@pagopa/io-wallet-utils 1.2.1 → 1.4.0-alpha-20260505074448

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/dist/index.d.mts CHANGED
@@ -1,4 +1,5 @@
1
1
  import z$1, { ZodError, z } from 'zod';
2
+ export { CallbackContext, HashAlgorithm, HashCallback, JwtSignerJwk, calculateJwkThumbprint, decodeJwt } from '@openid4vc/oauth2';
2
3
  export { ContentType, Fetch, JsonParseError, addSecondsToDate, createFetcher, dateToSeconds, decodeBase64, decodeUtf8String, encodeToBase64Url, encodeToUtf8String, objectToQueryParams, parseIfJson, setGlobalConfig, stringToJsonWithErrorHandling } from '@openid4vc/utils';
3
4
 
4
5
  /**
@@ -6,7 +7,8 @@ export { ContentType, Fetch, JsonParseError, addSecondsToDate, createFetcher, da
6
7
  */
7
8
  declare enum ItWalletSpecsVersion {
8
9
  V1_0 = "V1_0",
9
- V1_3 = "V1_3"
10
+ V1_3 = "V1_3",
11
+ V1_4 = "V1_4"
10
12
  }
11
13
  /**
12
14
  * Configuration options for the IO Wallet SDK
@@ -153,6 +155,21 @@ declare const hasStatusOrThrow: (status: number | number[], customError?: typeof
153
155
  */
154
156
  declare const parseRawHttpResponse: <T extends Record<string, unknown>>(response: Response) => Promise<T> | Promise<string>;
155
157
 
158
+ /**
159
+ * For the moment, these are all the supported algorithms in both
160
+ * {@link https://italia.github.io/eid-wallet-it-docs/releases/1.3.3/en/algorithms.html#cryptographic-algorithms|v1.3.3} and
161
+ * {@link https://italia.github.io/eid-wallet-it-docs/releases/1.0.2/en/algorithms.html#cryptographic-algorithms|v1.0.2},
162
+ * and in both specifications the `alg` field MUST be one of those values.
163
+ */
164
+ declare const zItwSupportedSignatureAlg: z$1.ZodEnum<{
165
+ ES256: "ES256";
166
+ ES384: "ES384";
167
+ ES512: "ES512";
168
+ PS256: "PS256";
169
+ PS384: "PS384";
170
+ PS512: "PS512";
171
+ }>;
172
+ type ItwSupportedSignatureAlg = z$1.infer<typeof zItwSupportedSignatureAlg>;
156
173
  declare const zHttpMethod: z$1.ZodEnum<{
157
174
  GET: "GET";
158
175
  POST: "POST";
@@ -175,10 +192,11 @@ interface RequestLike {
175
192
 
176
193
  type BaseSchema = z.ZodTypeAny;
177
194
  declare function parseWithErrorHandling<Schema extends BaseSchema>(schema: Schema, data: unknown, customErrorMessage?: string): z.infer<Schema>;
195
+ declare function formatError(message: string, prefix?: string): string;
178
196
 
179
197
  declare function verifyJwtIatOrThrow(options: {
180
198
  iat: number;
181
199
  now?: Date;
182
200
  }): void;
183
201
 
184
- export { type BaseSchema, CLOCK_SKEW_TOLERANCE_SECONDS, CONTENT_TYPES, type FetchHeaders, HEADERS, type HttpMethod, IoWalletSdkConfig, type IoWalletSdkConfigOptions, ItWalletSpecsVersion, ItWalletSpecsVersionError, MAX_IAT_AGE_SECONDS, type RequestLike, UnexpectedStatusCodeError, ValidationError, formatZodError, hasConfigVersion, hasStatusOrThrow, parseRawHttpResponse, parseWithErrorHandling, serializeAttrs, verifyJwtIatOrThrow, zHttpMethod };
202
+ export { type BaseSchema, CLOCK_SKEW_TOLERANCE_SECONDS, CONTENT_TYPES, type FetchHeaders, HEADERS, type HttpMethod, IoWalletSdkConfig, type IoWalletSdkConfigOptions, ItWalletSpecsVersion, ItWalletSpecsVersionError, type ItwSupportedSignatureAlg, MAX_IAT_AGE_SECONDS, type RequestLike, UnexpectedStatusCodeError, ValidationError, formatError, formatZodError, hasConfigVersion, hasStatusOrThrow, parseRawHttpResponse, parseWithErrorHandling, serializeAttrs, verifyJwtIatOrThrow, zHttpMethod, zItwSupportedSignatureAlg };
package/dist/index.d.ts CHANGED
@@ -1,4 +1,5 @@
1
1
  import z$1, { ZodError, z } from 'zod';
2
+ export { CallbackContext, HashAlgorithm, HashCallback, JwtSignerJwk, calculateJwkThumbprint, decodeJwt } from '@openid4vc/oauth2';
2
3
  export { ContentType, Fetch, JsonParseError, addSecondsToDate, createFetcher, dateToSeconds, decodeBase64, decodeUtf8String, encodeToBase64Url, encodeToUtf8String, objectToQueryParams, parseIfJson, setGlobalConfig, stringToJsonWithErrorHandling } from '@openid4vc/utils';
3
4
 
4
5
  /**
@@ -6,7 +7,8 @@ export { ContentType, Fetch, JsonParseError, addSecondsToDate, createFetcher, da
6
7
  */
7
8
  declare enum ItWalletSpecsVersion {
8
9
  V1_0 = "V1_0",
9
- V1_3 = "V1_3"
10
+ V1_3 = "V1_3",
11
+ V1_4 = "V1_4"
10
12
  }
11
13
  /**
12
14
  * Configuration options for the IO Wallet SDK
@@ -153,6 +155,21 @@ declare const hasStatusOrThrow: (status: number | number[], customError?: typeof
153
155
  */
154
156
  declare const parseRawHttpResponse: <T extends Record<string, unknown>>(response: Response) => Promise<T> | Promise<string>;
155
157
 
158
+ /**
159
+ * For the moment, these are all the supported algorithms in both
160
+ * {@link https://italia.github.io/eid-wallet-it-docs/releases/1.3.3/en/algorithms.html#cryptographic-algorithms|v1.3.3} and
161
+ * {@link https://italia.github.io/eid-wallet-it-docs/releases/1.0.2/en/algorithms.html#cryptographic-algorithms|v1.0.2},
162
+ * and in both specifications the `alg` field MUST be one of those values.
163
+ */
164
+ declare const zItwSupportedSignatureAlg: z$1.ZodEnum<{
165
+ ES256: "ES256";
166
+ ES384: "ES384";
167
+ ES512: "ES512";
168
+ PS256: "PS256";
169
+ PS384: "PS384";
170
+ PS512: "PS512";
171
+ }>;
172
+ type ItwSupportedSignatureAlg = z$1.infer<typeof zItwSupportedSignatureAlg>;
156
173
  declare const zHttpMethod: z$1.ZodEnum<{
157
174
  GET: "GET";
158
175
  POST: "POST";
@@ -175,10 +192,11 @@ interface RequestLike {
175
192
 
176
193
  type BaseSchema = z.ZodTypeAny;
177
194
  declare function parseWithErrorHandling<Schema extends BaseSchema>(schema: Schema, data: unknown, customErrorMessage?: string): z.infer<Schema>;
195
+ declare function formatError(message: string, prefix?: string): string;
178
196
 
179
197
  declare function verifyJwtIatOrThrow(options: {
180
198
  iat: number;
181
199
  now?: Date;
182
200
  }): void;
183
201
 
184
- export { type BaseSchema, CLOCK_SKEW_TOLERANCE_SECONDS, CONTENT_TYPES, type FetchHeaders, HEADERS, type HttpMethod, IoWalletSdkConfig, type IoWalletSdkConfigOptions, ItWalletSpecsVersion, ItWalletSpecsVersionError, MAX_IAT_AGE_SECONDS, type RequestLike, UnexpectedStatusCodeError, ValidationError, formatZodError, hasConfigVersion, hasStatusOrThrow, parseRawHttpResponse, parseWithErrorHandling, serializeAttrs, verifyJwtIatOrThrow, zHttpMethod };
202
+ export { type BaseSchema, CLOCK_SKEW_TOLERANCE_SECONDS, CONTENT_TYPES, type FetchHeaders, HEADERS, type HttpMethod, IoWalletSdkConfig, type IoWalletSdkConfigOptions, ItWalletSpecsVersion, ItWalletSpecsVersionError, type ItwSupportedSignatureAlg, MAX_IAT_AGE_SECONDS, type RequestLike, UnexpectedStatusCodeError, ValidationError, formatError, formatZodError, hasConfigVersion, hasStatusOrThrow, parseRawHttpResponse, parseWithErrorHandling, serializeAttrs, verifyJwtIatOrThrow, zHttpMethod, zItwSupportedSignatureAlg };
package/dist/index.js CHANGED
@@ -34,6 +34,7 @@ __export(index_exports, {
34
34
  CONTENT_TYPES: () => CONTENT_TYPES,
35
35
  ContentType: () => import_utils.ContentType,
36
36
  HEADERS: () => HEADERS,
37
+ HashAlgorithm: () => import_oauth2.HashAlgorithm,
37
38
  IoWalletSdkConfig: () => IoWalletSdkConfig,
38
39
  ItWalletSpecsVersion: () => ItWalletSpecsVersion,
39
40
  ItWalletSpecsVersionError: () => ItWalletSpecsVersionError,
@@ -42,12 +43,15 @@ __export(index_exports, {
42
43
  UnexpectedStatusCodeError: () => UnexpectedStatusCodeError,
43
44
  ValidationError: () => ValidationError,
44
45
  addSecondsToDate: () => import_utils.addSecondsToDate,
46
+ calculateJwkThumbprint: () => import_oauth2.calculateJwkThumbprint,
45
47
  createFetcher: () => import_utils.createFetcher,
46
48
  dateToSeconds: () => import_utils.dateToSeconds,
47
49
  decodeBase64: () => import_utils.decodeBase64,
50
+ decodeJwt: () => import_oauth2.decodeJwt,
48
51
  decodeUtf8String: () => import_utils.decodeUtf8String,
49
52
  encodeToBase64Url: () => import_utils.encodeToBase64Url,
50
53
  encodeToUtf8String: () => import_utils.encodeToUtf8String,
54
+ formatError: () => formatError,
51
55
  formatZodError: () => formatZodError,
52
56
  hasConfigVersion: () => hasConfigVersion,
53
57
  hasStatusOrThrow: () => hasStatusOrThrow,
@@ -59,7 +63,8 @@ __export(index_exports, {
59
63
  setGlobalConfig: () => import_utils.setGlobalConfig,
60
64
  stringToJsonWithErrorHandling: () => import_utils.stringToJsonWithErrorHandling,
61
65
  verifyJwtIatOrThrow: () => verifyJwtIatOrThrow,
62
- zHttpMethod: () => zHttpMethod
66
+ zHttpMethod: () => zHttpMethod,
67
+ zItwSupportedSignatureAlg: () => zItwSupportedSignatureAlg
63
68
  });
64
69
  module.exports = __toCommonJS(index_exports);
65
70
 
