAAuB,CAClC,aAEA,SAAS,QAAQ,IAAI,cAAc,GAAG,SAAS,kBAAkB,IAC5D,SAAS,KAAK,IACf,SAAS,KAAK;;;AC7BpB,IAAM,4BAA4B;AAElC,SAAS,cAAc,OAAwB;AAC7C,MAAI;AACF,UAAM,SAAS,KAAK;AAAA,MAAU;AAAA,MAAO,CAAC,MAAM,QAC1C,OAAO,QAAQ,WAAW,YAAY,GAAG,MAAM;AAAA,IACjD;AACA,QAAI,WAAW,QAAW;AACxB,aAAO,OAAO,KAAK;AAAA,IACrB;AACA,WAAO,OAAO,SAAS,4BACnB,GAAG,OAAO,MAAM,GAAG,yBAAyB,CAAC,WAC7C;AAAA,EACN,QAAQ;AACN,WAAO;AAAA,EACT;AACF;AAEO,SAAS,uBACd,QACA,MACA,oBACiB;AACjB,QAAM,cAAc,OAAO,UAAU,IAAI;AAEzC,MAAI,CAAC,YAAY,SAAS;AACxB,UAAM,IAAI;AAAA,MACR,sBACE,qCAAqC,cAAc,IAAI,CAAC;AAAA,MAC1D,YAAY;AAAA,IACd;AAAA,EACF;AAEA,SAAO,YAAY;AACrB;;;ACxCA,iBAAc;AAEP,IAAM,cAAc,WAAAC,QAAE,KAAK;AAAA,EAChC;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AACF,CAAC;;;ACVM,SAAS,oBAAoB,SAAsC;AACxE,QAAM,MAAM,QAAQ,OAAO,oBAAI,KAAK;AACpC,QAAM,aAAa,KAAK,MAAM,IAAI,QAAQ,IAAI,GAAI;AAElD,MAAI,aAAa,QAAQ,MAAM,qBAAqB;AAClD,UAAM,IAAI,MAAM,wDAAwD;AAAA,EAC1E;AAEA,MAAI,QAAQ,MAAM,aAAa,8BAA8B;AAC3D,UAAM,IAAI,MAAM,2CAA2C;AAAA,EAC7D;AACF;;;ARJA,mBAeO;","names":["ItWalletSpecsVersion","z"]}
1
+ {"version":3,"sources":["../src/index.ts","../src/config.ts","../src/constants.ts","../src/errors/parse.ts","../src/errors/errors.ts","../src/fetcher.ts","../src/parse.ts","../src/validation.ts","../src/verify.ts"],"sourcesContent":["export * from \"./config\";\nexport * from \"./constants\";\nexport * from \"./errors/errors\";\nexport * from \"./errors/parse\";\nexport * from \"./fetcher\";\nexport type * from \"./globals\";\nexport * from \"./parse\";\nexport * from \"./validation\";\nexport * from \"./verify\";\n\nexport {\n type CallbackContext,\n HashAlgorithm,\n type HashCallback,\n type JwtSignerJwk,\n calculateJwkThumbprint,\n decodeJwt,\n} from \"@openid4vc/oauth2\";\n\nexport {\n ContentType,\n type Fetch,\n JsonParseError,\n addSecondsToDate,\n createFetcher,\n dateToSeconds,\n decodeBase64,\n decodeUtf8String,\n encodeToBase64Url,\n encodeToUtf8String,\n objectToQueryParams,\n parseIfJson,\n setGlobalConfig,\n stringToJsonWithErrorHandling,\n} from \"@openid4vc/utils\";\n","/**\n * Supported versions of the Italian Wallet technical specifications\n */\nexport enum ItWalletSpecsVersion {\n V1_0 = \"V1_0\",\n V1_3 = \"V1_3\",\n V1_4 = \"V1_4\",\n}\n\n/**\n * Configuration options for the IO Wallet SDK\n */\nexport interface IoWalletSdkConfigOptions<\n V extends ItWalletSpecsVersion = ItWalletSpecsVersion,\n> {\n /**\n * The version of the Italian Wallet specification to use.\n * REQUIRED - must be explicitly set by the user.\n *\n * @example\n * const config = new IoWalletSdkConfig({ itWalletSpecsVersion: ItWalletSpecsVersion.V1_3 });\n */\n itWalletSpecsVersion: V;\n}\n\ninterface WithConfig {\n config: IoWalletSdkConfig;\n}\n\ntype WithConfigVersion<\n T extends WithConfig,\n V extends ItWalletSpecsVersion,\n> = T extends { config: IoWalletSdkConfig<V> } ? T : never;\n\n/**\n * Type guard to check if the provided options have a specific config version\n *\n * @param options - The options object containing the config to check\n * @param version - The version to check against\n * @returns True if the options' config version matches the provided version\n */\nexport function hasConfigVersion<\n T extends WithConfig,\n V extends ItWalletSpecsVersion,\n>(options: T, version: V): options is WithConfigVersion<T, V> {\n return options.config.itWalletSpecsVersion === version;\n}\n\n/**\n * Configuration class for the IO Wallet SDK\n *\n * This class manages the version of the Italian Wallet technical specifications\n * to use throughout the SDK. The version determines the format of credential\n * requests and responses.\n *\n * @example Basic usage\n * const config = new IoWalletSdkConfig({ itWalletSpecsVersion: ItWalletSpecsVersion.V1_0 });\n * console.log(config.itWalletSpecsVersion); // ItWalletSpecsVersion.V1_0\n *\n * @example Type guard usage\n * if (config.isVersion(ItWalletSpecsVersion.V1_3)) {\n * // TypeScript narrows config.itWalletSpecsVersion to ItWalletSpecsVersion.V1_3\n * }\n */\nexport class IoWalletSdkConfig<\n V extends ItWalletSpecsVersion = ItWalletSpecsVersion,\n> {\n public readonly itWalletSpecsVersion: V;\n\n constructor(options: IoWalletSdkConfigOptions<V>) {\n this.itWalletSpecsVersion = options.itWalletSpecsVersion;\n }\n\n /**\n * Type guard for version checking\n *\n * @param version - The version to check against\n * @returns True if the config's version matches the provided version\n *\n * @internal\n */\n isVersion<W extends ItWalletSpecsVersion>(\n version: W,\n ): this is IoWalletSdkConfig<W> {\n const currentVersion: ItWalletSpecsVersion = this.itWalletSpecsVersion;\n return currentVersion === version;\n }\n}\n","/**\n * HTTP Content-Type constants for OAuth2 requests\n */\nexport const CONTENT_TYPES = {\n FORM_URLENCODED: \"application/x-www-form-urlencoded\",\n JSON: \"application/json\",\n} as const;\n\n/**\n * HTTP Header constants\n */\nexport const HEADERS = {\n AUTHORIZATION: \"Authorization\",\n CONTENT_TYPE: \"Content-Type\",\n DPOP: \"DPoP\",\n OAUTH_CLIENT_ATTESTATION: \"OAuth-Client-Attestation\",\n OAUTH_CLIENT_ATTESTATION_POP: \"OAuth-Client-Attestation-PoP\",\n} as const;\n\nexport const MAX_IAT_AGE_SECONDS = 5 * 60;\nexport const CLOCK_SKEW_TOLERANCE_SECONDS = 60;\n","import type z from \"zod\";\n\n/**\n * Some code comes from `zod-validation-error` package (MIT License) and\n * was slightly simplified to fit our needs.\n */\nconst constants = {\n identifierRegex: /[$_\\p{ID_Start}][$\\u200c\\u200d\\p{ID_Continue}]*/u,\n issueSeparator: \"\\n\\t- \",\n unionSeparator: \", or \",\n};\n\nfunction escapeQuotes(str: string): string {\n return str.replace(/\\\\/g, \"\\\\\\\\\").replace(/\"/g, '\\\\\"');\n}\n\ntype ZodIssue = z.ZodError[\"issues\"][number];\n\nfunction joinPath(path: PropertyKey[]): string {\n if (path.length === 1 && path[0] !== undefined) {\n return String(path[0]);\n }\n\n return path.reduce<string>((acc, item) => {\n // handle numeric indices\n if (typeof item === \"number\") {\n return `${acc}[${item.toString()}]`;\n }\n\n if (typeof item === \"symbol\") {\n return `${acc}[${JSON.stringify(String(item))}]`;\n }\n\n // handle quoted values\n if (item.includes('\"')) {\n return `${acc}[\"${escapeQuotes(item)}\"]`;\n }\n\n // handle special characters\n if (!constants.identifierRegex.test(item)) {\n return `${acc}[\"${item}\"]`;\n }\n\n // handle normal values\n const separator = acc.length === 0 ? \"\" : \".\";\n return acc + separator + item;\n }, \"\");\n}\nfunction getMessageFromZodIssue(issue: ZodIssue): string {\n if (issue.code === \"invalid_union\") {\n return getMessageFromUnionErrors(issue.errors);\n }\n\n if (issue.path.length !