@@ -67,6 +72,7 @@ module.exports = __toCommonJS(index_exports);
67
72
  var ItWalletSpecsVersion = /* @__PURE__ */ ((ItWalletSpecsVersion2) => {
68
73
  ItWalletSpecsVersion2["V1_0"] = "V1_0";
69
74
  ItWalletSpecsVersion2["V1_3"] = "V1_3";
75
+ ItWalletSpecsVersion2["V1_4"] = "V1_4";
70
76
  return ItWalletSpecsVersion2;
71
77
  })(ItWalletSpecsVersion || {});
72
78
  function hasConfigVersion(options, version) {
@@ -198,6 +204,9 @@ Supported versions: ${supportedVersions.join(", ")}`
198
204
  ErrorConstructor.captureStackTrace(this, _ItWalletSpecsVersionError);
199
205
  }
200
206
  }
207
+ feature;
208
+ requestedVersion;
209
+ supportedVersions;
201
210
  code = "IT_WALLET_SPECS_VERSION_ERROR";
202
211
  };
203
212
  var ValidationError = class extends Error {
@@ -256,9 +265,20 @@ function parseWithErrorHandling(schema, data, customErrorMessage) {
256
265
  }
257
266
  return parseResult.data;
258
267
  }
268
+ function formatError(message, prefix) {
269
+ return prefix ? `${prefix} ${message}` : message;
270
+ }
259
271
 
260
272
  // src/validation.ts
261
273
  var import_zod = __toESM(require("zod"));
274
+ var zItwSupportedSignatureAlg = import_zod.default.enum([
275
+ "ES256",
276
+ "ES384",
277
+ "ES512",
278
+ "PS256",
279
+ "PS384",
280
+ "PS512"
281
+ ]);
262
282
  var zHttpMethod = import_zod.default.enum([
263
283
  "GET",
264
284
  "POST",
@@ -284,6 +304,7 @@ function verifyJwtIatOrThrow(options) {
284
304
  }
285
305
 
286
306
  // src/index.ts
307
+ var import_oauth2 = require("@openid4vc/oauth2");
287
308
  var import_utils = require("@openid4vc/utils");
288
309
  // Annotate the CommonJS export names for ESM import in node:
289
310
  0 && (module.exports = {
@@ -291,6 +312,7 @@ var import_utils = require("@openid4vc/utils");
291
312
  CONTENT_TYPES,
292
313
  ContentType,
293
314
  HEADERS,
315
+ HashAlgorithm,
294
316
  IoWalletSdkConfig,
295
317
  ItWalletSpecsVersion,
296
318
  ItWalletSpecsVersionError,
@@ -299,12 +321,15 @@ var import_utils = require("@openid4vc/utils");
299
321
  UnexpectedStatusCodeError,
300
322
  ValidationError,
301
323
  addSecondsToDate,
324
+ calculateJwkThumbprint,
302
325
  createFetcher,
303
326
  dateToSeconds,
304
327
  decodeBase64,
328
+ decodeJwt,
305
329
  decodeUtf8String,
306
330
  encodeToBase64Url,
307
331
  encodeToUtf8String,
332
+ formatError,
308
333
  formatZodError,
309
334
  hasConfigVersion,
310
335
  hasStatusOrThrow,
@@ -316,6 +341,7 @@ var import_utils = require("@openid4vc/utils");
316
341
  setGlobalConfig,
317
342
  stringToJsonWithErrorHandling,
318
343
  verifyJwtIatOrThrow,
319
- zHttpMethod
344
+ zHttpMethod,
345
+ zItwSupportedSignatureAlg
320
346
  });
321
347
  //# sourceMappingURL=index.js.map
package/dist/index.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../src/index.ts","../src/config.ts","../src/constants.ts","../src/errors/parse.ts","../src/errors/errors.ts","../src/fetcher.ts","../src/parse.ts","../src/validation.ts","../src/verify.ts"],"sourcesContent":["export * from \"./config\";\nexport * from \"./constants\";\nexport * from \"./errors\";\nexport * from \"./fetcher\";\nexport type * from \"./globals\";\nexport * from \"./parse\";\nexport * from \"./validation\";\nexport * from \"./verify\";\n\nexport {\n ContentType,\n type Fetch,\n JsonParseError,\n addSecondsToDate,\n createFetcher,\n dateToSeconds,\n decodeBase64,\n decodeUtf8String,\n encodeToBase64Url,\n encodeToUtf8String,\n objectToQueryParams,\n parseIfJson,\n setGlobalConfig,\n stringToJsonWithErrorHandling,\n} from \"@openid4vc/utils\";\n","/**\n * Supported versions of the Italian Wallet technical specifications\n */\nexport enum ItWalletSpecsVersion {\n V1_0 = \"V1_0\",\n V1_3 = \"V1_3\",\n}\n\n/**\n * Configuration options for the IO Wallet SDK\n */\nexport interface IoWalletSdkConfigOptions<\n V extends ItWalletSpecsVersion = ItWalletSpecsVersion,\n> {\n /**\n * The version of the Italian Wallet specification to use.\n * REQUIRED - must be explicitly set by the user.\n *\n * @example\n * const config = new IoWalletSdkConfig({ itWalletSpecsVersion: ItWalletSpecsVersion.V1_3 });\n */\n itWalletSpecsVersion: V;\n}\n\ninterface WithConfig {\n config: IoWalletSdkConfig;\n}\n\ntype WithConfigVersion<\n T extends WithConfig,\n V extends ItWalletSpecsVersion,\n> = T extends { config: IoWalletSdkConfig<V> } ? T : never;\n\n/**\n * Type guard to check if the provided options have a specific config version\n *\n * @param options - The options object containing the config to check\n * @param version - The version to check against\n * @returns True if the options' config version matches the provided version\n */\nexport function hasConfigVersion<\n T extends WithConfig,\n V extends ItWalletSpecsVersion,\n>(options: T, version: V): options is WithConfigVersion<T, V> {\n return options.config.itWalletSpecsVersion === version;\n}\n\n/**\n * Configuration class for the IO Wallet SDK\n *\n * This class manages the version of the Italian Wallet technical specifications\n * to use throughout the SDK. The version determines the format of credential\n * requests and responses.\n *\n * @example Basic usage\n * const config = new IoWalletSdkConfig({ itWalletSpecsVersion: ItWalletSpecsVersion.V1_0 });\n * console.log(config.itWalletSpecsVersion); // ItWalletSpecsVersion.V1_0\n *\n * @example Type guard usage\n * if (config.isVersion(ItWalletSpecsVersion.V1_3)) {\n * // TypeScript narrows config.itWalletSpecsVersion to ItWalletSpecsVersion.V1_3\n * }\n */\nexport class IoWalletSdkConfig<\n V extends ItWalletSpecsVersion = ItWalletSpecsVersion,\n> {\n public readonly itWalletSpecsVersion: V;\n\n constructor(options: IoWalletSdkConfigOptions<V>) {\n this.itWalletSpecsVersion = options.itWalletSpecsVersion;\n }\n\n /**\n * Type guard for version checking\n *\n * @param version - The version to check against\n * @returns True if the config's version matches the provided version\n *\n * @internal\n */\n isVersion<W extends ItWalletSpecsVersion>(\n version: W,\n ): this is IoWalletSdkConfig<W> {\n const currentVersion: ItWalletSpecsVersion = this.itWalletSpecsVersion;\n return currentVersion === version;\n }\n}\n","/**\n * HTTP Content-Type constants for OAuth2 requests\n */\nexport const CONTENT_TYPES = {\n FORM_URLENCODED: \"application/x-www-form-urlencoded\",\n JSON: \"application/json\",\n} as const;\n\n/**\n * HTTP Header constants\n */\nexport const HEADERS = {\n AUTHORIZATION: \"Authorization\",\n CONTENT_TYPE: \"Content-Type\",\n DPOP: \"DPoP\",\n OAUTH_CLIENT_ATTESTATION: \"OAuth-Client-Attestation\",\n OAUTH_CLIENT_ATTESTATION_POP: \"OAuth-Client-Attestation-PoP\",\n} as const;\n\nexport const MAX_IAT_AGE_SECONDS = 5 * 60;\nexport const CLOCK_SKEW_TOLERANCE_SECONDS = 60;\n","import type z from \"zod\";\n\n/**\n * Some code comes from `zod-validation-error` package (MIT License) and\n * was slightly simplified to fit our needs.\n */\nconst constants = {\n identifierRegex: /[$_\\p{ID_Start}][$\\u200c\\u200d\\p{ID_Continue}]*/u,\n issueSeparator: \"\\n\\t- \",\n unionSeparator: \", or \",\n};\n\nfunction escapeQuotes(str: string): string {\n return str.replace(/\\\\/g, \"\\\\\\\\\").replace(/\"/g, '\\\\\"');\n}\n\ntype ZodIssue = z.ZodError[\"issues\"][number];\n\nfunction joinPath(path: PropertyKey[]): string {\n if (path.length === 1 && path[0] !== undefined) {\n return String(path[0]);\n }\n\n return path.reduce<string>((acc, item) => {\n // handle numeric indices\n if (typeof item === \"number\") {\n return `${acc}[${item.toString()}]`;\n }\n\n if (typeof item === \"symbol\") {\n return `${acc}[${JSON.stringify(String(item))}]`;\n }\n\n // handle quoted values\n if (item.includes('\"')) {\n return `${acc}[\"${escapeQuotes(item)}\"]`;\n }\n\n // handle special characters\n if (!constants.identifierRegex.test(item)) {\n return `${acc}[\"${item}\"]`;\n }\n\n // handle normal values\n const separator = acc.length === 0 ? \"\" : \".\";\n return acc + separator + item;\n }, \"\");\n}\nfunction getMessageFromZodIssue(issue: ZodIssue): string {\n if (issue.code === \"invalid_union\") {\n return getMessageFromUnionErrors(issue.errors);\n }\n\n if (issue.path.length !== 0) {\n // handle array indices\n if (issue.path.length === 1) {\n const identifier = issue.path[0];\n\n if (typeof identifier === \"number\") {\n return `${issue.message} at index ${identifier}`;\n }\n }\n\n return `${issue.message} at \"${joinPath(issue.path)}\"`;\n }\n\n return issue.message;\n}\n\nfunction getMessageFromUnionErrors(unionErrors: ZodIssue[][]): string {\n return unionErrors\n .reduce<string[]>((acc, issues) => {\n const newIssues = issues\n .map((issue) => getMessageFromZodIssue(issue))\n .join(constants.issueSeparator);\n\n if (!acc.includes(newIssues)) acc.push(newIssues);\n\n return acc;\n }, [])\n .join(constants.unionSeparator);\n}\n\nexport function formatZodError(error?: z.ZodError): string {\n if (!error) return \"\";\n\n return `\\t- ${error?.issues.map((issue) => getMessageFromZodIssue(issue)).join(constants.issueSeparator)}`;\n}\n","import type { ZodError, z } from \"zod\";\n\nimport { formatZodError } from \"./parse\";\n\n// An error reason that supports both a string and a generic JSON object\ntype GenericErrorReason = Record<string, unknown> | string;\n\n/**\n * utility to format a set of attributes into an error message string\n *\n * @example\n * // returns \"foo=value bar=(list, item)\"\n * serializeAttrs({ foo: \"value\", bar: [\"list\", \"item\"] })\n *\n * @param attrs A key value record set\n * @returns a human-readable serialization of the set\n */\nexport const serializeAttrs = (\n attrs: Record<string, GenericErrorReason | number | string[] | undefined>,\n): string =>\n Object.entries(attrs)\n .filter(([, v]) => v !== undefined)\n .map(([k, v]) => {\n if (Array.isArray(v)) return [k, `(${v.join(\", \")})`];\n if (typeof v !== \"string\") return [k, JSON.stringify(v)];\n return [k, v];\n })\n .map((_) => _.join(\"=\"))\n .join(\" \");\n\n/**\n * An error subclass thrown when an HTTP request has a status code different from the one expected.\n */\nexport class UnexpectedStatusCodeError extends Error {\n code = \"ERR_UNEXPECTED_STATUS_CODE\";\n reason: GenericErrorReason;\n statusCode: number;\n\n constructor({\n message,\n reason,\n statusCode,\n }: {\n message: string;\n reason: GenericErrorReason;\n statusCode: number;\n }) {\n super(serializeAttrs({ message, reason, statusCode }));\n this.reason = reason;\n this.statusCode = statusCode;\n }\n}\n\n/**\n * An error subclass thrown when an unsupported Italian Wallet specification version is requested.\n *\n * This error is thrown when:\n * - A feature or method is called with a version that it doesn't support\n * - An invalid version identifier is provided\n *\n * @example\n * throw new ItWalletSpecsVersionError(\n * 'createCredentialRequest',\n * '2.0.0',\n * [ItWalletSpecsVersion.V1_0, ItWalletSpecsVersion.V1_3]\n * );\n * // Error: Feature \"createCredentialRequest\" does not support version 2.0.0.