== 0) {\n // handle array indices\n if (issue.path.length === 1) {\n const identifier = issue.path[0];\n\n if (typeof identifier === \"number\") {\n return `${issue.message} at index ${identifier}`;\n }\n }\n\n return `${issue.message} at \"${joinPath(issue.path)}\"`;\n }\n\n return issue.message;\n}\n\nfunction getMessageFromUnionErrors(unionErrors: ZodIssue[][]): string {\n return unionErrors\n .reduce<string[]>((acc, issues) => {\n const newIssues = issues\n .map((issue) => getMessageFromZodIssue(issue))\n .join(constants.issueSeparator);\n\n if (!acc.includes(newIssues)) acc.push(newIssues);\n\n return acc;\n }, [])\n .join(constants.unionSeparator);\n}\n\nexport function formatZodError(error?: z.ZodError): string {\n if (!error) return \"\";\n\n return `\\t- ${error?.issues.map((issue) => getMessageFromZodIssue(issue)).join(constants.issueSeparator)}`;\n}\n","import type { ZodError, z } from \"zod\";\n\nimport { formatZodError } from \"./parse\";\n\n// An error reason that supports both a string and a generic JSON object\ntype GenericErrorReason = Record<string, unknown> | string;\n\n/**\n * utility to format a set of attributes into an error message string\n *\n * @example\n * // returns \"foo=value bar=(list, item)\"\n * serializeAttrs({ foo: \"value\", bar: [\"list\", \"item\"] })\n *\n * @param attrs A key value record set\n * @returns a human-readable serialization of the set\n */\nexport const serializeAttrs = (\n attrs: Record<string, GenericErrorReason | number | string[] | undefined>,\n): string =>\n Object.entries(attrs)\n .filter(([, v]) => v !== undefined)\n .map(([k, v]) => {\n if (Array.isArray(v)) return [k, `(${v.join(\", \")})`];\n if (typeof v !== \"string\") return [k, JSON.stringify(v)];\n return [k, v];\n })\n .map((_) => _.join(\"=\"))\n .join(\" \");\n\n/**\n * An error subclass thrown when an HTTP request has a status code different from the one expected.\n */\nexport class UnexpectedStatusCodeError extends Error {\n code = \"ERR_UNEXPECTED_STATUS_CODE\";\n reason: GenericErrorReason;\n statusCode: number;\n\n constructor({\n message,\n reason,\n statusCode,\n }: {\n message: string;\n reason: GenericErrorReason;\n statusCode: number;\n }) {\n super(serializeAttrs({ message, reason, statusCode }));\n this.reason = reason;\n this.statusCode = statusCode;\n }\n}\n\n/**\n * An error subclass thrown when an unsupported Italian Wallet specification version is requested.\n *\n * This error is thrown when:\n * - A feature or method is called with a version that it doesn't support\n * - An invalid version identifier is provided\n *\n * @example\n * throw new ItWalletSpecsVersionError(\n * 'createCredentialRequest',\n * '2.0.0',\n * [ItWalletSpecsVersion.V1_0, ItWalletSpecsVersion.V1_3]\n * );\n * // Error: Feature \"createCredentialRequest\" does not support version 2.0.0.\n * // Supported versions: V1_0, V1_3\n */\nexport class ItWalletSpecsVersionError extends Error {\n public readonly code = \"IT_WALLET_SPECS_VERSION_ERROR\";\n\n constructor(\n public readonly feature: string,\n public readonly requestedVersion: string,\n public readonly supportedVersions: readonly string[],\n ) {\n super(\n `Feature \"${feature}\" does not support version ${requestedVersion}.\\n` +\n `Supported versions: ${supportedVersions.join(\", \")}`,\n );\n this.name = \"ItWalletSpecsVersionError\";\n\n // Maintain proper stack trace for V8 engines (Node.js, Chrome)\n const ErrorConstructor = Error as {\n captureStackTrace?: (target: object, constructor: unknown) => void;\n };\n if (typeof ErrorConstructor.captureStackTrace === \"function\") {\n ErrorConstructor.captureStackTrace(this, ItWalletSpecsVersionError);\n }\n }\n}\n\nexport class ValidationError extends Error {\n public zodError: ZodError | undefined;\n\n constructor(message: string, zodError?: z.ZodError) {\n super(message);\n\n const formattedError = formatZodError(zodError);\n this.message = `${message}\\n${formattedError}`;\n\n Object.defineProperty(this, \"zodError\", {\n enumerable: false,\n value: zodError,\n writable: false,\n });\n }\n}\n","import { UnexpectedStatusCodeError } from \"./errors/errors\";\n\n/**\n * Check if a response is in the expected status, otherwise throw an error\n * @param status - The expected status\n * @param customError - A custom error compatible with {@link UnexpectedStatusCodeError}\n * @throws UnexpectedStatusCodeError if the status is different from the one expected\n * @returns The given response object\n */\nexport const hasStatusOrThrow =\n (status: number | number[], customError?: typeof UnexpectedStatusCodeError) =>\n async (res: Response): Promise<Response> => {\n if (\n Array.isArray(status)\n ? !status.includes(res.status)\n : res.status !== status\n ) {\n const ErrorClass = customError ?? UnexpectedStatusCodeError;\n throw new ErrorClass({\n message: `Http request failed. Expected ${status}, got ${res.status}, url: ${res.url}`,\n reason: await parseRawHttpResponse(res), // Pass the response body as reason so the original error can surface\n statusCode: res.status,\n });\n }\n return res;\n };\n\n/**\n * Utility function to parse a raw HTTP response as JSON if supported, otherwise as text.\n */\nexport const parseRawHttpResponse = <T extends Record<string, unknown>>(\n response: Response,\n) =>\n response.headers.get(\"content-type\")?.includes(\"application/json\")\n ? (response.json() as Promise<T>)\n : response.text();\n","import { z } from \"zod\";\n\nimport { ValidationError } from \"./errors/errors\";\n\nexport type BaseSchema = z.ZodTypeAny;\n\nconst SAFE_STRINGIFY_MAX_LENGTH = 200;\n\nfunction safeStringify(value: unknown): string {\n try {\n const result = JSON.stringify(value, (_key, val) =>\n typeof val === \"bigint\" ? `[BigInt: ${val}]` : val,\n );\n if (result === undefined) {\n return String(value);\n }\n return result.length > SAFE_STRINGIFY_MAX_LENGTH\n ? `${result.slice(0, SAFE_STRINGIFY_MAX_LENGTH)}…`\n : result;\n } catch {\n return \"[unserializable]\";\n }\n}\n\nexport function parseWithErrorHandling<Schema extends BaseSchema>(\n schema: Schema,\n data: unknown,\n customErrorMessage?: string,\n): z.infer<Schema> {\n const parseResult = schema.safeParse(data);\n\n if (!parseResult.success) {\n throw new ValidationError(\n customErrorMessage ??\n `Error validating schema with data ${safeStringify(data)}`,\n parseResult.error,\n );\n }\n\n return parseResult.data;\n}\n\nexport function formatError(message: string, prefix?: string): string {\n return prefix ? `${prefix} ${message}` : message;\n}\n","import z from \"zod\";\n\n/**\n * For the moment, these are all the supported algorithms in both\n * {@link https://italia.github.io/eid-wallet-it-docs/releases/1.3.3/en/algorithms.html#cryptographic-algorithms|v1.3.3} and\n * {@link https://italia.github.io/eid-wallet-it-docs/releases/1.0.2/en/algorithms.html#cryptographic-algorithms|v1.0.2},\n * and in both specifications the `alg` field MUST be one of those values.