\n * // Supported versions: V1_0, V1_3\n */\nexport class ItWalletSpecsVersionError extends Error {\n public readonly code = \"IT_WALLET_SPECS_VERSION_ERROR\";\n\n constructor(\n public readonly feature: string,\n public readonly requestedVersion: string,\n public readonly supportedVersions: readonly string[],\n ) {\n super(\n `Feature \"${feature}\" does not support version ${requestedVersion}.\\n` +\n `Supported versions: ${supportedVersions.join(\", \")}`,\n );\n this.name = \"ItWalletSpecsVersionError\";\n\n // Maintain proper stack trace for V8 engines (Node.js, Chrome)\n const ErrorConstructor = Error as {\n captureStackTrace?: (target: object, constructor: unknown) => void;\n };\n if (typeof ErrorConstructor.captureStackTrace === \"function\") {\n ErrorConstructor.captureStackTrace(this, ItWalletSpecsVersionError);\n }\n }\n}\n\nexport class ValidationError extends Error {\n public zodError: ZodError | undefined;\n\n constructor(message: string, zodError?: z.ZodError) {\n super(message);\n\n const formattedError = formatZodError(zodError);\n this.message = `${message}\\n${formattedError}`;\n\n Object.defineProperty(this, \"zodError\", {\n enumerable: false,\n value: zodError,\n writable: false,\n });\n }\n}\n","import { UnexpectedStatusCodeError } from \"./errors\";\n\n/**\n * Check if a response is in the expected status, otherwise throw an error\n * @param status - The expected status\n * @param customError - A custom error compatible with {@link UnexpectedStatusCodeError}\n * @throws UnexpectedStatusCodeError if the status is different from the one expected\n * @returns The given response object\n */\nexport const hasStatusOrThrow =\n (status: number | number[], customError?: typeof UnexpectedStatusCodeError) =>\n async (res: Response): Promise<Response> => {\n if (\n Array.isArray(status)\n ? !status.includes(res.status)\n : res.status !== status\n ) {\n const ErrorClass = customError ?? UnexpectedStatusCodeError;\n throw new ErrorClass({\n message: `Http request failed. Expected ${status}, got ${res.status}, url: ${res.url}`,\n reason: await parseRawHttpResponse(res), // Pass the response body as reason so the original error can surface\n statusCode: res.status,\n });\n }\n return res;\n };\n\n/**\n * Utility function to parse a raw HTTP response as JSON if supported, otherwise as text.\n */\nexport const parseRawHttpResponse = <T extends Record<string, unknown>>(\n response: Response,\n) =>\n response.headers.get(\"content-type\")?.includes(\"application/json\")\n ? (response.json() as Promise<T>)\n : response.text();\n","import { z } from \"zod\";\n\nimport { ValidationError } from \"./errors/errors\";\n\nexport type BaseSchema = z.ZodTypeAny;\n\nconst SAFE_STRINGIFY_MAX_LENGTH = 200;\n\nfunction safeStringify(value: unknown): string {\n try {\n const result = JSON.stringify(value, (_key, val) =>\n typeof val === \"bigint\" ? `[BigInt: ${val}]` : val,\n );\n if (result === undefined) {\n return String(value);\n }\n return result.length > SAFE_STRINGIFY_MAX_LENGTH\n ? `${result.slice(0, SAFE_STRINGIFY_MAX_LENGTH)}…`\n : result;\n } catch {\n return \"[unserializable]\";\n }\n}\n\nexport function parseWithErrorHandling<Schema extends BaseSchema>(\n schema: Schema,\n data: unknown,\n customErrorMessage?: string,\n): z.infer<Schema> {\n const parseResult = schema.safeParse(data);\n\n if (!parseResult.success) {\n throw new ValidationError(\n customErrorMessage ??\n `Error validating schema with data ${safeStringify(data)}`,\n parseResult.error,\n );\n }\n\n return parseResult.data;\n}\n","import z from \"zod\";\n\nexport const zHttpMethod = z.enum([\n \"GET\",\n \"POST\",\n \"PUT\",\n \"DELETE\",\n \"HEAD\",\n \"OPTIONS\",\n \"TRACE\",\n \"CONNECT\",\n \"PATCH\",\n]);\nexport type HttpMethod = z.infer<typeof zHttpMethod>;\n","import { CLOCK_SKEW_TOLERANCE_SECONDS, MAX_IAT_AGE_SECONDS } from \"./constants\";\n\nexport function verifyJwtIatOrThrow(options: { iat: number; now?: Date }) {\n const now = options.now ?? new Date();\n const nowSeconds = Math.floor(now.getTime() / 1000);\n\n if (nowSeconds - options.iat > MAX_IAT_AGE_SECONDS) {\n throw new Error(\"iat claim in JWT is too old (must be within 5 minutes)\");\n }\n\n if (options.iat - nowSeconds > CLOCK_SKEW_TOLERANCE_SECONDS) {\n throw new Error(\"iat claim in JWT is too far in the future\");\n }\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;;ACGO,IAAK,uBAAL,kBAAKA,0BAAL;AACL,EAAAA,sBAAA,UAAO;AACP,EAAAA,sBAAA,UAAO;AAFG,SAAAA;AAAA,GAAA;AAqCL,SAAS,iBAGd,SAAY,SAAgD;AAC5D,SAAO,QAAQ,OAAO,yBAAyB;AACjD;AAkBO,IAAM,oBAAN,MAEL;AAAA,EACgB;AAAA,EAEhB,YAAY,SAAsC;AAChD,SAAK,uBAAuB,QAAQ;AAAA,EACtC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAUA,UACE,SAC8B;AAC9B,UAAM,iBAAuC,KAAK;AAClD,WAAO,mBAAmB;AAAA,EAC5B;AACF;;;ACnFO,IAAM,gBAAgB;AAAA,EAC3B,iBAAiB;AAAA,EACjB,MAAM;AACR;AAKO,IAAM,UAAU;AAAA,EACrB,eAAe;AAAA,EACf,cAAc;AAAA,EACd,MAAM;AAAA,EACN,0BAA0B;AAAA,EAC1B,8BAA8B;AAChC;AAEO,IAAM,sBAAsB,IAAI;AAChC,IAAM,+BAA+B;;;ACd5C,IAAM,YAAY;AAAA,EAChB,iBAAiB;AAAA,EACjB,gBAAgB;AAAA,EAChB,gBAAgB;AAClB;AAEA,SAAS,aAAa,KAAqB;AACzC,SAAO,IAAI,QAAQ,OAAO,MAAM,EAAE,QAAQ,MAAM,KAAK;AACvD;AAIA,SAAS,SAAS,MAA6B;AAC7C,MAAI,KAAK,WAAW,KAAK,KAAK,CAAC,MAAM,QAAW;AAC9C,WAAO,OAAO,KAAK,CAAC,CAAC;AAAA,EACvB;AAEA,SAAO,KAAK,OAAe,CAAC,KAAK,SAAS;AAExC,QAAI,OAAO,SAAS,UAAU;AAC5B,aAAO,GAAG,GAAG,IAAI,KAAK,SAAS,CAAC;AAAA,IAClC;AAEA,QAAI,OAAO,SAAS,UAAU;AAC5B,aAAO,GAAG,GAAG,IAAI,KAAK,UAAU,OAAO,IAAI,CAAC,CAAC;AAAA,IAC/C;AAGA,QAAI,KAAK,SAAS,GAAG,GAAG;AACtB,aAAO,GAAG,GAAG,KAAK,aAAa,IAAI,CAAC;AAAA,IACtC;AAGA,QAAI,CAAC,UAAU,gBAAgB,KAAK,IAAI,GAAG;AACzC,aAAO,GAAG,GAAG,KAAK,IAAI;AAAA,IACxB;AAGA,UAAM,YAAY,IAAI,WAAW,IAAI,KAAK;AAC1C,WAAO,MAAM,YAAY;AAAA,EAC3B,GAAG,EAAE;AACP;AACA,SAAS,uBAAuB,OAAyB;AACvD,MAAI,MAAM,SAAS,iBAAiB;AAClC,WAAO,0BAA0B,MAAM,MAAM;AAAA,EAC/C;AAEA,MAAI,MAAM,KAAK,WAAW,GAAG;AAE3B,QAAI,MAAM,KAAK,WAAW,GAAG;AAC3B,YAAM,aAAa,MAAM,KAAK,CAAC;AAE/B,UAAI,OAAO,eAAe,UAAU;AAClC,eAAO,GAAG,MAAM,OAAO,aAAa,UAAU;AAAA,MAChD;AAAA,IACF;AAEA,WAAO,GAAG,MAAM,OAAO,QAAQ,SAAS,MAAM,IAAI,CAAC;AAAA,EACrD;AAEA,SAAO,MAAM;AACf;AAEA,SAAS,0BAA0B,aAAmC;AACpE,SAAO,YACJ,OAAiB,CAAC,KAAK,WAAW;AACjC,UAAM,YAAY,OACf,IAAI,CAAC,UAAU,uBAAuB,KAAK,CAAC,EAC5C,KAAK,UAAU,cAAc;AAEhC,QAAI,CAAC,IAAI,SAAS,SAAS,EAAG,KAAI,KAAK,SAAS;AAEhD,WAAO;AAAA,EACT,GAAG,CAAC,CAAC,EACJ,KAAK,UAAU,cAAc;AAClC;AAEO,SAAS,eAAe,OAA4B;AACzD,MAAI,CAAC,MAAO,QAAO;AAEnB,SAAO,MAAO,OAAO,OAAO,IAAI,CAAC,UAAU,uBAAuB,KAAK,CAAC,EAAE,KAAK,UAAU,cAAc,CAAC;AAC1G;;;ACtEO,IAAM,iBAAiB,CAC5B,UAEA,OAAO,QAAQ,KAAK,EACjB,OAAO,CAAC,CAAC,EAAE,CAAC,MAAM,MAAM,MAAS,EACjC,IAAI,CAAC,CAAC,GAAG,CAAC,MAAM;AACf,MAAI,MAAM,QAAQ,CAAC,EAAG,QAAO,CAAC,GAAG,IAAI,EAAE,KAAK,IAAI,CAAC,GAAG;AACpD,MAAI,OAAO,MAAM,SAAU,QAAO,CAAC,GAAG,KAAK,UAAU,CAAC,CAAC;AACvD,SAAO,CAAC,GAAG,CAAC;AACd,CAAC,EACA,IAAI,CAAC,MAAM,EAAE,KAAK,GAAG,CAAC,EACtB,KAAK,GAAG;AAKN,IAAM,4BAAN,cAAwC,MAAM;AAAA,EACnD,OAAO;AAAA,EACP;AAAA,EACA;AAAA,EAEA,YAAY;AAAA,IACV;AAAA,IACA;AAAA,IACA;AAAA,EACF,GAIG;AACD,UAAM,eAAe,EAAE,SAAS,QAAQ,WAAW,CAAC,CAAC;AACrD,SAAK,SAAS;AACd,SAAK,aAAa;AAAA,EACpB;AACF;AAkBO,IAAM,4BAAN,MAAM,mCAAkC,MAAM;AAAA,EAGnD,YACkB,SACA,kBACA,mBAChB;AACA;AAAA,MACE,YAAY,OAAO,8BAA8B,gBAAgB;AAAA,sBACxC,kBAAkB,KAAK,IAAI,CAAC;AAAA,IACvD;AAPgB;AACA;AACA;AAMhB,SAAK,OAAO;AAGZ,UAAM,mBAAmB;AAGzB,QAAI,OAAO,iBAAiB,sBAAsB,YAAY;AAC5D,uBAAiB,kBAAkB,MAAM,0BAAyB;AAAA,IACpE;AAAA,EACF;AAAA,EApBgB,OAAO;AAqBzB;AAEO,IAAM,kBAAN,cAA8B,MAAM;AAAA,EAClC;AAAA,EAEP,YAAY,SAAiB,UAAuB;AAClD,UAAM,OAAO;AAEb,UAAM,iBAAiB,eAAe,QAAQ;AAC9C,SAAK,UAAU,GAAG,OAAO;AAAA,EAAK,cAAc;AAE5C,WAAO,eAAe,MAAM,YAAY;AAAA,MACtC,YAAY;AAAA,MACZ,OAAO;AAAA,MACP,UAAU;AAAA,IACZ,CAAC;AAAA,EACH;AACF;;;ACnGO,IAAM,mBACX,CAAC,QAA2B,gBAC5B,OAAO,QAAqC;AAC1C,MACE,MAAM,QAAQ,MAAM,IAChB,CAAC,OAAO,SAAS,IAAI,MAAM,IAC3B,IAAI,WAAW,QACnB;AACA,UAAM,aAAa,eAAe;AAClC,UAAM,IAAI,WAAW;AAAA,MACnB,SAAS,iCAAiC,MAAM,SAAS,IAAI,MAAM,UAAU,IAAI,GAAG;AAAA,MACpF,QAAQ,MAAM,qBAAqB,GAAG;AAAA;AAAA,MACtC,YAAY,IAAI;AAAA,IAClB,CAAC;AAAA,EACH;AACA,SAAO;AACT;AAKK,IAAM,uBAAuB,CAClC,aAEA,SAAS,QAAQ,IAAI,cAAc,GAAG,SAAS,kBAAkB,IAC5D,SAAS,KAAK,IACf,SAAS,KAAK;;;AC7BpB,IAAM,4BAA4B;AAElC,SAAS,cAAc,OAAwB;AAC7C,MAAI;AACF,UAAM,SAAS,KAAK;AAAA,MAAU;AAAA,MAAO,CAAC,MAAM,QAC1C,OAAO,QAAQ,WAAW,YAAY,GAAG,MAAM;AAAA,IACjD;AACA,QAAI,WAAW,QAAW;AACxB,aAAO,OAAO,KAAK;AAAA,IACrB;AACA,WAAO,OAAO,SAAS,4BACnB,GAAG,OAAO,MAAM,GAAG,yBAAyB,CAAC,WAC7C;AAAA,EACN,QAAQ;AACN,WAAO;AAAA,EACT;AACF;AAEO,SAAS,uBACd,QACA,MACA,oBACiB;AACjB,QAAM,cAAc,OAAO,UAAU,IAAI;AAEzC,MAAI,CAAC,YAAY,SAAS;AACxB,UAAM,IAAI;AAAA,MACR,sBACE,qCAAqC,cAAc,IAAI,CAAC;AAAA,MAC1D,YAAY;AAAA,IACd;AAAA,EACF;AAEA,SAAO,YAAY;AACrB;;;ACxCA,iBAAc;AAEP,IAAM,cAAc,WAAAC,QAAE,KAAK;AAAA,EAChC;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AACF,CAAC;;;ACVM,SAAS,oBAAoB,SAAsC;AACxE,QAAM,MAAM,QAAQ,OAAO,oBAAI,KAAK;AACpC,QAAM,aAAa,KAAK,MAAM,IAAI,QAAQ,IAAI,GAAI;AAElD,MAAI,aAAa,QAAQ,MAAM,qBAAqB;AAClD,UAAM,IAAI,MAAM,wDAAwD;AAAA,EAC1E;AAEA,MAAI,QAAQ,MAAM,aAAa,8BAA8B;AAC3D,UAAM,IAAI,MAAM,2CAA2C;AAAA,EAC7D;AACF;;;ARJA,mBAeO;","names":["ItWalletSpecsVersion","z"]}
1