\n */\nexport const zItwSupportedSignatureAlg = z.enum([\n \"ES256\",\n \"ES384\",\n \"ES512\",\n \"PS256\",\n \"PS384\",\n \"PS512\",\n]);\nexport type ItwSupportedSignatureAlg = z.infer<\n typeof zItwSupportedSignatureAlg\n>;\n\nexport const zHttpMethod = z.enum([\n \"GET\",\n \"POST\",\n \"PUT\",\n \"DELETE\",\n \"HEAD\",\n \"OPTIONS\",\n \"TRACE\",\n \"CONNECT\",\n \"PATCH\",\n]);\nexport type HttpMethod = z.infer<typeof zHttpMethod>;\n","import { CLOCK_SKEW_TOLERANCE_SECONDS, MAX_IAT_AGE_SECONDS } from \"./constants\";\n\nexport function verifyJwtIatOrThrow(options: { iat: number; now?: Date }) {\n const now = options.now ?? new Date();\n const nowSeconds = Math.floor(now.getTime() / 1000);\n\n if (nowSeconds - options.iat > MAX_IAT_AGE_SECONDS) {\n throw new Error(\"iat claim in JWT is too old (must be within 5 minutes)\");\n }\n\n if (options.iat - nowSeconds > CLOCK_SKEW_TOLERANCE_SECONDS) {\n throw new Error(\"iat claim in JWT is too far in the future\");\n }\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;;ACGO,IAAK,uBAAL,kBAAKA,0BAAL;AACL,EAAAA,sBAAA,UAAO;AACP,EAAAA,sBAAA,UAAO;AACP,EAAAA,sBAAA,UAAO;AAHG,SAAAA;AAAA,GAAA;AAsCL,SAAS,iBAGd,SAAY,SAAgD;AAC5D,SAAO,QAAQ,OAAO,yBAAyB;AACjD;AAkBO,IAAM,oBAAN,MAEL;AAAA,EACgB;AAAA,EAEhB,YAAY,SAAsC;AAChD,SAAK,uBAAuB,QAAQ;AAAA,EACtC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAUA,UACE,SAC8B;AAC9B,UAAM,iBAAuC,KAAK;AAClD,WAAO,mBAAmB;AAAA,EAC5B;AACF;;;ACpFO,IAAM,gBAAgB;AAAA,EAC3B,iBAAiB;AAAA,EACjB,MAAM;AACR;AAKO,IAAM,UAAU;AAAA,EACrB,eAAe;AAAA,EACf,cAAc;AAAA,EACd,MAAM;AAAA,EACN,0BAA0B;AAAA,EAC1B,8BAA8B;AAChC;AAEO,IAAM,sBAAsB,IAAI;AAChC,IAAM,+BAA+B;;;ACd5C,IAAM,YAAY;AAAA,EAChB,iBAAiB;AAAA,EACjB,gBAAgB;AAAA,EAChB,gBAAgB;AAClB;AAEA,SAAS,aAAa,KAAqB;AACzC,SAAO,IAAI,QAAQ,OAAO,MAAM,EAAE,QAAQ,MAAM,KAAK;AACvD;AAIA,SAAS,SAAS,MAA6B;AAC7C,MAAI,KAAK,WAAW,KAAK,KAAK,CAAC,MAAM,QAAW;AAC9C,WAAO,OAAO,KAAK,CAAC,CAAC;AAAA,EACvB;AAEA,SAAO,KAAK,OAAe,CAAC,KAAK,SAAS;AAExC,QAAI,OAAO,SAAS,UAAU;AAC5B,aAAO,GAAG,GAAG,IAAI,KAAK,SAAS,CAAC;AAAA,IAClC;AAEA,QAAI,OAAO,SAAS,UAAU;AAC5B,aAAO,GAAG,GAAG,IAAI,KAAK,UAAU,OAAO,IAAI,CAAC,CAAC;AAAA,IAC/C;AAGA,QAAI,KAAK,SAAS,GAAG,GAAG;AACtB,aAAO,GAAG,GAAG,KAAK,aAAa,IAAI,CAAC;AAAA,IACtC;AAGA,QAAI,CAAC,UAAU,gBAAgB,KAAK,IAAI,GAAG;AACzC,aAAO,GAAG,GAAG,KAAK,IAAI;AAAA,IACxB;AAGA,UAAM,YAAY,IAAI,WAAW,IAAI,KAAK;AAC1C,WAAO,MAAM,YAAY;AAAA,EAC3B,GAAG,EAAE;AACP;AACA,SAAS,uBAAuB,OAAyB;AACvD,MAAI,MAAM,SAAS,iBAAiB;AAClC,WAAO,0BAA0B,MAAM,MAAM;AAAA,EAC/C;AAEA,MAAI,MAAM,KAAK,WAAW,GAAG;AAE3B,QAAI,MAAM,KAAK,WAAW,GAAG;AAC3B,YAAM,aAAa,MAAM,KAAK,CAAC;AAE/B,UAAI,OAAO,eAAe,UAAU;AAClC,eAAO,GAAG,MAAM,OAAO,aAAa,UAAU;AAAA,MAChD;AAAA,IACF;AAEA,WAAO,GAAG,MAAM,OAAO,QAAQ,SAAS,MAAM,IAAI,CAAC;AAAA,EACrD;AAEA,SAAO,MAAM;AACf;AAEA,SAAS,0BAA0B,aAAmC;AACpE,SAAO,YACJ,OAAiB,CAAC,KAAK,WAAW;AACjC,UAAM,YAAY,OACf,IAAI,CAAC,UAAU,uBAAuB,KAAK,CAAC,EAC5C,KAAK,UAAU,cAAc;AAEhC,QAAI,CAAC,IAAI,SAAS,SAAS,EAAG,KAAI,KAAK,SAAS;AAEhD,WAAO;AAAA,EACT,GAAG,CAAC,CAAC,EACJ,KAAK,UAAU,cAAc;AAClC;AAEO,SAAS,eAAe,OAA4B;AACzD,MAAI,CAAC,MAAO,QAAO;AAEnB,SAAO,MAAO,OAAO,OAAO,IAAI,CAAC,UAAU,uBAAuB,KAAK,CAAC,EAAE,KAAK,UAAU,cAAc,CAAC;AAC1G;;;ACtEO,IAAM,iBAAiB,CAC5B,UAEA,OAAO,QAAQ,KAAK,EACjB,OAAO,CAAC,CAAC,EAAE,CAAC,MAAM,MAAM,MAAS,EACjC,IAAI,CAAC,CAAC,GAAG,CAAC,MAAM;AACf,MAAI,MAAM,QAAQ,CAAC,EAAG,QAAO,CAAC,GAAG,IAAI,EAAE,KAAK,IAAI,CAAC,GAAG;AACpD,MAAI,OAAO,MAAM,SAAU,QAAO,CAAC,GAAG,KAAK,UAAU,CAAC,CAAC;AACvD,SAAO,CAAC,GAAG,CAAC;AACd,CAAC,EACA,IAAI,CAAC,MAAM,EAAE,KAAK,GAAG,CAAC,EACtB,KAAK,GAAG;AAKN,IAAM,4BAAN,cAAwC,MAAM;AAAA,EACnD,OAAO;AAAA,EACP;AAAA,EACA;AAAA,EAEA,YAAY;AAAA,IACV;AAAA,IACA;AAAA,IACA;AAAA,EACF,GAIG;AACD,UAAM,eAAe,EAAE,SAAS,QAAQ,WAAW,CAAC,CAAC;AACrD,SAAK,SAAS;AACd,SAAK,aAAa;AAAA,EACpB;AACF;AAkBO,IAAM,4BAAN,MAAM,mCAAkC,MAAM;AAAA,EAGnD,YACkB,SACA,kBACA,mBAChB;AACA;AAAA,MACE,YAAY,OAAO,8BAA8B,gBAAgB;AAAA,sBACxC,kBAAkB,KAAK,IAAI,CAAC;AAAA,IACvD;AAPgB;AACA;AACA;AAMhB,SAAK,OAAO;AAGZ,UAAM,mBAAmB;AAGzB,QAAI,OAAO,iBAAiB,sBAAsB,YAAY;AAC5D,uBAAiB,kBAAkB,MAAM,0BAAyB;AAAA,IACpE;AAAA,EACF;AAAA,EApBgB,OAAO;AAqBzB;AAEO,IAAM,kBAAN,cAA8B,MAAM;AAAA,EAClC;AAAA,EAEP,YAAY,SAAiB,UAAuB;AAClD,UAAM,OAAO;AAEb,UAAM,iBAAiB,eAAe,QAAQ;AAC9C,SAAK,UAAU,GAAG,OAAO;AAAA,EAAK,cAAc;AAE5C,WAAO,eAAe,MAAM,YAAY;AAAA,MACtC,YAAY;AAAA,MACZ,OAAO;AAAA,MACP,UAAU;AAAA,IACZ,CAAC;AAAA,EACH;AACF;;;ACnGO,IAAM,mBACX,CAAC,QAA2B,gBAC5B,OAAO,QAAqC;AAC1C,MACE,MAAM,QAAQ,MAAM,IAChB,CAAC,OAAO,SAAS,IAAI,MAAM,IAC3B,IAAI,WAAW,QACnB;AACA,UAAM,aAAa,eAAe;AAClC,UAAM,IAAI,WAAW;AAAA,MACnB,SAAS,iCAAiC,MAAM,SAAS,IAAI,MAAM,UAAU,IAAI,GAAG;AAAA,MACpF,QAAQ,MAAM,qBAAqB,GAAG;AAAA;AAAA,MACtC,YAAY,IAAI;AAAA,IAClB,CAAC;AAAA,EACH;AACA,SAAO;AACT;AAKK,IAAM,uBAAuB,CAClC,aAEA,SAAS,QAAQ,IAAI,cAAc,GAAG,SAAS,kBAAkB,IAC5D,SAAS,KAAK,IACf,SAAS,KAAK;;;AC7BpB,IAAM,4BAA4B;AAElC,SAAS,cAAc,OAAwB;AAC7C,MAAI;AACF,UAAM,SAAS,KAAK;AAAA,MAAU;AAAA,MAAO,CAAC,MAAM,QAC1C,OAAO,QAAQ,WAAW,YAAY,GAAG,MAAM;AAAA,IACjD;AACA,QAAI,WAAW,QAAW;AACxB,aAAO,OAAO,KAAK;AAAA,IACrB;AACA,WAAO,OAAO,SAAS,4BACnB,GAAG,OAAO,MAAM,GAAG,yBAAyB,CAAC,WAC7C;AAAA,EACN,QAAQ;AACN,WAAO;AAAA,EACT;AACF;AAEO,SAAS,uBACd,QACA,MACA,oBACiB;AACjB,QAAM,cAAc,OAAO,UAAU,IAAI;AAEzC,MAAI,CAAC,YAAY,SAAS;AACxB,UAAM,IAAI;AAAA,MACR,sBACE,qCAAqC,cAAc,IAAI,CAAC;AAAA,MAC1D,YAAY;AAAA,IACd;AAAA,EACF;AAEA,SAAO,YAAY;AACrB;AAEO,SAAS,YAAY,SAAiB,QAAyB;AACpE,SAAO,SAAS,GAAG,MAAM,IAAI,OAAO,KAAK;AAC3C;;;AC5CA,iBAAc;AAQP,IAAM,4BAA4B,WAAAC,QAAE,KAAK;AAAA,EAC9C;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AACF,CAAC;AAKM,IAAM,cAAc,WAAAA,QAAE,KAAK;AAAA,EAChC;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AACF,CAAC;;;AC5BM,SAAS,oBAAoB,SAAsC;AACxE,QAAM,MAAM,QAAQ,OAAO,oBAAI,KAAK;AACpC,QAAM,aAAa,KAAK,MAAM,IAAI,QAAQ,IAAI,GAAI;AAElD,MAAI,aAAa,QAAQ,MAAM,qBAAqB;AAClD,UAAM,IAAI,MAAM,wDAAwD;AAAA,EAC1E;AAEA,MAAI,QAAQ,MAAM,aAAa,8BAA8B;AAC3D,UAAM,IAAI,MAAM,2CAA2C;AAAA,EAC7D;AACF;;;ARHA,oBAOO;AAEP,mBAeO;","names":["ItWalletSpecsVersion","z"]}
package/dist/index.mjs CHANGED
@@ -2,6 +2,7 @@
2
2
  var ItWalletSpecsVersion = /* @__PURE__ */ ((ItWalletSpecsVersion2) => {
3
3
  ItWalletSpecsVersion2["V1_0"] = "V1_0";
4
4
  ItWalletSpecsVersion2["V1_3"] = "V1_3";
5
+ ItWalletSpecsVersion2["V1_4"] = "V1_4";
5
6
  return ItWalletSpecsVersion2;
6
7
  })(ItWalletSpecsVersion || {});
7
8
  function hasConfigVersion(options, version) {
@@ -191,9 +192,20 @@ function parseWithErrorHandling(schema, data, customErrorMessage) {
191
192
  }
192
193
  return parseResult.data;
193
194
  }
195
+ function formatError(message, prefix) {
196
+ return prefix ? `${prefix} ${message}` : message;
197
+ }
194
198
 
195
199
  // src/validation.ts
196
200
  import z from "zod";
201
+ var zItwSupportedSignatureAlg = z.enum([
202
+ "ES256",
203
+ "ES384",
204
+ "ES512",
205
+ "PS256",
206
+ "PS384",
207
+ "PS512"
208
+ ]);
197
209
  var zHttpMethod = z.enum([
198
210
  "GET",
199
211
  "POST",
@@ -219,6 +231,11 @@ function verifyJwtIatOrThrow(options) {
219
231
  }
220
232
 
221
233
  // src/index.ts
234
+ import {
235
+ HashAlgorithm,
236
+ calculateJwkThumbprint,
237
+ decodeJwt
238
+ } from "@openid4vc/oauth2";
222
239
  import {
223
240
  ContentType,
224
241
  JsonParseError,
@@ -239,6 +256,7 @@ export {
239
256
  CONTENT_TYPES,
240
257
  ContentType,
241
258
  HEADERS,
259
+ HashAlgorithm,
242
260
  IoWalletSdkConfig,
243
261
  ItWalletSpecsVersion,
244
262
  ItWalletSpecsVersionError,
@@ -247,12 +265,15 @@ export {
247
265
  UnexpectedStatusCodeError,
248
266
  ValidationError,
249
267
  addSecondsToDate,
268
+ calculateJwkThumbprint,
250
269
  createFetcher,
251
270
  dateToSeconds,
252
271
  decodeBase64,
272
+ decodeJwt,
253
273
  decodeUtf8String,
254
274
  encodeToBase64Url,
255
275
  encodeToUtf8String,
276
+ formatError,
256
277
  formatZodError,
257
278
  hasConfigVersion,
258
279
  hasStatusOrThrow,
@@ -264,6 +285,7 @@ export {
264
285
  setGlobalConfig,
265
286
  stringToJsonWithErrorHandling,
266
287
  verifyJwtIatOrThrow,
267
- zHttpMethod
288
+ zHttpMethod,
289
+ zItwSupportedSignatureAlg
268
290
  };
269
291
  //# sourceMappingURL=index.mjs.map
package/dist/index.mjs.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../src/config.ts","../src/constants.ts","../src/errors/parse.ts","../src/errors/errors.ts","../src/fetcher.ts","../src/parse.ts","../src/validation.ts","../src/verify.ts","../src/index.ts"],"sourcesContent":["/**\n * Supported versions of the Italian Wallet technical specifications\n */\nexport enum ItWalletSpecsVersion {\n V1_0 = \"V1_0\",\n V1_3 = \"V1_3\",\n}\n\n/**\n * Configuration options for the IO Wallet SDK\n */\nexport interface IoWalletSdkConfigOptions<\n V extends ItWalletSpecsVersion = ItWalletSpecsVersion,\n> {\n /**\n * The version of the Italian Wallet specification to use.\n * REQUIRED - must be explicitly set by the user.\n *\n * @example\n * const config = new IoWalletSdkConfig({ itWalletSpecsVersion: ItWalletSpecsVersion.V1_3 });\n */\n itWalletSpecsVersion: V;\n}\n\ninterface WithConfig {\n config: IoWalletSdkConfig;\n}\n\ntype WithConfigVersion<\n T extends WithConfig,\n V extends ItWalletSpecsVersion,\n> = T extends { config: IoWalletSdkConfig<V> } ? T : never;\n\n/**\n * Type guard to check if the provided options have a specific config version\n *\n * @param options - The options object containing the config to check\n * @param version - The version to check against\n * @returns True if the options' config version matches the provided version\n */\nexport function hasConfigVersion<\n T extends WithConfig,\n V extends ItWalletSpecsVersion,\n>(options: T, version: V): options is WithConfigVersion<T, V> {\n return options.config.itWalletSpecsVersion === version;\n}\n\n/**\n * Configuration class for the IO Wallet SDK\n *\n * This class manages the version of the Italian Wallet technical specifications\n * to use throughout the SDK. The version determines the format of credential\n * requests and responses.\n *\n * @example Basic usage\n * const config = new IoWalletSdkConfig({ itWalletSpecsVersion: ItWalletSpecsVersion.V1_0 });\n * console.log(config.itWalletSpecsVersion); // ItWalletSpecsVersion.V1_0\n *\n * @example Type guard usage\n * if (config.isVersion(ItWalletSpecsVersion.V1_3)) {\n * // TypeScript narrows config.itWalletSpecsVersion to ItWalletSpecsVersion.V1_3\n * }\n */\nexport class IoWalletSdkConfig<\n V extends ItWalletSpecsVersion = ItWalletSpecsVersion,\n> {\n public readonly itWalletSpecsVersion: V;\n\n constructor(options: IoWalletSdkConfigOptions<V>) {\n this.itWalletSpecsVersion = options.itWalletSpecsVersion;\n }\n\n /**\n * Type guard for version checking\n *\n * @param version - The version to check against\n * @returns True if the config's version matches the provided version\n *\n * @internal\n */\n isVersion<W extends ItWalletSpecsVersion>(\n version: W,\n ): this is IoWalletSdkConfig<W> {\n const currentVersion: ItWalletSpecsVersion = this.itWalletSpecsVersion;\n return currentVersion === version;\n }\n}\n","/**\n * HTTP Content-Type constants for OAuth2 requests\n */\nexport const CONTENT_TYPES = {\n FORM_URLENCODED: \"application/x-www-form-urlencoded\",\n JSON: \"application/json\",\n} as const;\n\n/**\n * HTTP Header constants\n */\nexport const HEADERS = {\n AUTHORIZATION: \"Authorization\",\n CONTENT_TYPE: \"Content-Type\",\n DPOP: \"DPoP\",\n OAUTH_CLIENT_ATTESTATION: \"OAuth-Client-Attestation\",\n OAUTH_CLIENT_ATTESTATION_POP: \"OAuth-Client-Attestation-PoP\",\n} as const;\n\nexport const MAX_IAT_AGE_SECONDS = 5 * 60;\nexport const CLOCK_SKEW_TOLERANCE_SECONDS = 60;\n","import type z from \"zod\";\n\n/**\n * Some code comes from `zod-validation-error` package (MIT License) and\n * was slightly simplified to fit our needs.\n */\nconst constants = {\n identifierRegex: /[$_\\p{ID_Start}][$\\u200c\\u200d\\p{ID_Continue}]*/u,\n issueSeparator: \"\\n\\t- \",\n unionSeparator: \", or \",\n};\n\nfunction escapeQuotes(str: string): string {\n return str.replace(/\\\\/g, \"\\\\\\\\\").replace(/\"/g, '\\\\\"');\n}\n\ntype ZodIssue = z.ZodError[\"issues\"][number];\n\nfunction joinPath(path: PropertyKey[]): string {\n if (path.length === 1 && path[0] !== undefined) {\n return String(path[0]);\n }\n\n return path.reduce<string>((acc, item) => {\n // handle numeric indices\n if (typeof item === \"number\") {\n return `${acc}[${item.toString()}]`;\n }\n\n if (typeof item === \"symbol\") {\n return `${acc}[${JSON.stringify(String(item))}]`;\n }\n\n // handle quoted values\n if (item.includes('\"')) {\n return `${acc}[\"${escapeQuotes(item)}\"]`;\n }\n\n // handle special characters\n if (!constants.identifierRegex.test(item)) {\n return `${acc}[\"${item}\"]`;\n }\n\n // handle normal values\n const separator = acc.length === 0 ? \"\" : \".\";\n return acc + separator + item;\n }, \"\");\n}\nfunction getMessageFromZodIssue(issue: ZodIssue): string {\n if (issue.code === \"invalid_union\") {\n return getMessageFromUnionErrors(issue.errors);\n }\n\n if (issue.path.length !== 0) {\n // handle array indices\n if (issue.path.length === 1) {\n const identifier = issue.path[0];\n\n if (typeof identifier === \"number\") {\n return `${issue.message} at index ${identifier}`;\n }\n }\n\n return `${issue.message} at \"${joinPath(issue.path)}\"`;\n }\n\n return issue.message;\n}\n\nfunction getMessageFromUnionErrors(unionErrors: ZodIssue[][]): string {\n return unionErrors\n .reduce<string[]>((acc, issues) => {\n const newIssues = issues\n .map((issue) => getMessageFromZodIssue(issue))\n .join(constants.issueSeparator);\n\n if (!acc.includes(newIssues)) acc.push(newIssues);\n\n return acc;\n }, [])\n .join(constants.unionSeparator);\n}\n\nexport function formatZodError(error?: z.ZodError): string {\n if (!error) return \"\";\n\n return `\\t- ${error?.issues.map((issue) => getMessageFromZodIssue(issue)).join(constants.issueSeparator)}`;\n}\n","import type { ZodError, z } from \"zod\";\n\nimport { formatZodError } from \"./parse\";\n\n// An error reason that supports both a string and a generic JSON object\ntype GenericErrorReason = Record<string, unknown> | string;\n\n/**\n * utility to format a set of attributes into an error message string\n *\n * @example\n * // returns \"foo=value bar=(list, item)\"\n * serializeAttrs({ foo: \"value\", bar: [\"list\", \"item\"] })\n *\n * @param attrs A key value record set\n * @returns a human-readable serialization of the set\n */\nexport const serializeAttrs = (\n attrs: Record<string, GenericErrorReason | number | string[] | undefined>,\n): string =>\n Object.entries(attrs)\n .filter(([, v]) => v !== undefined)\n .map(([k, v]) => {\n if (Array.isArray(v)) return [k, `(${v.join(\", \")})`];\n if (typeof v !== \"string\") return [k, JSON.stringify(v)];\n return [k, v];\n })\n .map((_) => _.join(\"=\"))\n .join(\" \");\n\n/**\n * An error subclass thrown when an HTTP request has a status code different from the one expected.\n */\nexport class UnexpectedStatusCodeError extends Error {\n code = \"ERR_UNEXPECTED_STATUS_CODE\";\n reason: GenericErrorReason;\n statusCode: number;\n\n constructor({\n message,\n reason,\n statusCode,\n }: {\n message: string;\n reason: GenericErrorReason;\n statusCode: number;\n }) {\n super(serializeAttrs({ message, reason, statusCode }));\n this.reason = reason;\n this.statusCode = statusCode;\n }\n}\n\n/**\n * An error subclass thrown when an unsupported Italian Wallet specification version is requested.