+ {"version":3,"sources":["../src/index.ts","../src/config.ts","../src/constants.ts","../src/errors/parse.ts","../src/errors/errors.ts","../src/fetcher.ts","../src/parse.ts","../src/validation.ts","../src/verify.ts"],"sourcesContent":["export * from \"./config\";\nexport * from \"./constants\";\nexport * from \"./errors/errors\";\nexport * from \"./errors/parse\";\nexport * from \"./fetcher\";\nexport type * from \"./globals\";\nexport * from \"./parse\";\nexport * from \"./validation\";\nexport * from \"./verify\";\n\nexport {\n type CallbackContext,\n HashAlgorithm,\n type HashCallback,\n type JwtSignerJwk,\n calculateJwkThumbprint,\n decodeJwt,\n} from \"@openid4vc/oauth2\";\n\nexport {\n ContentType,\n type Fetch,\n JsonParseError,\n addSecondsToDate,\n createFetcher,\n dateToSeconds,\n decodeBase64,\n decodeUtf8String,\n encodeToBase64Url,\n encodeToUtf8String,\n objectToQueryParams,\n parseIfJson,\n setGlobalConfig,\n stringToJsonWithErrorHandling,\n} from \"@openid4vc/utils\";\n","/**\n * Supported versions of the Italian Wallet technical specifications\n */\nexport enum ItWalletSpecsVersion {\n V1_0 = \"V1_0\",\n V1_3 = \"V1_3\",\n V1_4 = \"V1_4\",\n}\n\n/**\n * Configuration options for the IO Wallet SDK\n */\nexport interface IoWalletSdkConfigOptions<\n V extends ItWalletSpecsVersion = ItWalletSpecsVersion,\n> {\n /**\n * The version of the Italian Wallet specification to use.\n * REQUIRED - must be explicitly set by the user.\n *\n * @example\n * const config = new IoWalletSdkConfig({ itWalletSpecsVersion: ItWalletSpecsVersion.V1_3 });\n */\n itWalletSpecsVersion: V;\n}\n\ninterface WithConfig {\n config: IoWalletSdkConfig;\n}\n\ntype WithConfigVersion<\n T extends WithConfig,\n V extends ItWalletSpecsVersion,\n> = T extends { config: IoWalletSdkConfig<V> } ? T : never;\n\n/**\n * Type guard to check if the provided options have a specific config version\n *\n * @param options - The options object containing the config to check\n * @param version - The version to check against\n * @returns True if the options' config version matches the provided version\n */\nexport function hasConfigVersion<\n T extends WithConfig,\n V extends ItWalletSpecsVersion,\n>(options: T, version: V): options is WithConfigVersion<T, V> {\n return options.config.itWalletSpecsVersion === version;\n}\n\n/**\n * Configuration class for the IO Wallet SDK\n *\n * This class manages the version of the Italian Wallet technical specifications\n * to use throughout the SDK. The version determines the format of credential\n * requests and responses.\n *\n * @example Basic usage\n * const config = new IoWalletSdkConfig({ itWalletSpecsVersion: ItWalletSpecsVersion.V1_0 });\n * console.log(config.itWalletSpecsVersion); // ItWalletSpecsVersion.V1_0\n *\n * @example Type guard usage\n * if (config.isVersion(ItWalletSpecsVersion.V1_3)) {\n * // TypeScript narrows config.itWalletSpecsVersion to ItWalletSpecsVersion.V1_3\n * }\n */\nexport class IoWalletSdkConfig<\n V extends ItWalletSpecsVersion = ItWalletSpecsVersion,\n> {\n public readonly itWalletSpecsVersion: V;\n\n constructor(options: IoWalletSdkConfigOptions<V>) {\n this.itWalletSpecsVersion = options.itWalletSpecsVersion;\n }\n\n /**\n * Type guard for version checking\n *\n * @param version - The version to check against\n * @returns True if the config's version matches the provided version\n *\n * @internal\n */\n isVersion<W extends ItWalletSpecsVersion>(\n version: W,\n ): this is IoWalletSdkConfig<W> {\n const currentVersion: ItWalletSpecsVersion = this.itWalletSpecsVersion;\n return currentVersion === version;\n }\n}\n","/**\n * HTTP Content-Type constants for OAuth2 requests\n */\nexport const CONTENT_TYPES = {\n FORM_URLENCODED: \"application/x-www-form-urlencoded\",\n JSON: \"application/json\",\n} as const;\n\n/**\n * HTTP Header constants\n */\nexport const HEADERS = {\n AUTHORIZATION: \"Authorization\",\n CONTENT_TYPE: \"Content-Type\",\n DPOP: \"DPoP\",\n OAUTH_CLIENT_ATTESTATION: \"OAuth-Client-Attestation\",\n OAUTH_CLIENT_ATTESTATION_POP: \"OAuth-Client-Attestation-PoP\",\n} as const;\n\nexport const MAX_IAT_AGE_SECONDS = 5 * 60;\nexport const CLOCK_SKEW_TOLERANCE_SECONDS = 60;\n","import type z from \"zod\";\n\n/**\n * Some code comes from `zod-validation-error` package (MIT License) and\n * was slightly simplified to fit our needs.\n */\nconst constants = {\n identifierRegex: /[$_\\p{ID_Start}][$\\u200c\\u200d\\p{ID_Continue}]*/u,\n issueSeparator: \"\\n\\t- \",\n unionSeparator: \", or \",\n};\n\nfunction escapeQuotes(str: string): string {\n return str.replace(/\\\\/g, \"\\\\\\\\\").replace(/\"/g, '\\\\\"');\n}\n\ntype ZodIssue = z.ZodError[\"issues\"][number];\n\nfunction joinPath(path: PropertyKey[]): string {\n if (path.length === 1 && path[0] !== undefined) {\n return String(path[0]);\n }\n\n return path.reduce<string>((acc, item) => {\n // handle numeric indices\n if (typeof item === \"number\") {\n return `${acc}[${item.toString()}]`;\n }\n\n if (typeof item === \"symbol\") {\n return `${acc}[${JSON.stringify(String(item))}]`;\n }\n\n // handle quoted values\n if (item.includes('\"')) {\n return `${acc}[\"${escapeQuotes(item)}\"]`;\n }\n\n // handle special characters\n if (!constants.identifierRegex.test(item)) {\n return `${acc}[\"${item}\"]`;\n }\n\n // handle normal values\n const separator = acc.length === 0 ? \"\" : \".\";\n return acc + separator + item;\n }, \"\");\n}\nfunction getMessageFromZodIssue(issue: ZodIssue): string {\n if (issue.code === \"invalid_union\") {\n return getMessageFromUnionErrors(issue.errors);\n }\n\n if (issue.path.length !== 0) {\n // handle array indices\n if (issue.path.length === 1) {\n const identifier = issue.path[0];\n\n if (typeof identifier === \"number\") {\n return `${issue.message} at index ${identifier}`;\n }\n }\n\n return `${issue.message} at \"${joinPath(issue.path)}\"`;\n }\n\n return issue.message;\n}\n\nfunction getMessageFromUnionErrors(unionErrors: ZodIssue[][]): string {\n return unionErrors\n .reduce<string[]>((acc, issues) => {\n const newIssues = issues\n .map((issue) => getMessageFromZodIssue(issue))\n .join(constants.issueSeparator);\n\n if (!acc.includes(newIssues)) acc.push(newIssues);\n\n return acc;\n }, [])\n .join(constants.unionSeparator);\n}\n\nexport function formatZodError(error?: z.ZodError): string {\n if (!error) return \"\";\n\n return `\\t- ${error?.issues.map((issue) => getMessageFromZodIssue(issue)).join(constants.issueSeparator)}`;\n}\n","import type { ZodError, z } from \"zod\";\n\nimport { formatZodError } from \"./parse\";\n\n// An error reason that supports both a string and a generic JSON object\ntype GenericErrorReason = Record<string, unknown> | string;\n\n/**\n * utility to format a set of attributes into an error message string\n *\n * @example\n * // returns \"foo=value bar=(list, item)\"\n * serializeAttrs({ foo: \"value\", bar: [\"list\", \"item\"] })\n *\n * @param attrs A key value record set\n * @returns a human-readable serialization of the set\n */\nexport const serializeAttrs = (\n attrs: Record<string, GenericErrorReason | number | string[] | undefined>,\n): string =>\n Object.entries(attrs)\n .filter(([, v]) => v !== undefined)\n .map(([k, v]) => {\n if (Array.isArray(v)) return [k, `(${v.join(\", \")})`];\n if (typeof v !== \"string\") return [k, JSON.stringify(v)];\n return [k, v];\n })\n .map((_) => _.join(\"=\"))\n .join(\" \");\n\n/**\n * An error subclass thrown when an HTTP request has a status code different from the one expected.\n */\nexport class UnexpectedStatusCodeError extends Error {\n code = \"ERR_UNEXPECTED_STATUS_CODE\";\n reason: GenericErrorReason;\n statusCode: number;\n\n constructor({\n message,\n reason,\n statusCode,\n }: {\n message: string;\n reason: GenericErrorReason;\n statusCode: number;\n }) {\n super(serializeAttrs({ message, reason, statusCode }));\n this.reason = reason;\n this.statusCode = statusCode;\n }\n}\n\n/**\n * An error subclass thrown when an unsupported Italian Wallet specification version is requested.\n *\n * This error is thrown when:\n * - A feature or method is called with a version that it doesn't support\n * - An invalid version identifier is provided\n *\n * @example\n * throw new ItWalletSpecsVersionError(\n * 'createCredentialRequest',\n * '2.0.0',\n * [ItWalletSpecsVersion.V1_0, ItWalletSpecsVersion.V1_3]\n * );\n * // Error: Feature \"createCredentialRequest\" does not support version 2.0.0.\n * // Supported versions: V1_0, V1_3\n */\nexport class ItWalletSpecsVersionError extends Error {\n public readonly code = \"IT_WALLET_SPECS_VERSION_ERROR\";\n\n constructor(\n public readonly feature: string,\n public readonly requestedVersion: string,\n public readonly supportedVersions: readonly string[],\n ) {\n super(\n `Feature \"${feature}\" does not support version ${requestedVersion}.\\n` +\n `Supported versions: ${supportedVersions.join(\", \")}`,\n );\n this.name = \"ItWalletSpecsVersionError\";\n\n // Maintain proper stack trace for V8 engines (Node.js, Chrome)\n const ErrorConstructor = Error as {\n captureStackTrace?: (target: object, constructor: unknown) => void;\n };\n if (typeof ErrorConstructor.captureStackTrace === \"function\") {\n ErrorConstructor.captureStackTrace(this, ItWalletSpecsVersionError);\n }\n }\n}\n\nexport class ValidationError extends Error {\n public zodError: ZodError | undefined;\n\n constructor(message: string, zodError?: z.ZodError) {\n super(message);\n\n const formattedError = formatZodError(zodError);\n this.message = `${message}\\n${formattedError}`;\n\n Object.defineProperty(this, \"zodError\", {\n enumerable: false,\n value: zodError,\n writable: false,\n });\n }\n}\n","import { UnexpectedStatusCodeError } from \"./errors/errors\";\n\n/**\n * Check if a response is in the expected status, otherwise throw an error\n * @param status - The expected status\n * @param customError - A custom error compatible with {@link UnexpectedStatusCodeError}\n * @throws UnexpectedStatusCodeError if the status is different from the one expected\n * @returns The given response object\n */\nexport const hasStatusOrThrow =\n (status: number | number[], customError?: typeof UnexpectedStatusCodeError) =>\n async (res: Response): Promise<Response> => {\n if (\n Array.isArray(status)\n ? !status.includes(res.status)\n : res.status !