\n *\n * This error is thrown when:\n * - A feature or method is called with a version that it doesn't support\n * - An invalid version identifier is provided\n *\n * @example\n * throw new ItWalletSpecsVersionError(\n * 'createCredentialRequest',\n * '2.0.0',\n * [ItWalletSpecsVersion.V1_0, ItWalletSpecsVersion.V1_3]\n * );\n * // Error: Feature \"createCredentialRequest\" does not support version 2.0.0.\n * // Supported versions: V1_0, V1_3\n */\nexport class ItWalletSpecsVersionError extends Error {\n public readonly code = \"IT_WALLET_SPECS_VERSION_ERROR\";\n\n constructor(\n public readonly feature: string,\n public readonly requestedVersion: string,\n public readonly supportedVersions: readonly string[],\n ) {\n super(\n `Feature \"${feature}\" does not support version ${requestedVersion}.\\n` +\n `Supported versions: ${supportedVersions.join(\", \")}`,\n );\n this.name = \"ItWalletSpecsVersionError\";\n\n // Maintain proper stack trace for V8 engines (Node.js, Chrome)\n const ErrorConstructor = Error as {\n captureStackTrace?: (target: object, constructor: unknown) => void;\n };\n if (typeof ErrorConstructor.captureStackTrace === \"function\") {\n ErrorConstructor.captureStackTrace(this, ItWalletSpecsVersionError);\n }\n }\n}\n\nexport class ValidationError extends Error {\n public zodError: ZodError | undefined;\n\n constructor(message: string, zodError?: z.ZodError) {\n super(message);\n\n const formattedError = formatZodError(zodError);\n this.message = `${message}\\n${formattedError}`;\n\n Object.defineProperty(this, \"zodError\", {\n enumerable: false,\n value: zodError,\n writable: false,\n });\n }\n}\n","import { UnexpectedStatusCodeError } from \"./errors\";\n\n/**\n * Check if a response is in the expected status, otherwise throw an error\n * @param status - The expected status\n * @param customError - A custom error compatible with {@link UnexpectedStatusCodeError}\n * @throws UnexpectedStatusCodeError if the status is different from the one expected\n * @returns The given response object\n */\nexport const hasStatusOrThrow =\n (status: number | number[], customError?: typeof UnexpectedStatusCodeError) =>\n async (res: Response): Promise<Response> => {\n if (\n Array.isArray(status)\n ? !status.includes(res.status)\n : res.status !== status\n ) {\n const ErrorClass = customError ?? UnexpectedStatusCodeError;\n throw new ErrorClass({\n message: `Http request failed. Expected ${status}, got ${res.status}, url: ${res.url}`,\n reason: await parseRawHttpResponse(res), // Pass the response body as reason so the original error can surface\n statusCode: res.status,\n });\n }\n return res;\n };\n\n/**\n * Utility function to parse a raw HTTP response as JSON if supported, otherwise as text.\n */\nexport const parseRawHttpResponse = <T extends Record<string, unknown>>(\n response: Response,\n) =>\n response.headers.get(\"content-type\")?.includes(\"application/json\")\n ? (response.json() as Promise<T>)\n : response.text();\n","import { z } from \"zod\";\n\nimport { ValidationError } from \"./errors/errors\";\n\nexport type BaseSchema = z.ZodTypeAny;\n\nconst SAFE_STRINGIFY_MAX_LENGTH = 200;\n\nfunction safeStringify(value: unknown): string {\n try {\n const result = JSON.stringify(value, (_key, val) =>\n typeof val === \"bigint\" ? `[BigInt: ${val}]` : val,\n );\n if (result === undefined) {\n return String(value);\n }\n return result.length > SAFE_STRINGIFY_MAX_LENGTH\n ? `${result.slice(0, SAFE_STRINGIFY_MAX_LENGTH)}…`\n : result;\n } catch {\n return \"[unserializable]\";\n }\n}\n\nexport function parseWithErrorHandling<Schema extends BaseSchema>(\n schema: Schema,\n data: unknown,\n customErrorMessage?: string,\n): z.infer<Schema> {\n const parseResult = schema.safeParse(data);\n\n if (!parseResult.success) {\n throw new ValidationError(\n customErrorMessage ??\n `Error validating schema with data ${safeStringify(data)}`,\n parseResult.error,\n );\n }\n\n return parseResult.data;\n}\n","import z from \"zod\";\n\nexport const zHttpMethod = z.enum([\n \"GET\",\n \"POST\",\n \"PUT\",\n \"DELETE\",\n \"HEAD\",\n \"OPTIONS\",\n \"TRACE\",\n \"CONNECT\",\n \"PATCH\",\n]);\nexport type HttpMethod = z.infer<typeof zHttpMethod>;\n","import { CLOCK_SKEW_TOLERANCE_SECONDS, MAX_IAT_AGE_SECONDS } from \"./constants\";\n\nexport function verifyJwtIatOrThrow(options: { iat: number; now?: Date }) {\n const now = options.now ?? new Date();\n const nowSeconds = Math.floor(now.getTime() / 1000);\n\n if (nowSeconds - options.iat > MAX_IAT_AGE_SECONDS) {\n throw new Error(\"iat claim in JWT is too old (must be within 5 minutes)\");\n }\n\n if (options.iat - nowSeconds > CLOCK_SKEW_TOLERANCE_SECONDS) {\n throw new Error(\"iat claim in JWT is too far in the future\");\n }\n}\n","export * from \"./config\";\nexport * from \"./constants\";\nexport * from \"./errors\";\nexport * from \"./fetcher\";\nexport type * from \"./globals\";\nexport * from \"./parse\";\nexport * from \"./validation\";\nexport * from \"./verify\";\n\nexport {\n ContentType,\n type Fetch,\n JsonParseError,\n addSecondsToDate,\n createFetcher,\n dateToSeconds,\n decodeBase64,\n decodeUtf8String,\n encodeToBase64Url,\n encodeToUtf8String,\n objectToQueryParams,\n parseIfJson,\n setGlobalConfig,\n stringToJsonWithErrorHandling,\n} from \"@openid4vc/utils\";\n"],"mappings":";AAGO,IAAK,uBAAL,kBAAKA,0BAAL;AACL,EAAAA,sBAAA,UAAO;AACP,EAAAA,sBAAA,UAAO;AAFG,SAAAA;AAAA,GAAA;AAqCL,SAAS,iBAGd,SAAY,SAAgD;AAC5D,SAAO,QAAQ,OAAO,yBAAyB;AACjD;AAkBO,IAAM,oBAAN,MAEL;AAAA,EACgB;AAAA,EAEhB,YAAY,SAAsC;AAChD,SAAK,uBAAuB,QAAQ;AAAA,EACtC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAUA,UACE,SAC8B;AAC9B,UAAM,iBAAuC,KAAK;AAClD,WAAO,mBAAmB;AAAA,EAC5B;AACF;;;ACnFO,IAAM,gBAAgB;AAAA,EAC3B,iBAAiB;AAAA,EACjB,MAAM;AACR;AAKO,IAAM,UAAU;AAAA,EACrB,eAAe;AAAA,EACf,cAAc;AAAA,EACd,MAAM;AAAA,EACN,0BAA0B;AAAA,EAC1B,8BAA8B;AAChC;AAEO,IAAM,sBAAsB,IAAI;AAChC,IAAM,+BAA+B;;;ACd5C,IAAM,YAAY;AAAA,EAChB,iBAAiB;AAAA,EACjB,gBAAgB;AAAA,EAChB,gBAAgB;AAClB;AAEA,SAAS,aAAa,KAAqB;AACzC,SAAO,IAAI,QAAQ,OAAO,MAAM,EAAE,QAAQ,MAAM,KAAK;AACvD;AAIA,SAAS,SAAS,MAA6B;AAC7C,MAAI,KAAK,WAAW,KAAK,KAAK,CAAC,MAAM,QAAW;AAC9C,WAAO,OAAO,KAAK,CAAC,CAAC;AAAA,EACvB;AAEA,SAAO,KAAK,OAAe,CAAC,KAAK,SAAS;AAExC,QAAI,OAAO,SAAS,UAAU;AAC5B,aAAO,GAAG,GAAG,IAAI,KAAK,SAAS,CAAC;AAAA,IAClC;AAEA,QAAI,OAAO,SAAS,UAAU;AAC5B,aAAO,GAAG,GAAG,IAAI,KAAK,UAAU,OAAO,IAAI,CAAC,CAAC;AAAA,IAC/C;AAGA,QAAI,KAAK,SAAS,GAAG,GAAG;AACtB,aAAO,GAAG,GAAG,KAAK,aAAa,IAAI,CAAC;AAAA,IACtC;AAGA,QAAI,CAAC,UAAU,gBAAgB,KAAK,IAAI,GAAG;AACzC,aAAO,GAAG,GAAG,KAAK,IAAI;AAAA,IACxB;AAGA,UAAM,YAAY,IAAI,WAAW,IAAI,KAAK;AAC1C,WAAO,MAAM,YAAY;AAAA,EAC3B,GAAG,EAAE;AACP;AACA,SAAS,uBAAuB,OAAyB;AACvD,MAAI,MAAM,SAAS,iBAAiB;AAClC,WAAO,0BAA0B,MAAM,MAAM;AAAA,EAC/C;AAEA,MAAI,MAAM,KAAK,WAAW,GAAG;AAE3B,QAAI,MAAM,KAAK,WAAW,GAAG;AAC3B,YAAM,aAAa,MAAM,KAAK,CAAC;AAE/B,UAAI,OAAO,eAAe,UAAU;AAClC,eAAO,GAAG,MAAM,OAAO,aAAa,UAAU;AAAA,MAChD;AAAA,IACF;AAEA,WAAO,GAAG,MAAM,OAAO,QAAQ,SAAS,MAAM,IAAI,CAAC;AAAA,EACrD;AAEA,SAAO,MAAM;AACf;AAEA,SAAS,0BAA0B,aAAmC;AACpE,SAAO,YACJ,OAAiB,CAAC,KAAK,WAAW;AACjC,UAAM,YAAY,OACf,IAAI,CAAC,UAAU,uBAAuB,KAAK,CAAC,EAC5C,KAAK,UAAU,cAAc;AAEhC,QAAI,CAAC,IAAI,SAAS,SAAS,EAAG,KAAI,KAAK,SAAS;AAEhD,WAAO;AAAA,EACT,GAAG,CAAC,CAAC,EACJ,KAAK,UAAU,cAAc;AAClC;AAEO,SAAS,eAAe,OAA4B;AACzD,MAAI,CAAC,MAAO,QAAO;AAEnB,SAAO,MAAO,OAAO,OAAO,IAAI,CAAC,UAAU,uBAAuB,KAAK,CAAC,EAAE,KAAK,UAAU,cAAc,CAAC;AAC1G;;;ACtEO,IAAM,iBAAiB,CAC5B,UAEA,OAAO,QAAQ,KAAK,EACjB,OAAO,CAAC,CAAC,EAAE,CAAC,MAAM,MAAM,MAAS,EACjC,IAAI,CAAC,CAAC,GAAG,CAAC,MAAM;AACf,MAAI,MAAM,QAAQ,CAAC,EAAG,QAAO,CAAC,GAAG,IAAI,EAAE,KAAK,IAAI,CAAC,GAAG;AACpD,MAAI,OAAO,MAAM,SAAU,QAAO,CAAC,GAAG,KAAK,UAAU,CAAC,CAAC;AACvD,SAAO,CAAC,GAAG,CAAC;AACd,CAAC,EACA,IAAI,CAAC,MAAM,EAAE,KAAK,GAAG,CAAC,EACtB,KAAK,GAAG;AAKN,IAAM,4BAAN,cAAwC,MAAM;AAAA,EACnD,OAAO;AAAA,EACP;AAAA,EACA;AAAA,EAEA,YAAY;AAAA,IACV;AAAA,IACA;AAAA,IACA;AAAA,EACF,GAIG;AACD,UAAM,eAAe,EAAE,SAAS,QAAQ,WAAW,CAAC,CAAC;AACrD,SAAK,SAAS;AACd,SAAK,aAAa;AAAA,EACpB;AACF;AAkBO,IAAM,4BAAN,MAAM,mCAAkC,MAAM;AAAA,EAGnD,YACkB,SACA,kBACA,mBAChB;AACA;AAAA,MACE,YAAY,OAAO,8BAA8B,gBAAgB;AAAA,sBACxC,kBAAkB,KAAK,IAAI,CAAC;AAAA,IACvD;AAPgB;AACA;AACA;AAMhB,SAAK,OAAO;AAGZ,UAAM,mBAAmB;AAGzB,QAAI,OAAO,iBAAiB,sBAAsB,YAAY;AAC5D,uBAAiB,kBAAkB,MAAM,0BAAyB;AAAA,IACpE;AAAA,EACF;AAAA,EApBgB,OAAO;AAqBzB;AAEO,IAAM,kBAAN,cAA8B,MAAM;AAAA,EAClC;AAAA,EAEP,YAAY,SAAiB,UAAuB;AAClD,UAAM,OAAO;AAEb,UAAM,iBAAiB,eAAe,QAAQ;AAC9C,SAAK,UAAU,GAAG,OAAO;AAAA,EAAK,cAAc;AAE5C,WAAO,eAAe,MAAM,YAAY;AAAA,MACtC,YAAY;AAAA,MACZ,OAAO;AAAA,MACP,UAAU;AAAA,IACZ,CAAC;AAAA,EACH;AACF;;;ACnGO,IAAM,mBACX,CAAC,QAA2B,gBAC5B,OAAO,QAAqC;AAC1C,MACE,MAAM,QAAQ,MAAM,IAChB,CAAC,OAAO,SAAS,IAAI,MAAM,IAC3B,IAAI,WAAW,QACnB;AACA,UAAM,aAAa,eAAe;AAClC,UAAM,IAAI,WAAW;AAAA,MACnB,SAAS,iCAAiC,MAAM,SAAS,IAAI,MAAM,UAAU,IAAI,GAAG;AAAA,MACpF,QAAQ,MAAM,qBAAqB,GAAG;AAAA;AAAA,MACtC,YAAY,IAAI;AAAA,IAClB,CAAC;AAAA,EACH;AACA,SAAO;AACT;AAKK,IAAM,uBAAuB,CAClC,aAEA,SAAS,QAAQ,IAAI,cAAc,GAAG,SAAS,kBAAkB,IAC5D,SAAS,KAAK,IACf,SAAS,KAAK;;;AC7BpB,IAAM,4BAA4B;AAElC,SAAS,cAAc,OAAwB;AAC7C,MAAI;AACF,UAAM,SAAS,KAAK;AAAA,MAAU;AAAA,MAAO,CAAC,MAAM,QAC1C,OAAO,QAAQ,WAAW,YAAY,GAAG,MAAM;AAAA,IACjD;AACA,QAAI,WAAW,QAAW;AACxB,aAAO,OAAO,KAAK;AAAA,IACrB;AACA,WAAO,OAAO,SAAS,4BACnB,GAAG,OAAO,MAAM,GAAG,yBAAyB,CAAC,WAC7C;AAAA,EACN,QAAQ;AACN,WAAO;AAAA,EACT;AACF;AAEO,SAAS,uBACd,QACA,MACA,oBACiB;AACjB,QAAM,cAAc,OAAO,UAAU,IAAI;AAEzC,MAAI,CAAC,YAAY,SAAS;AACxB,UAAM,IAAI;AAAA,MACR,sBACE,qCAAqC,cAAc,IAAI,CAAC;AAAA,MAC1D,YAAY;AAAA,IACd;AAAA,EACF;AAEA,SAAO,YAAY;AACrB;;;ACxCA,OAAO,OAAO;AAEP,IAAM,cAAc,EAAE,KAAK;AAAA,EAChC;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AACF,CAAC;;;ACVM,SAAS,oBAAoB,SAAsC;AACxE,QAAM,MAAM,QAAQ,OAAO,oBAAI,KAAK;AACpC,QAAM,aAAa,KAAK,MAAM,IAAI,QAAQ,IAAI,GAAI;AAElD,MAAI,aAAa,QAAQ,MAAM,qBAAqB;AAClD,UAAM,IAAI,MAAM,wDAAwD;AAAA,EAC1E;AAEA,MAAI,QAAQ,MAAM,aAAa,8BAA8B;AAC3D,UAAM,IAAI,MAAM,2CAA2C;AAAA,EAC7D;AACF;;;ACJA;AAAA,EACE;AAAA,EAEA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,OACK;","names":["ItWalletSpecsVersion"]}
1
+ {"version":3,"sources":["../src/config.ts","../src/constants.ts","../src/errors/parse.ts","../src/errors/errors.ts","../src/fetcher.ts","../src/parse.ts","../src/validation.ts","../src/verify.ts","../src/index.ts"],"sourcesContent":["/**\n * Supported versions of the Italian Wallet technical specifications\n */\nexport enum ItWalletSpecsVersion {\n V1_0 = \"V1_0\",\n V1_3 = \"V1_3\",\n V1_4 = \"V1_4\",\n}\n\n/**\n * Configuration options for the IO Wallet SDK\n */\nexport interface IoWalletSdkConfigOptions<\n V extends ItWalletSpecsVersion = ItWalletSpecsVersion,\n> {\n /**\n * The version of the Italian Wallet specification to use.\n * REQUIRED - must be explicitly set by the user.\n *\n * @example\n * const config = new IoWalletSdkConfig({ itWalletSpecsVersion: ItWalletSpecsVersion.V1_3 });\n */\n itWalletSpecsVersion: V;\n}\n\ninterface WithConfig {\n config: IoWalletSdkConfig;\n}\n\ntype WithConfigVersion<\n T extends WithConfig,\n V extends ItWalletSpecsVersion,\n> = T extends { config: IoWalletSdkConfig<V> } ? T : never;\n\n/**\n * Type guard to check if the provided options have a specific config version\n *\n * @param options - The options object containing the config to check\n * @param version - The version to check against\n * @returns True if the options' config version matches the provided version\n */\nexport function hasConfigVersion<\n T extends WithConfig,\n V extends ItWalletSpecsVersion,\n>(options: T, version: V): options is WithConfigVersion<T, V> {\n return options.config.itWalletSpecsVersion === version;\n}\n\n/**\n * Configuration class for the IO Wallet SDK\n *\n * This class manages the version of the Italian Wallet technical specifications\n * to use throughout the SDK. The version determines the format of credential\n * requests and responses.\n *\n * @example Basic usage\n * const config = new IoWalletSdkConfig({ itWalletSpecsVersion: ItWalletSpecsVersion.V1_0 });\n * console.log(config.itWalletSpecsVersion); // ItWalletSpecsVersion.V1_0\n *\n * @example Type guard usage\n * if (config.isVersion(ItWalletSpecsVersion.V1_3)) {\n * // TypeScript narrows config.itWalletSpecsVersion to ItWalletSpecsVersion.V1_3\n * }\n */\nexport class IoWalletSdkConfig<\n V extends ItWalletSpecsVersion = ItWalletSpecsVersion,\n> {\n public readonly itWalletSpecsVersion: V;\n\n constructor(options: IoWalletSdkConfigOptions<V>) {\n this.itWalletSpecsVersion = options.itWalletSpecsVersion;\n }\n\n /**\n * Type guard for version checking\n *\n * @param version - The version to check against\n * @returns True if the config's version matches the provided version\n *\n * @internal\n */\n isVersion<W extends ItWalletSpecsVersion>(\n version: W,\n ): this is IoWalletSdkConfig<W> {\n const currentVersion: ItWalletSpecsVersion = this.itWalletSpecsVersion;\n return currentVersion === version;\n }\n}\n","/**\n * HTTP Content-Type constants for OAuth2 requests\n */\nexport const CONTENT_TYPES = {\n FORM_URLENCODED: \"application/x-www-form-urlencoded\",\n JSON: \"application/json\",\n} as const;\n\n/**\n * HTTP Header constants\n */\nexport const HEADERS = {\n AUTHORIZATION: \"Authorization\",\n CONTENT_TYPE: \"Content-Type\",\n DPOP: \"DPoP\",\n OAUTH_CLIENT_ATTESTATION: \"OAuth-Client-Attestation\",\n OAUTH_CLIENT_ATTESTATION_POP: \"OAuth-Client-Attestation-PoP\",\n} as const;\n\nexport const MAX_IAT_AGE_SECONDS = 5 * 60;\nexport const CLOCK_SKEW_TOLERANCE_SECONDS = 60;\n","import type z from \"zod\";\n\n/**\n * Some code comes from `zod-validation-error` package (MIT License) and\n * was slightly simplified to fit our needs.\n */\nconst constants = {\n identifierRegex: /[$_\\p{ID_Start}][$\\u200c\\u200d\\p{ID_Continue}]*/u,\n issueSeparator: \"\\n\\t- \",\n unionSeparator: \", or \",\n};\n\nfunction escapeQuotes(str: string): string {\n return str.replace(/\\\\/g, \"\\\\\\\\\").replace(/\"/g, '\\\\\"');\n}\n\ntype ZodIssue = z.ZodError[\"issues\"][number];\n\nfunction joinPath(path: PropertyKey[]): string {\n if (path.length === 1 && path[0] !== undefined) {\n return String(path[0]);\n }\n\n return path.reduce<string>((acc, item) => {\n // handle numeric indices\n if (typeof item === \"number\") {\n return `${acc}[${item.toString()}]`;\n }\n\n if (typeof item === \"symbol\") {\n return `${acc}[${JSON.stringify(String(item))}]`;\n }\n\n // handle quoted values\n if (item.includes('\"')) {\n return `${acc}[\"${escapeQuotes(item)}\"]`;\n }\n\n // handle special characters\n if (!constants.identifierRegex.test(item)) {\n return `${acc}[\"${item}\"]`;\n }\n\n // handle normal values\n const separator = acc.length === 0 ? \"\" : \".