== status\n ) {\n const ErrorClass = customError ?? UnexpectedStatusCodeError;\n throw new ErrorClass({\n message: `Http request failed. Expected ${status}, got ${res.status}, url: ${res.url}`,\n reason: await parseRawHttpResponse(res), // Pass the response body as reason so the original error can surface\n statusCode: res.status,\n });\n }\n return res;\n };\n\n/**\n * Utility function to parse a raw HTTP response as JSON if supported, otherwise as text.\n */\nexport const parseRawHttpResponse = <T extends Record<string, unknown>>(\n response: Response,\n) =>\n response.headers.get(\"content-type\")?.includes(\"application/json\")\n ? (response.json() as Promise<T>)\n : response.text();\n","import { z } from \"zod\";\n\nimport { ValidationError } from \"./errors/errors\";\n\nexport type BaseSchema = z.ZodTypeAny;\n\nconst SAFE_STRINGIFY_MAX_LENGTH = 200;\n\nfunction safeStringify(value: unknown): string {\n try {\n const result = JSON.stringify(value, (_key, val) =>\n typeof val === \"bigint\" ? `[BigInt: ${val}]` : val,\n );\n if (result === undefined) {\n return String(value);\n }\n return result.length > SAFE_STRINGIFY_MAX_LENGTH\n ? `${result.slice(0, SAFE_STRINGIFY_MAX_LENGTH)}…`\n : result;\n } catch {\n return \"[unserializable]\";\n }\n}\n\nexport function parseWithErrorHandling<Schema extends BaseSchema>(\n schema: Schema,\n data: unknown,\n customErrorMessage?: string,\n): z.infer<Schema> {\n const parseResult = schema.safeParse(data);\n\n if (!parseResult.success) {\n throw new ValidationError(\n customErrorMessage ??\n `Error validating schema with data ${safeStringify(data)}`,\n parseResult.error,\n );\n }\n\n return parseResult.data;\n}\n\nexport function formatError(message: string, prefix?: string): string {\n return prefix ? `${prefix} ${message}` : message;\n}\n","import z from \"zod\";\n\n/**\n * For the moment, these are all the supported algorithms in both\n * {@link https://italia.github.io/eid-wallet-it-docs/releases/1.3.3/en/algorithms.html#cryptographic-algorithms|v1.3.3} and\n * {@link https://italia.github.io/eid-wallet-it-docs/releases/1.0.2/en/algorithms.html#cryptographic-algorithms|v1.0.2},\n * and in both specifications the `alg` field MUST be one of those values.\n */\nexport const zItwSupportedSignatureAlg = z.enum([\n \"ES256\",\n \"ES384\",\n \"ES512\",\n \"PS256\",\n \"PS384\",\n \"PS512\",\n]);\nexport type ItwSupportedSignatureAlg = z.infer<\n typeof zItwSupportedSignatureAlg\n>;\n\nexport const zHttpMethod = z.enum([\n \"GET\",\n \"POST\",\n \"PUT\",\n \"DELETE\",\n \"HEAD\",\n \"OPTIONS\",\n \"TRACE\",\n \"CONNECT\",\n \"PATCH\",\n]);\nexport type HttpMethod = z.infer<typeof zHttpMethod>;\n","import { CLOCK_SKEW_TOLERANCE_SECONDS, MAX_IAT_AGE_SECONDS } from \"./constants\";\n\nexport function verifyJwtIatOrThrow(options: { iat: number; now?: Date }) {\n const now = options.now ?? new Date();\n const nowSeconds = Math.floor(now.getTime() / 1000);\n\n if (nowSeconds - options.iat > MAX_IAT_AGE_SECONDS) {\n throw new Error(\"iat claim in JWT is too old (must be within 5 minutes)\");\n }\n\n if (options.iat - nowSeconds > CLOCK_SKEW_TOLERANCE_SECONDS) {\n throw new Error(\"iat claim in JWT is too far in the future\");\n }\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;;ACGO,IAAK,uBAAL,kBAAKA,0BAAL;AACL,EAAAA,sBAAA,UAAO;AACP,EAAAA,sBAAA,UAAO;AACP,EAAAA,sBAAA,UAAO;AAHG,SAAAA;AAAA,GAAA;AAsCL,SAAS,iBAGd,SAAY,SAAgD;AAC5D,SAAO,QAAQ,OAAO,yBAAyB;AACjD;AAkBO,IAAM,oBAAN,MAEL;AAAA,EACgB;AAAA,EAEhB,YAAY,SAAsC;AAChD,SAAK,uBAAuB,QAAQ;AAAA,EACtC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAUA,UACE,SAC8B;AAC9B,UAAM,iBAAuC,KAAK;AAClD,WAAO,mBAAmB;AAAA,EAC5B;AACF;;;ACpFO,IAAM,gBAAgB;AAAA,EAC3B,iBAAiB;AAAA,EACjB,MAAM;AACR;AAKO,IAAM,UAAU;AAAA,EACrB,eAAe;AAAA,EACf,cAAc;AAAA,EACd,MAAM;AAAA,EACN,0BAA0B;AAAA,EAC1B,8BAA8B;AAChC;AAEO,IAAM,sBAAsB,IAAI;AAChC,IAAM,+BAA+B;;;ACd5C,IAAM,YAAY;AAAA,EAChB,iBAAiB;AAAA,EACjB,gBAAgB;AAAA,EAChB,gBAAgB;AAClB;AAEA,SAAS,aAAa,KAAqB;AACzC,SAAO,IAAI,QAAQ,OAAO,MAAM,EAAE,QAAQ,MAAM,KAAK;AACvD;AAIA,SAAS,SAAS,MAA6B;AAC7C,MAAI,KAAK,WAAW,KAAK,KAAK,CAAC,MAAM,QAAW;AAC9C,WAAO,OAAO,KAAK,CAAC,CAAC;AAAA,EACvB;AAEA,SAAO,KAAK,OAAe,CAAC,KAAK,SAAS;AAExC,QAAI,OAAO,SAAS,UAAU;AAC5B,aAAO,GAAG,GAAG,IAAI,KAAK,SAAS,CAAC;AAAA,IAClC;AAEA,QAAI,OAAO,SAAS,UAAU;AAC5B,aAAO,GAAG,GAAG,IAAI,KAAK,UAAU,OAAO,IAAI,CAAC,CAAC;AAAA,IAC/C;AAGA,QAAI,KAAK,SAAS,GAAG,GAAG;AACtB,aAAO,GAAG,GAAG,KAAK,aAAa,IAAI,CAAC;AAAA,IACtC;AAGA,QAAI,CAAC,UAAU,gBAAgB,KAAK,IAAI,GAAG;AACzC,aAAO,GAAG,GAAG,KAAK,IAAI;AAAA,IACxB;AAGA,UAAM,YAAY,IAAI,WAAW,IAAI,KAAK;AAC1C,WAAO,MAAM,YAAY;AAAA,EAC3B,GAAG,EAAE;AACP;AACA,SAAS,uBAAuB,OAAyB;AACvD,MAAI,MAAM,SAAS,iBAAiB;AAClC,WAAO,0BAA0B,MAAM,MAAM;AAAA,EAC/C;AAEA,MAAI,MAAM,KAAK,WAAW,GAAG;AAE3B,QAAI,MAAM,KAAK,WAAW,GAAG;AAC3B,YAAM,aAAa,MAAM,KAAK,CAAC;AAE/B,UAAI,OAAO,eAAe,UAAU;AAClC,eAAO,GAAG,MAAM,OAAO,aAAa,UAAU;AAAA,MAChD;AAAA,IACF;AAEA,WAAO,GAAG,MAAM,OAAO,QAAQ,SAAS,MAAM,IAAI,CAAC;AAAA,EACrD;AAEA,SAAO,MAAM;AACf;AAEA,SAAS,0BAA0B,aAAmC;AACpE,SAAO,YACJ,OAAiB,CAAC,KAAK,WAAW;AACjC,UAAM,YAAY,OACf,IAAI,CAAC,UAAU,uBAAuB,KAAK,CAAC,EAC5C,KAAK,UAAU,cAAc;AAEhC,QAAI,CAAC,IAAI,SAAS,SAAS,EAAG,KAAI,KAAK,SAAS;AAEhD,WAAO;AAAA,EACT,GAAG,CAAC,CAAC,EACJ,KAAK,UAAU,cAAc;AAClC;AAEO,SAAS,eAAe,OAA4B;AACzD,MAAI,CAAC,MAAO,QAAO;AAEnB,SAAO,MAAO,OAAO,OAAO,IAAI,CAAC,UAAU,uBAAuB,KAAK,CAAC,EAAE,KAAK,UAAU,cAAc,CAAC;AAC1G;;;ACtEO,IAAM,iBAAiB,CAC5B,UAEA,OAAO,QAAQ,KAAK,EACjB,OAAO,CAAC,CAAC,EAAE,CAAC,MAAM,MAAM,MAAS,EACjC,IAAI,CAAC,CAAC,GAAG,CAAC,MAAM;AACf,MAAI,MAAM,QAAQ,CAAC,EAAG,QAAO,CAAC,GAAG,IAAI,EAAE,KAAK,IAAI,CAAC,GAAG;AACpD,MAAI,OAAO,MAAM,SAAU,QAAO,CAAC,GAAG,KAAK,UAAU,CAAC,CAAC;AACvD,SAAO,CAAC,GAAG,CAAC;AACd,CAAC,EACA,IAAI,CAAC,MAAM,EAAE,KAAK,GAAG,CAAC,EACtB,KAAK,GAAG;AAKN,IAAM,4BAAN,cAAwC,MAAM;AAAA,EACnD,OAAO;AAAA,EACP;AAAA,EACA;AAAA,EAEA,YAAY;AAAA,IACV;AAAA,IACA;AAAA,IACA;AAAA,EACF,GAIG;AACD,UAAM,eAAe,EAAE,SAAS,QAAQ,WAAW,CAAC,CAAC;AACrD,SAAK,SAAS;AACd,SAAK,aAAa;AAAA,EACpB;AACF;AAkBO,IAAM,4BAAN,MAAM,mCAAkC,MAAM;AAAA,EAGnD,YACkB,SACA,kBACA,mBAChB;AACA;AAAA,MACE,YAAY,OAAO,8BAA8B,gBAAgB;AAAA,sBACxC,kBAAkB,KAAK,IAAI,CAAC;AAAA,IACvD;AAPgB;AACA;AACA;AAMhB,SAAK,OAAO;AAGZ,UAAM,mBAAmB;AAGzB,QAAI,OAAO,iBAAiB,sBAAsB,YAAY;AAC5D,uBAAiB,kBAAkB,MAAM,0BAAyB;AAAA,IACpE;AAAA,EACF;AAAA,EAjBkB;AAAA,EACA;AAAA,EACA;AAAA,EALF,OAAO;AAqBzB;AAEO,IAAM,kBAAN,cAA8B,MAAM;AAAA,EAClC;AAAA,EAEP,YAAY,SAAiB,UAAuB;AAClD,UAAM,OAAO;AAEb,UAAM,iBAAiB,eAAe,QAAQ;AAC9C,SAAK,UAAU,GAAG,OAAO;AAAA,EAAK,cAAc;AAE5C,WAAO,eAAe,MAAM,YAAY;AAAA,MACtC,YAAY;AAAA,MACZ,OAAO;AAAA,MACP,UAAU;AAAA,IACZ,CAAC;AAAA,EACH;AACF;;;ACnGO,IAAM,mBACX,CAAC,QAA2B,gBAC5B,OAAO,QAAqC;AAC1C,MACE,MAAM,QAAQ,MAAM,IAChB,CAAC,OAAO,SAAS,IAAI,MAAM,IAC3B,IAAI,WAAW,QACnB;AACA,UAAM,aAAa,eAAe;AAClC,UAAM,IAAI,WAAW;AAAA,MACnB,SAAS,iCAAiC,MAAM,SAAS,IAAI,MAAM,UAAU,IAAI,GAAG;AAAA,MACpF,QAAQ,MAAM,qBAAqB,GAAG;AAAA;AAAA,MACtC,YAAY,IAAI;AAAA,IAClB,CAAC;AAAA,EACH;AACA,SAAO;AACT;AAKK,IAAM,uBAAuB,CAClC,aAEA,SAAS,QAAQ,IAAI,cAAc,GAAG,SAAS,kBAAkB,IAC5D,SAAS,KAAK,IACf,SAAS,KAAK;;;AC7BpB,IAAM,4BAA4B;AAElC,SAAS,cAAc,OAAwB;AAC7C,MAAI;AACF,UAAM,SAAS,KAAK;AAAA,MAAU;AAAA,MAAO,CAAC,MAAM,QAC1C,OAAO,QAAQ,WAAW,YAAY,GAAG,MAAM;AAAA,IACjD;AACA,QAAI,WAAW,QAAW;AACxB,aAAO,OAAO,KAAK;AAAA,IACrB;AACA,WAAO,OAAO,SAAS,4BACnB,GAAG,OAAO,MAAM,GAAG,yBAAyB,CAAC,WAC7C;AAAA,EACN,QAAQ;AACN,WAAO;AAAA,EACT;AACF;AAEO,SAAS,uBACd,QACA,MACA,oBACiB;AACjB,QAAM,cAAc,OAAO,UAAU,IAAI;AAEzC,MAAI,CAAC,YAAY,SAAS;AACxB,UAAM,IAAI;AAAA,MACR,sBACE,qCAAqC,cAAc,IAAI,CAAC;AAAA,MAC1D,YAAY;AAAA,IACd;AAAA,EACF;AAEA,SAAO,YAAY;AACrB;AAEO,SAAS,YAAY,SAAiB,QAAyB;AACpE,SAAO,SAAS,GAAG,MAAM,IAAI,OAAO,KAAK;AAC3C;;;AC5CA,iBAAc;AAQP,IAAM,4BAA4B,WAAAC,QAAE,KAAK;AAAA,EAC9C;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AACF,CAAC;AAKM,IAAM,cAAc,WAAAA,QAAE,KAAK;AAAA,EAChC;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AACF,CAAC;;;AC5BM,SAAS,oBAAoB,SAAsC;AACxE,QAAM,MAAM,QAAQ,OAAO,oBAAI,KAAK;AACpC,QAAM,aAAa,KAAK,MAAM,IAAI,QAAQ,IAAI,GAAI;AAElD,MAAI,aAAa,QAAQ,MAAM,qBAAqB;AAClD,UAAM,IAAI,MAAM,wDAAwD;AAAA,EAC1E;AAEA,MAAI,QAAQ,MAAM,aAAa,8BAA8B;AAC3D,UAAM,IAAI,MAAM,2CAA2C;AAAA,EAC7D;AACF;;;ARHA,oBAOO;AAEP,mBAeO;","names":["ItWalletSpecsVersion","z"]}
package/dist/index.mjs CHANGED
@@ -2,6 +2,7 @@
2
2
  var ItWalletSpecsVersion = /* @__PURE__ */ ((ItWalletSpecsVersion2) => {
3
3
  ItWalletSpecsVersion2["V1_0"] = "V1_0";
4
4
  ItWalletSpecsVersion2["V1_3"] = "V1_3";
5
+ ItWalletSpecsVersion2["V1_4"] = "V1_4";
5
6
  return ItWalletSpecsVersion2;
6
7
  })(ItWalletSpecsVersion || {});
7
8
  function hasConfigVersion(options, version) {
@@ -133,6 +134,9 @@ Supported versions: ${supportedVersions.join(", ")}`
133
134
  ErrorConstructor.captureStackTrace(this, _ItWalletSpecsVersionError);
134
135
  }
135
136
  }
137
+ feature;
138
+ requestedVersion;
139
+ supportedVersions;
136
140
  code = "IT_WALLET_SPECS_VERSION_ERROR";
137
141
  };
138
142
  var ValidationError = class extends Error {
@@ -191,9 +195,20 @@ function parseWithErrorHandling(schema, data, customErrorMessage) {
191
195
  }
192
196
  return parseResult.data;
193
197
  }
198
+ function formatError(message, prefix) {
199
+ return prefix ? `${prefix} ${message}` : message;
200
+ }
194
201
 