\";\n return acc + separator + item;\n }, \"\");\n}\nfunction getMessageFromZodIssue(issue: ZodIssue): string {\n if (issue.code === \"invalid_union\") {\n return getMessageFromUnionErrors(issue.errors);\n }\n\n if (issue.path.length !== 0) {\n // handle array indices\n if (issue.path.length === 1) {\n const identifier = issue.path[0];\n\n if (typeof identifier === \"number\") {\n return `${issue.message} at index ${identifier}`;\n }\n }\n\n return `${issue.message} at \"${joinPath(issue.path)}\"`;\n }\n\n return issue.message;\n}\n\nfunction getMessageFromUnionErrors(unionErrors: ZodIssue[][]): string {\n return unionErrors\n .reduce<string[]>((acc, issues) => {\n const newIssues = issues\n .map((issue) => getMessageFromZodIssue(issue))\n .join(constants.issueSeparator);\n\n if (!acc.includes(newIssues)) acc.push(newIssues);\n\n return acc;\n }, [])\n .join(constants.unionSeparator);\n}\n\nexport function formatZodError(error?: z.ZodError): string {\n if (!error) return \"\";\n\n return `\\t- ${error?.issues.map((issue) => getMessageFromZodIssue(issue)).join(constants.issueSeparator)}`;\n}\n","import type { ZodError, z } from \"zod\";\n\nimport { formatZodError } from \"./parse\";\n\n// An error reason that supports both a string and a generic JSON object\ntype GenericErrorReason = Record<string, unknown> | string;\n\n/**\n * utility to format a set of attributes into an error message string\n *\n * @example\n * // returns \"foo=value bar=(list, item)\"\n * serializeAttrs({ foo: \"value\", bar: [\"list\", \"item\"] })\n *\n * @param attrs A key value record set\n * @returns a human-readable serialization of the set\n */\nexport const serializeAttrs = (\n attrs: Record<string, GenericErrorReason | number | string[] | undefined>,\n): string =>\n Object.entries(attrs)\n .filter(([, v]) => v !== undefined)\n .map(([k, v]) => {\n if (Array.isArray(v)) return [k, `(${v.join(\", \")})`];\n if (typeof v !== \"string\") return [k, JSON.stringify(v)];\n return [k, v];\n })\n .map((_) => _.join(\"=\"))\n .join(\" \");\n\n/**\n * An error subclass thrown when an HTTP request has a status code different from the one expected.\n */\nexport class UnexpectedStatusCodeError extends Error {\n code = \"ERR_UNEXPECTED_STATUS_CODE\";\n reason: GenericErrorReason;\n statusCode: number;\n\n constructor({\n message,\n reason,\n statusCode,\n }: {\n message: string;\n reason: GenericErrorReason;\n statusCode: number;\n }) {\n super(serializeAttrs({ message, reason, statusCode }));\n this.reason = reason;\n this.statusCode = statusCode;\n }\n}\n\n/**\n * An error subclass thrown when an unsupported Italian Wallet specification version is requested.\n *\n * This error is thrown when:\n * - A feature or method is called with a version that it doesn't support\n * - An invalid version identifier is provided\n *\n * @example\n * throw new ItWalletSpecsVersionError(\n * 'createCredentialRequest',\n * '2.0.0',\n * [ItWalletSpecsVersion.V1_0, ItWalletSpecsVersion.V1_3]\n * );\n * // Error: Feature \"createCredentialRequest\" does not support version 2.0.0.\n * // Supported versions: V1_0, V1_3\n */\nexport class ItWalletSpecsVersionError extends Error {\n public readonly code = \"IT_WALLET_SPECS_VERSION_ERROR\";\n\n constructor(\n public readonly feature: string,\n public readonly requestedVersion: string,\n public readonly supportedVersions: readonly string[],\n ) {\n super(\n `Feature \"${feature}\" does not support version ${requestedVersion}.\\n` +\n `Supported versions: ${supportedVersions.join(\", \")}`,\n );\n this.name = \"ItWalletSpecsVersionError\";\n\n // Maintain proper stack trace for V8 engines (Node.js, Chrome)\n const ErrorConstructor = Error as {\n captureStackTrace?: (target: object, constructor: unknown) => void;\n };\n if (typeof ErrorConstructor.captureStackTrace === \"function\") {\n ErrorConstructor.captureStackTrace(this, ItWalletSpecsVersionError);\n }\n }\n}\n\nexport class ValidationError extends Error {\n public zodError: ZodError | undefined;\n\n constructor(message: string, zodError?: z.ZodError) {\n super(message);\n\n const formattedError = formatZodError(zodError);\n this.message = `${message}\\n${formattedError}`;\n\n Object.defineProperty(this, \"zodError\", {\n enumerable: false,\n value: zodError,\n writable: false,\n });\n }\n}\n","import { UnexpectedStatusCodeError } from \"./errors/errors\";\n\n/**\n * Check if a response is in the expected status, otherwise throw an error\n * @param status - The expected status\n * @param customError - A custom error compatible with {@link UnexpectedStatusCodeError}\n * @throws UnexpectedStatusCodeError if the status is different from the one expected\n * @returns The given response object\n */\nexport const hasStatusOrThrow =\n (status: number | number[], customError?: typeof UnexpectedStatusCodeError) =>\n async (res: Response): Promise<Response> => {\n if (\n Array.isArray(status)\n ? !status.includes(res.status)\n : res.status !== status\n ) {\n const ErrorClass = customError ?? UnexpectedStatusCodeError;\n throw new ErrorClass({\n message: `Http request failed. Expected ${status}, got ${res.status}, url: ${res.url}`,\n reason: await parseRawHttpResponse(res), // Pass the response body as reason so the original error can surface\n statusCode: res.status,\n });\n }\n return res;\n };\n\n/**\n * Utility function to parse a raw HTTP response as JSON if supported, otherwise as text.\n */\nexport const parseRawHttpResponse = <T extends Record<string, unknown>>(\n response: Response,\n) =>\n response.headers.get(\"content-type\")?.includes(\"application/json\")\n ? (response.json() as Promise<T>)\n : response.text();\n","import { z } from \"zod\";\n\nimport { ValidationError } from \"./errors/errors\";\n\nexport type BaseSchema = z.ZodTypeAny;\n\nconst SAFE_STRINGIFY_MAX_LENGTH = 200;\n\nfunction safeStringify(value: unknown): string {\n try {\n const result = JSON.stringify(value, (_key, val) =>\n typeof val === \"bigint\" ? `[BigInt: ${val}]` : val,\n );\n if (result === undefined) {\n return String(value);\n }\n return result.length > SAFE_STRINGIFY_MAX_LENGTH\n ? `${result.slice(0, SAFE_STRINGIFY_MAX_LENGTH)}…`\n : result;\n } catch {\n return \"[unserializable]\";\n }\n}\n\nexport function parseWithErrorHandling<Schema extends BaseSchema>(\n schema: Schema,\n data: unknown,\n customErrorMessage?: string,\n): z.infer<Schema> {\n const parseResult = schema.safeParse(data);\n\n if (!parseResult.success) {\n throw new ValidationError(\n customErrorMessage ??\n `Error validating schema with data ${safeStringify(data)}`,\n parseResult.error,\n );\n }\n\n return parseResult.data;\n}\n\nexport function formatError(message: string, prefix?: string): string {\n return prefix ? `${prefix} ${message}` : message;\n}\n","import z from \"zod\";\n\n/**\n * For the moment, these are all the supported algorithms in both\n * {@link https://italia.github.io/eid-wallet-it-docs/releases/1.3.3/en/algorithms.html#cryptographic-algorithms|v1.3.3} and\n * {@link https://italia.github.io/eid-wallet-it-docs/releases/1.0.2/en/algorithms.html#cryptographic-algorithms|v1.0.2},\n * and in both specifications the `alg` field MUST be one of those values.