195
202
  // src/validation.ts
196
203
  import z from "zod";
204
+ var zItwSupportedSignatureAlg = z.enum([
205
+ "ES256",
206
+ "ES384",
207
+ "ES512",
208
+ "PS256",
209
+ "PS384",
210
+ "PS512"
211
+ ]);
197
212
  var zHttpMethod = z.enum([
198
213
  "GET",
199
214
  "POST",
@@ -219,6 +234,11 @@ function verifyJwtIatOrThrow(options) {
219
234
  }
220
235
 
221
236
  // src/index.ts
237
+ import {
238
+ HashAlgorithm,
239
+ calculateJwkThumbprint,
240
+ decodeJwt
241
+ } from "@openid4vc/oauth2";
222
242
  import {
223
243
  ContentType,
224
244
  JsonParseError,
@@ -239,6 +259,7 @@ export {
239
259
  CONTENT_TYPES,
240
260
  ContentType,
241
261
  HEADERS,
262
+ HashAlgorithm,
242
263
  IoWalletSdkConfig,
243
264
  ItWalletSpecsVersion,
244
265
  ItWalletSpecsVersionError,
@@ -247,12 +268,15 @@ export {
247
268
  UnexpectedStatusCodeError,
248
269
  ValidationError,
249
270
  addSecondsToDate,
271
+ calculateJwkThumbprint,
250
272
  createFetcher,
251
273
  dateToSeconds,
252
274
  decodeBase64,
275
+ decodeJwt,
253
276
  decodeUtf8String,
254
277
  encodeToBase64Url,
255
278
  encodeToUtf8String,
279
+ formatError,
256
280
  formatZodError,
257
281
  hasConfigVersion,
258
282
  hasStatusOrThrow,
@@ -264,6 +288,7 @@ export {
264
288
  setGlobalConfig,
265
289
  stringToJsonWithErrorHandling,
266
290
  verifyJwtIatOrThrow,
267
- zHttpMethod
291
+ zHttpMethod,
292
+ zItwSupportedSignatureAlg
268
293
  };
269
294
  //# sourceMappingURL=index.mjs.map
@@ -1 +1 @@
1
- {"version":3,"sources":["../src/config.ts","../src/constants.ts","../src/errors/parse.ts","../src/errors/errors.ts","../src/fetcher.ts","../src/parse.ts","../src/validation.ts","../src/verify.ts","../src/index.ts"],"sourcesContent":["/**\n * Supported versions of the Italian Wallet technical specifications\n */\nexport enum ItWalletSpecsVersion {\n V1_0 = \"V1_0\",\n V1_3 = \"V1_3\",\n}\n\n/**\n * Configuration options for the IO Wallet SDK\n */\nexport interface IoWalletSdkConfigOptions<\n V extends ItWalletSpecsVersion = ItWalletSpecsVersion,\n> {\n /**\n * The version of the Italian Wallet specification to use.\n * REQUIRED - must be explicitly set by the user.\n *\n * @example\n * const config = new IoWalletSdkConfig({ itWalletSpecsVersion: ItWalletSpecsVersion.V1_3 });\n */\n itWalletSpecsVersion: V;\n}\n\ninterface WithConfig {\n config: IoWalletSdkConfig;\n}\n\ntype WithConfigVersion<\n T extends WithConfig,\n V extends ItWalletSpecsVersion,\n> = T extends { config: IoWalletSdkConfig<V> } ? T : never;\n\n/**\n * Type guard to check if the provided options have a specific config version\n *\n * @param options - The options object containing the config to check\n * @param version - The version to check against\n * @returns True if the options' config version matches the provided version\n */\nexport function hasConfigVersion<\n T extends WithConfig,\n V extends ItWalletSpecsVersion,\n>(options: T, version: V): options is WithConfigVersion<T, V> {\n return options.config.itWalletSpecsVersion === version;\n}\n\n/**\n * Configuration class for the IO Wallet SDK\n *\n * This class manages the version of the Italian Wallet technical specifications\n * to use throughout the SDK. The version determines the format of credential\n * requests and responses.\n *\n * @example Basic usage\n * const config = new IoWalletSdkConfig({ itWalletSpecsVersion: ItWalletSpecsVersion.V1_0 });\n * console.log(config.itWalletSpecsVersion); // ItWalletSpecsVersion.V1_0\n *\n * @example Type guard usage\n * if (config.isVersion(ItWalletSpecsVersion.V1_3)) {\n * // TypeScript narrows config.itWalletSpecsVersion to ItWalletSpecsVersion.V1_3\n * }\n */\nexport class IoWalletSdkConfig<\n V extends ItWalletSpecsVersion = ItWalletSpecsVersion,\n> {\n public readonly itWalletSpecsVersion: V;\n\n constructor(options: IoWalletSdkConfigOptions<V>) {\n this.itWalletSpecsVersion = options.itWalletSpecsVersion;\n }\n\n /**\n * Type guard for version checking\n *\n * @param version - The version to check against\n * @returns True if the config's version matches the provided version\n *\n * @internal\n */\n isVersion<W extends ItWalletSpecsVersion>(\n version: W,\n ): this is IoWalletSdkConfig<W> {\n const currentVersion: ItWalletSpecsVersion = this.itWalletSpecsVersion;\n return currentVersion === version;\n }\n}\n","/**\n * HTTP Content-Type constants for OAuth2 requests\n */\nexport const CONTENT_TYPES = {\n FORM_URLENCODED: \"application/x-www-form-urlencoded\",\n JSON: \"application/json\",\n} as const;\n\n/**\n * HTTP Header constants\n */\nexport const HEADERS = {\n AUTHORIZATION: \"Authorization\",\n CONTENT_TYPE: \"Content-Type\",\n DPOP: \"DPoP\",\n OAUTH_CLIENT_ATTESTATION: \"OAuth-Client-Attestation\",\n OAUTH_CLIENT_ATTESTATION_POP: \"OAuth-Client-Attestation-PoP\",\n} as const;\n\nexport const MAX_IAT_AGE_SECONDS = 5 * 60;\nexport const CLOCK_SKEW_TOLERANCE_SECONDS = 60;\n","import type z from \"zod\";\n\n/**\n * Some code comes from `zod-validation-error` package (MIT License) and\n * was slightly simplified to fit our needs.\n */\nconst constants = {\n identifierRegex: /[$_\\p{ID_Start}][$\\u200c\\u200d\\p{ID_Continue}]*/u,\n issueSeparator: \"\\n\\t- \",\n unionSeparator: \", or \",\n};\n\nfunction escapeQuotes(str: string): string {\n return str.replace(/\\\\/g, \"\\\\\\\\\").replace(/\"/g, '\\\\\"');\n}\n\ntype ZodIssue = z.ZodError[\"issues\"][number];\n\nfunction joinPath(path: PropertyKey[]): string {\n if (path.length === 1 && path[0] !== undefined) {\n return String(path[0]);\n }\n\n return path.reduce<string>((acc, item) => {\n // handle numeric indices\n if (typeof item === \"number\") {\n return `${acc}[${item.toString()}]`;\n }\n\n if (typeof item === \"symbol\") {\n return `${acc}[${JSON.stringify(String(item))}]`;\n }\n\n // handle quoted values\n if (item.includes('\"')) {\n return `${acc}[\"${escapeQuotes(item)}\"]`;\n }\n\n // handle special characters\n if (!constants.identifierRegex.test(item)) {\n return `${acc}[\"${item}\"]`;\n }\n\n // handle normal values\n const separator = acc.length === 0 ? \"\" : \".\";\n return acc + separator + item;\n }, \"\");\n}\nfunction getMessageFromZodIssue(issue: ZodIssue): string {\n if (issue.code === \"invalid_union\") {\n return getMessageFromUnionErrors(issue.errors);\n }\n\n if (issue.path.length !== 0) {\n // handle array indices\n if (issue.path.length === 1) {\n const identifier = issue.path[0];\n\n if (typeof identifier === \"number\") {\n return `${issue.message} at index ${identifier}`;\n }\n }\n\n return `${issue.message} at \"${joinPath(issue.path)}\"`;\n }\n\n return issue.message;\n}\n\nfunction getMessageFromUnionErrors(unionErrors: ZodIssue[][]): string {\n return unionErrors\n .reduce<string[]>((acc, issues) => {\n const newIssues = issues\n .map((issue) => getMessageFromZodIssue(issue))\n .join(constants.issueSeparator);\n\n if (!acc.includes(newIssues)) acc.push(newIssues);\n\n return acc;\n }, [])\n .join(constants.unionSeparator);\n}\n\nexport function formatZodError(error?: z.ZodError): string {\n if (!error) return \"\";\n\n return `\\t- ${error?.issues.map((issue) => getMessageFromZodIssue(issue)).join(constants.issueSeparator)}`;\n}\n","import type { ZodError, z } from \"zod\";\n\nimport { formatZodError } from \"./parse\";\n\n// An error reason that supports both a string and a generic JSON object\ntype GenericErrorReason = Record<string, unknown> | string;\n\n/**\n * utility to format a set of attributes into an error message string\n *\n * @example\n * // returns \"foo=value bar=(list, item)\"\n * serializeAttrs({ foo: \"value\", bar: [\"list\", \"item\"] })\n *\n * @param attrs A key value record set\n * @returns a human-readable serialization of the set\n */\nexport const serializeAttrs = (\n attrs: Record<string, GenericErrorReason | number | string[] | undefined>,\n): string =>\n Object.entries(attrs)\n .filter(([, v]) => v !== undefined)\n .map(([k, v]) => {\n if (Array.isArray(v)) return [k, `(${v.join(\", \")})`];\n if (typeof v !== \"string\") return [k, JSON.stringify(v)];\n return [k, v];\n })\n .map((_) => _.join(\"=\"))\n .join(\" \");\n\n/**\n * An error subclass thrown when an HTTP request has a status code different from the one expected.\n */\nexport class UnexpectedStatusCodeError extends Error {\n code = \"ERR_UNEXPECTED_STATUS_CODE\";\n reason: GenericErrorReason;\n statusCode: number;\n\n constructor({\n message,\n reason,\n statusCode,\n }: {\n message: string;\n reason: GenericErrorReason;\n statusCode: number;\n }) {\n super(serializeAttrs({ message, reason, statusCode }));\n this.reason = reason;\n this.statusCode = statusCode;\n }\n}\n\n/**\n * An error subclass thrown when an unsupported Italian Wallet specification version is requested.\n *\n * This error is thrown when:\n * - A feature or method is called with a version that it doesn't support\n * - An invalid version identifier is provided\n *\n * @example\n * throw new ItWalletSpecsVersionError(\n * 'createCredentialRequest',\n * '2.0.0',\n * [ItWalletSpecsVersion.V1_0, ItWalletSpecsVersion.V1_3]\n * );\n * // Error: Feature \"createCredentialRequest\" does not support version 2.0.0.