\n */\nexport const zItwSupportedSignatureAlg = z.enum([\n \"ES256\",\n \"ES384\",\n \"ES512\",\n \"PS256\",\n \"PS384\",\n \"PS512\",\n]);\nexport type ItwSupportedSignatureAlg = z.infer<\n typeof zItwSupportedSignatureAlg\n>;\n\nexport const zHttpMethod = z.enum([\n \"GET\",\n \"POST\",\n \"PUT\",\n \"DELETE\",\n \"HEAD\",\n \"OPTIONS\",\n \"TRACE\",\n \"CONNECT\",\n \"PATCH\",\n]);\nexport type HttpMethod = z.infer<typeof zHttpMethod>;\n","import { CLOCK_SKEW_TOLERANCE_SECONDS, MAX_IAT_AGE_SECONDS } from \"./constants\";\n\nexport function verifyJwtIatOrThrow(options: { iat: number; now?: Date }) {\n const now = options.now ?? new Date();\n const nowSeconds = Math.floor(now.getTime() / 1000);\n\n if (nowSeconds - options.iat > MAX_IAT_AGE_SECONDS) {\n throw new Error(\"iat claim in JWT is too old (must be within 5 minutes)\");\n }\n\n if (options.iat - nowSeconds > CLOCK_SKEW_TOLERANCE_SECONDS) {\n throw new Error(\"iat claim in JWT is too far in the future\");\n }\n}\n","export * from \"./config\";\nexport * from \"./constants\";\nexport * from \"./errors/errors\";\nexport * from \"./errors/parse\";\nexport * from \"./fetcher\";\nexport type * from \"./globals\";\nexport * from \"./parse\";\nexport * from \"./validation\";\nexport * from \"./verify\";\n\nexport {\n type CallbackContext,\n HashAlgorithm,\n type HashCallback,\n type JwtSignerJwk,\n calculateJwkThumbprint,\n decodeJwt,\n} from \"@openid4vc/oauth2\";\n\nexport {\n ContentType,\n type Fetch,\n JsonParseError,\n addSecondsToDate,\n createFetcher,\n dateToSeconds,\n decodeBase64,\n decodeUtf8String,\n encodeToBase64Url,\n encodeToUtf8String,\n objectToQueryParams,\n parseIfJson,\n setGlobalConfig,\n stringToJsonWithErrorHandling,\n} from \"@openid4vc/utils\";\n"],"mappings":";AAGO,IAAK,uBAAL,kBAAKA,0BAAL;AACL,EAAAA,sBAAA,UAAO;AACP,EAAAA,sBAAA,UAAO;AACP,EAAAA,sBAAA,UAAO;AAHG,SAAAA;AAAA,GAAA;AAsCL,SAAS,iBAGd,SAAY,SAAgD;AAC5D,SAAO,QAAQ,OAAO,yBAAyB;AACjD;AAkBO,IAAM,oBAAN,MAEL;AAAA,EACgB;AAAA,EAEhB,YAAY,SAAsC;AAChD,SAAK,uBAAuB,QAAQ;AAAA,EACtC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAUA,UACE,SAC8B;AAC9B,UAAM,iBAAuC,KAAK;AAClD,WAAO,mBAAmB;AAAA,EAC5B;AACF;;;ACpFO,IAAM,gBAAgB;AAAA,EAC3B,iBAAiB;AAAA,EACjB,MAAM;AACR;AAKO,IAAM,UAAU;AAAA,EACrB,eAAe;AAAA,EACf,cAAc;AAAA,EACd,MAAM;AAAA,EACN,0BAA0B;AAAA,EAC1B,8BAA8B;AAChC;AAEO,IAAM,sBAAsB,IAAI;AAChC,IAAM,+BAA+B;;;ACd5C,IAAM,YAAY;AAAA,EAChB,iBAAiB;AAAA,EACjB,gBAAgB;AAAA,EAChB,gBAAgB;AAClB;AAEA,SAAS,aAAa,KAAqB;AACzC,SAAO,IAAI,QAAQ,OAAO,MAAM,EAAE,QAAQ,MAAM,KAAK;AACvD;AAIA,SAAS,SAAS,MAA6B;AAC7C,MAAI,KAAK,WAAW,KAAK,KAAK,CAAC,MAAM,QAAW;AAC9C,WAAO,OAAO,KAAK,CAAC,CAAC;AAAA,EACvB;AAEA,SAAO,KAAK,OAAe,CAAC,KAAK,SAAS;AAExC,QAAI,OAAO,SAAS,UAAU;AAC5B,aAAO,GAAG,GAAG,IAAI,KAAK,SAAS,CAAC;AAAA,IAClC;AAEA,QAAI,OAAO,SAAS,UAAU;AAC5B,aAAO,GAAG,GAAG,IAAI,KAAK,UAAU,OAAO,IAAI,CAAC,CAAC;AAAA,IAC/C;AAGA,QAAI,KAAK,SAAS,GAAG,GAAG;AACtB,aAAO,GAAG,GAAG,KAAK,aAAa,IAAI,CAAC;AAAA,IACtC;AAGA,QAAI,CAAC,UAAU,gBAAgB,KAAK,IAAI,GAAG;AACzC,aAAO,GAAG,GAAG,KAAK,IAAI;AAAA,IACxB;AAGA,UAAM,YAAY,IAAI,WAAW,IAAI,KAAK;AAC1C,WAAO,MAAM,YAAY;AAAA,EAC3B,GAAG,EAAE;AACP;AACA,SAAS,uBAAuB,OAAyB;AACvD,MAAI,MAAM,SAAS,iBAAiB;AAClC,WAAO,0BAA0B,MAAM,MAAM;AAAA,EAC/C;AAEA,MAAI,MAAM,KAAK,WAAW,GAAG;AAE3B,QAAI,MAAM,KAAK,WAAW,GAAG;AAC3B,YAAM,aAAa,MAAM,KAAK,CAAC;AAE/B,UAAI,OAAO,eAAe,UAAU;AAClC,eAAO,GAAG,MAAM,OAAO,aAAa,UAAU;AAAA,MAChD;AAAA,IACF;AAEA,WAAO,GAAG,MAAM,OAAO,QAAQ,SAAS,MAAM,IAAI,CAAC;AAAA,EACrD;AAEA,SAAO,MAAM;AACf;AAEA,SAAS,0BAA0B,aAAmC;AACpE,SAAO,YACJ,OAAiB,CAAC,KAAK,WAAW;AACjC,UAAM,YAAY,OACf,IAAI,CAAC,UAAU,uBAAuB,KAAK,CAAC,EAC5C,KAAK,UAAU,cAAc;AAEhC,QAAI,CAAC,IAAI,SAAS,SAAS,EAAG,KAAI,KAAK,SAAS;AAEhD,WAAO;AAAA,EACT,GAAG,CAAC,CAAC,EACJ,KAAK,UAAU,cAAc;AAClC;AAEO,SAAS,eAAe,OAA4B;AACzD,MAAI,CAAC,MAAO,QAAO;AAEnB,SAAO,MAAO,OAAO,OAAO,IAAI,CAAC,UAAU,uBAAuB,KAAK,CAAC,EAAE,KAAK,UAAU,cAAc,CAAC;AAC1G;;;ACtEO,IAAM,iBAAiB,CAC5B,UAEA,OAAO,QAAQ,KAAK,EACjB,OAAO,CAAC,CAAC,EAAE,CAAC,MAAM,MAAM,MAAS,EACjC,IAAI,CAAC,CAAC,GAAG,CAAC,MAAM;AACf,MAAI,MAAM,QAAQ,CAAC,EAAG,QAAO,CAAC,GAAG,IAAI,EAAE,KAAK,IAAI,CAAC,GAAG;AACpD,MAAI,OAAO,MAAM,SAAU,QAAO,CAAC,GAAG,KAAK,UAAU,CAAC,CAAC;AACvD,SAAO,CAAC,GAAG,CAAC;AACd,CAAC,EACA,IAAI,CAAC,MAAM,EAAE,KAAK,GAAG,CAAC,EACtB,KAAK,GAAG;AAKN,IAAM,4BAAN,cAAwC,MAAM;AAAA,EACnD,OAAO;AAAA,EACP;AAAA,EACA;AAAA,EAEA,YAAY;AAAA,IACV;AAAA,IACA;AAAA,IACA;AAAA,EACF,GAIG;AACD,UAAM,eAAe,EAAE,SAAS,QAAQ,WAAW,CAAC,CAAC;AACrD,SAAK,SAAS;AACd,SAAK,aAAa;AAAA,EACpB;AACF;AAkBO,IAAM,4BAAN,MAAM,mCAAkC,MAAM;AAAA,EAGnD,YACkB,SACA,kBACA,mBAChB;AACA;AAAA,MACE,YAAY,OAAO,8BAA8B,gBAAgB;AAAA,sBACxC,kBAAkB,KAAK,IAAI,CAAC;AAAA,IACvD;AAPgB;AACA;AACA;AAMhB,SAAK,OAAO;AAGZ,UAAM,mBAAmB;AAGzB,QAAI,OAAO,iBAAiB,sBAAsB,YAAY;AAC5D,uBAAiB,kBAAkB,MAAM,0BAAyB;AAAA,IACpE;AAAA,EACF;AAAA,EApBgB,OAAO;AAqBzB;AAEO,IAAM,kBAAN,cAA8B,MAAM;AAAA,EAClC;AAAA,EAEP,YAAY,SAAiB,UAAuB;AAClD,UAAM,OAAO;AAEb,UAAM,iBAAiB,eAAe,QAAQ;AAC9C,SAAK,UAAU,GAAG,OAAO;AAAA,EAAK,cAAc;AAE5C,WAAO,eAAe,MAAM,YAAY;AAAA,MACtC,YAAY;AAAA,MACZ,OAAO;AAAA,MACP,UAAU;AAAA,IACZ,CAAC;AAAA,EACH;AACF;;;ACnGO,IAAM,mBACX,CAAC,QAA2B,gBAC5B,OAAO,QAAqC;AAC1C,MACE,MAAM,QAAQ,MAAM,IAChB,CAAC,OAAO,SAAS,IAAI,MAAM,IAC3B,IAAI,WAAW,QACnB;AACA,UAAM,aAAa,eAAe;AAClC,UAAM,IAAI,WAAW;AAAA,MACnB,SAAS,iCAAiC,MAAM,SAAS,IAAI,MAAM,UAAU,IAAI,GAAG;AAAA,MACpF,QAAQ,MAAM,qBAAqB,GAAG;AAAA;AAAA,MACtC,YAAY,IAAI;AAAA,IAClB,CAAC;AAAA,EACH;AACA,SAAO;AACT;AAKK,IAAM,uBAAuB,CAClC,aAEA,SAAS,QAAQ,IAAI,cAAc,GAAG,SAAS,kBAAkB,IAC5D,SAAS,KAAK,IACf,SAAS,KAAK;;;AC7BpB,IAAM,4BAA4B;AAElC,SAAS,cAAc,OAAwB;AAC7C,MAAI;AACF,UAAM,SAAS,KAAK;AAAA,MAAU;AAAA,MAAO,CAAC,MAAM,QAC1C,OAAO,QAAQ,WAAW,YAAY,GAAG,MAAM;AAAA,IACjD;AACA,QAAI,WAAW,QAAW;AACxB,aAAO,OAAO,KAAK;AAAA,IACrB;AACA,WAAO,OAAO,SAAS,4BACnB,GAAG,OAAO,MAAM,GAAG,yBAAyB,CAAC,WAC7C;AAAA,EACN,QAAQ;AACN,WAAO;AAAA,EACT;AACF;AAEO,SAAS,uBACd,QACA,MACA,oBACiB;AACjB,QAAM,cAAc,OAAO,UAAU,IAAI;AAEzC,MAAI,CAAC,YAAY,SAAS;AACxB,UAAM,IAAI;AAAA,MACR,sBACE,qCAAqC,cAAc,IAAI,CAAC;AAAA,MAC1D,YAAY;AAAA,IACd;AAAA,EACF;AAEA,SAAO,YAAY;AACrB;AAEO,SAAS,YAAY,SAAiB,QAAyB;AACpE,SAAO,SAAS,GAAG,MAAM,IAAI,OAAO,KAAK;AAC3C;;;AC5CA,OAAO,OAAO;AAQP,IAAM,4BAA4B,EAAE,KAAK;AAAA,EAC9C;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AACF,CAAC;AAKM,IAAM,cAAc,EAAE,KAAK;AAAA,EAChC;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AACF,CAAC;;;AC5BM,SAAS,oBAAoB,SAAsC;AACxE,QAAM,MAAM,QAAQ,OAAO,oBAAI,KAAK;AACpC,QAAM,aAAa,KAAK,MAAM,IAAI,QAAQ,IAAI,GAAI;AAElD,MAAI,aAAa,QAAQ,MAAM,qBAAqB;AAClD,UAAM,IAAI,MAAM,wDAAwD;AAAA,EAC1E;AAEA,MAAI,QAAQ,MAAM,aAAa,8BAA8B;AAC3D,UAAM,IAAI,MAAM,2CAA2C;AAAA,EAC7D;AACF;;;ACHA;AAAA,EAEE;AAAA,EAGA;AAAA,EACA;AAAA,OACK;AAEP;AAAA,EACE;AAAA,EAEA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,OACK;","names":["ItWalletSpecsVersion"]}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@pagopa/io-wallet-utils",
3
- "version": "1.2.0",
3
+ "version": "1.3.0",
4
4
  "files": [
5
5
  "dist"
6
6
  ],
@@ -27,7 +27,8 @@
27
27
  },
28
28
  "dependencies": {
29
29
  "zod": "^4.3.6",
30
- "@openid4vc/utils": "0.4.3"
30
+ "@openid4vc/utils": "0.4.3",
31
+ "@openid4vc/oauth2": "0.4.3"
31
32
  },
32
33
  "scripts": {
33
34
  "build": "tsup src/index.ts --format cjs,esm --dts --sourcemap",