\n * // Supported versions: V1_0, V1_3\n */\nexport class ItWalletSpecsVersionError extends Error {\n public readonly code = \"IT_WALLET_SPECS_VERSION_ERROR\";\n\n constructor(\n public readonly feature: string,\n public readonly requestedVersion: string,\n public readonly supportedVersions: readonly string[],\n ) {\n super(\n `Feature \"${feature}\" does not support version ${requestedVersion}.\\n` +\n `Supported versions: ${supportedVersions.join(\", \")}`,\n );\n this.name = \"ItWalletSpecsVersionError\";\n\n // Maintain proper stack trace for V8 engines (Node.js, Chrome)\n const ErrorConstructor = Error as {\n captureStackTrace?: (target: object, constructor: unknown) => void;\n };\n if (typeof ErrorConstructor.captureStackTrace === \"function\") {\n ErrorConstructor.captureStackTrace(this, ItWalletSpecsVersionError);\n }\n }\n}\n\nexport class ValidationError extends Error {\n public zodError: ZodError | undefined;\n\n constructor(message: string, zodError?: z.ZodError) {\n super(message);\n\n const formattedError = formatZodError(zodError);\n this.message = `${message}\\n${formattedError}`;\n\n Object.defineProperty(this, \"zodError\", {\n enumerable: false,\n value: zodError,\n writable: false,\n });\n }\n}\n","import { UnexpectedStatusCodeError } from \"./errors\";\n\n/**\n * Check if a response is in the expected status, otherwise throw an error\n * @param status - The expected status\n * @param customError - A custom error compatible with {@link UnexpectedStatusCodeError}\n * @throws UnexpectedStatusCodeError if the status is different from the one expected\n * @returns The given response object\n */\nexport const hasStatusOrThrow =\n (status: number | number[], customError?: typeof UnexpectedStatusCodeError) =>\n async (res: Response): Promise<Response> => {\n if (\n Array.isArray(status)\n ? !status.includes(res.status)\n : res.status !== status\n ) {\n const ErrorClass = customError ?? UnexpectedStatusCodeError;\n throw new ErrorClass({\n message: `Http request failed. Expected ${status}, got ${res.status}, url: ${res.url}`,\n reason: await parseRawHttpResponse(res), // Pass the response body as reason so the original error can surface\n statusCode: res.status,\n });\n }\n return res;\n };\n\n/**\n * Utility function to parse a raw HTTP response as JSON if supported, otherwise as text.\n */\nexport const parseRawHttpResponse = <T extends Record<string, unknown>>(\n response: Response,\n) =>\n response.headers.get(\"content-type\")?.includes(\"application/json\")\n ? (response.json() as Promise<T>)\n : response.text();\n","import { z } from \"zod\";\n\nimport { ValidationError } from \"./errors/errors\";\n\nexport type BaseSchema = z.ZodTypeAny;\n\nconst SAFE_STRINGIFY_MAX_LENGTH = 200;\n\nfunction safeStringify(value: unknown): string {\n try {\n const result = JSON.stringify(value, (_key, val) =>\n typeof val === \"bigint\" ? `[BigInt: ${val}]` : val,\n );\n if (result === undefined) {\n return String(value);\n }\n return result.length > SAFE_STRINGIFY_MAX_LENGTH\n ? `${result.slice(0, SAFE_STRINGIFY_MAX_LENGTH)}…`\n : result;\n } catch {\n return \"[unserializable]\";\n }\n}\n\nexport function parseWithErrorHandling<Schema extends BaseSchema>(\n schema: Schema,\n data: unknown,\n customErrorMessage?: string,\n): z.infer<Schema> {\n const parseResult = schema.safeParse(data);\n\n if (!parseResult.success) {\n throw new ValidationError(\n customErrorMessage ??\n `Error validating schema with data ${safeStringify(data)}`,\n parseResult.error,\n );\n }\n\n return parseResult.data;\n}\n","import z from \"zod\";\n\nexport const zHttpMethod = z.enum([\n \"GET\",\n \"POST\",\n \"PUT\",\n \"DELETE\",\n \"HEAD\",\n \"OPTIONS\",\n \"TRACE\",\n \"CONNECT\",\n \"PATCH\",\n]);\nexport type HttpMethod = z.infer<typeof zHttpMethod>;\n","import { CLOCK_SKEW_TOLERANCE_SECONDS, MAX_IAT_AGE_SECONDS } from \"./constants\";\n\nexport function verifyJwtIatOrThrow(options: { iat: number; now?: Date }) {\n const now = options.now ?? new Date();\n const nowSeconds = Math.floor(now.getTime() / 1000);\n\n if (nowSeconds - options.iat > MAX_IAT_AGE_SECONDS) {\n throw new Error(\"iat claim in JWT is too old (must be within 5 minutes)\");\n }\n\n if (options.iat - nowSeconds > CLOCK_SKEW_TOLERANCE_SECONDS) {\n throw new Error(\"iat claim in JWT is too far in the future\");\n }\n}\n","export * from \"./config\";\nexport * from \"./constants\";\nexport * from \"./errors\";\nexport * from \"./fetcher\";\nexport type * from \"./globals\";\nexport * from \"./parse\";\nexport * from \"./validation\";\nexport * from \"./verify\";\n\nexport {\n ContentType,\n type Fetch,\n JsonParseError,\n addSecondsToDate,\n createFetcher,\n dateToSeconds,\n decodeBase64,\n decodeUtf8String,\n encodeToBase64Url,\n encodeToUtf8String,\n objectToQueryParams,\n parseIfJson,\n setGlobalConfig,\n stringToJsonWithErrorHandling,\n} from \"@openid4vc/utils\";\n"],"mappings":";AAGO,IAAK,uBAAL,kBAAKA,0BAAL;AACL,EAAAA,sBAAA,UAAO;AACP,EAAAA,sBAAA,UAAO;AAFG,SAAAA;AAAA,GAAA;AAqCL,SAAS,iBAGd,SAAY,SAAgD;AAC5D,SAAO,QAAQ,OAAO,yBAAyB;AACjD;AAkBO,IAAM,oBAAN,MAEL;AAAA,EACgB;AAAA,EAEhB,YAAY,SAAsC;AAChD,SAAK,uBAAuB,QAAQ;AAAA,EACtC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAUA,UACE,SAC8B;AAC9B,UAAM,iBAAuC,KAAK;AAClD,WAAO,mBAAmB;AAAA,EAC5B;AACF;;;ACnFO,IAAM,gBAAgB;AAAA,EAC3B,iBAAiB;AAAA,EACjB,MAAM;AACR;AAKO,IAAM,UAAU;AAAA,EACrB,eAAe;AAAA,EACf,cAAc;AAAA,EACd,MAAM;AAAA,EACN,0BAA0B;AAAA,EAC1B,8BAA8B;AAChC;AAEO,IAAM,sBAAsB,IAAI;AAChC,IAAM,+BAA+B;;;ACd5C,IAAM,YAAY;AAAA,EAChB,iBAAiB;AAAA,EACjB,gBAAgB;AAAA,EAChB,gBAAgB;AAClB;AAEA,SAAS,aAAa,KAAqB;AACzC,SAAO,IAAI,QAAQ,OAAO,MAAM,EAAE,QAAQ,MAAM,KAAK;AACvD;AAIA,SAAS,SAAS,MAA6B;AAC7C,MAAI,KAAK,WAAW,KAAK,KAAK,CAAC,MAAM,QAAW;AAC9C,WAAO,OAAO,KAAK,CAAC,CAAC;AAAA,EACvB;AAEA,SAAO,KAAK,OAAe,CAAC,KAAK,SAAS;AAExC,QAAI,OAAO,SAAS,UAAU;AAC5B,aAAO,GAAG,GAAG,IAAI,KAAK,SAAS,CAAC;AAAA,IAClC;AAEA,QAAI,OAAO,SAAS,UAAU;AAC5B,aAAO,GAAG,GAAG,IAAI,KAAK,UAAU,OAAO,IAAI,CAAC,CAAC;AAAA,IAC/C;AAGA,QAAI,KAAK,SAAS,GAAG,GAAG;AACtB,aAAO,GAAG,GAAG,KAAK,aAAa,IAAI,CAAC;AAAA,IACtC;AAGA,QAAI,CAAC,UAAU,gBAAgB,KAAK,IAAI,GAAG;AACzC,aAAO,GAAG,GAAG,KAAK,IAAI;AAAA,IACxB;AAGA,UAAM,YAAY,IAAI,WAAW,IAAI,KAAK;AAC1C,WAAO,MAAM,YAAY;AAAA,EAC3B,GAAG,EAAE;AACP;AACA,SAAS,uBAAuB,OAAyB;AACvD,MAAI,MAAM,SAAS,iBAAiB;AAClC,WAAO,0BAA0B,MAAM,MAAM;AAAA,EAC/C;AAEA,MAAI,MAAM,KAAK,WAAW,GAAG;AAE3B,QAAI,MAAM,KAAK,WAAW,GAAG;AAC3B,YAAM,aAAa,MAAM,KAAK,CAAC;AAE/B,UAAI,OAAO,eAAe,UAAU;AAClC,eAAO,GAAG,MAAM,OAAO,aAAa,UAAU;AAAA,MAChD;AAAA,IACF;AAEA,WAAO,GAAG,MAAM,OAAO,QAAQ,SAAS,MAAM,IAAI,CAAC;AAAA,EACrD;AAEA,SAAO,MAAM;AACf;AAEA,SAAS,0BAA0B,aAAmC;AACpE,SAAO,YACJ,OAAiB,CAAC,KAAK,WAAW;AACjC,UAAM,YAAY,OACf,IAAI,CAAC,UAAU,uBAAuB,KAAK,CAAC,EAC5C,KAAK,UAAU,cAAc;AAEhC,QAAI,CAAC,IAAI,SAAS,SAAS,EAAG,KAAI,KAAK,SAAS;AAEhD,WAAO;AAAA,EACT,GAAG,CAAC,CAAC,EACJ,KAAK,UAAU,cAAc;AAClC;AAEO,SAAS,eAAe,OAA4B;AACzD,MAAI,CAAC,MAAO,QAAO;AAEnB,SAAO,MAAO,OAAO,OAAO,IAAI,CAAC,UAAU,uBAAuB,KAAK,CAAC,EAAE,KAAK,UAAU,cAAc,CAAC;AAC1G;;;ACtEO,IAAM,iBAAiB,CAC5B,UAEA,OAAO,QAAQ,KAAK,EACjB,OAAO,CAAC,CAAC,EAAE,CAAC,MAAM,MAAM,MAAS,EACjC,IAAI,CAAC,CAAC,GAAG,CAAC,MAAM;AACf,MAAI,MAAM,QAAQ,CAAC,EAAG,QAAO,CAAC,GAAG,IAAI,EAAE,KAAK,IAAI,CAAC,GAAG;AACpD,MAAI,OAAO,MAAM,SAAU,QAAO,CAAC,GAAG,KAAK,UAAU,CAAC,CAAC;AACvD,SAAO,CAAC,GAAG,CAAC;AACd,CAAC,EACA,IAAI,CAAC,MAAM,EAAE,KAAK,GAAG,CAAC,EACtB,KAAK,GAAG;AAKN,IAAM,4BAAN,cAAwC,MAAM;AAAA,EACnD,OAAO;AAAA,EACP;AAAA,EACA;AAAA,EAEA,YAAY;AAAA,IACV;AAAA,IACA;AAAA,IACA;AAAA,EACF,GAIG;AACD,UAAM,eAAe,EAAE,SAAS,QAAQ,WAAW,CAAC,CAAC;AACrD,SAAK,SAAS;AACd,SAAK,aAAa;AAAA,EACpB;AACF;AAkBO,IAAM,4BAAN,MAAM,mCAAkC,MAAM;AAAA,EAGnD,YACkB,SACA,kBACA,mBAChB;AACA;AAAA,MACE,YAAY,OAAO,8BAA8B,gBAAgB;AAAA,sBACxC,kBAAkB,KAAK,IAAI,CAAC;AAAA,IACvD;AAPgB;AACA;AACA;AAMhB,SAAK,OAAO;AAGZ,UAAM,mBAAmB;AAGzB,QAAI,OAAO,iBAAiB,sBAAsB,YAAY;AAC5D,uBAAiB,kBAAkB,MAAM,0BAAyB;AAAA,IACpE;AAAA,EACF;AAAA,EApBgB,OAAO;AAqBzB;AAEO,IAAM,kBAAN,cAA8B,MAAM;AAAA,EAClC;AAAA,EAEP,YAAY,SAAiB,UAAuB;AAClD,UAAM,OAAO;AAEb,UAAM,iBAAiB,eAAe,QAAQ;AAC9C,SAAK,UAAU,GAAG,OAAO;AAAA,EAAK,cAAc;AAE5C,WAAO,eAAe,MAAM,YAAY;AAAA,MACtC,YAAY;AAAA,MACZ,OAAO;AAAA,MACP,UAAU;AAAA,IACZ,CAAC;AAAA,EACH;AACF;;;ACnGO,IAAM,mBACX,CAAC,QAA2B,gBAC5B,OAAO,QAAqC;AAC1C,MACE,MAAM,QAAQ,MAAM,IAChB,CAAC,OAAO,SAAS,IAAI,MAAM,IAC3B,IAAI,WAAW,QACnB;AACA,UAAM,aAAa,eAAe;AAClC,UAAM,IAAI,WAAW;AAAA,MACnB,SAAS,iCAAiC,MAAM,SAAS,IAAI,MAAM,UAAU,IAAI,GAAG;AAAA,MACpF,QAAQ,MAAM,qBAAqB,GAAG;AAAA;AAAA,MACtC,YAAY,IAAI;AAAA,IAClB,CAAC;AAAA,EACH;AACA,SAAO;AACT;AAKK,IAAM,uBAAuB,CAClC,aAEA,SAAS,QAAQ,IAAI,cAAc,GAAG,SAAS,kBAAkB,IAC5D,SAAS,KAAK,IACf,SAAS,KAAK;;;AC7BpB,IAAM,4BAA4B;AAElC,SAAS,cAAc,OAAwB;AAC7C,MAAI;AACF,UAAM,SAAS,KAAK;AAAA,MAAU;AAAA,MAAO,CAAC,MAAM,QAC1C,OAAO,QAAQ,WAAW,YAAY,GAAG,MAAM;AAAA,IACjD;AACA,QAAI,WAAW,QAAW;AACxB,aAAO,OAAO,KAAK;AAAA,IACrB;AACA,WAAO,OAAO,SAAS,4BACnB,GAAG,OAAO,MAAM,GAAG,yBAAyB,CAAC,WAC7C;AAAA,EACN,QAAQ;AACN,WAAO;AAAA,EACT;AACF;AAEO,SAAS,uBACd,QACA,MACA,oBACiB;AACjB,QAAM,cAAc,OAAO,UAAU,IAAI;AAEzC,MAAI,CAAC,YAAY,SAAS;AACxB,UAAM,IAAI;AAAA,MACR,sBACE,qCAAqC,cAAc,IAAI,CAAC;AAAA,MAC1D,YAAY;AAAA,IACd;AAAA,EACF;AAEA,SAAO,YAAY;AACrB;;;ACxCA,OAAO,OAAO;AAEP,IAAM,cAAc,EAAE,KAAK;AAAA,EAChC;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AACF,CAAC;;;ACVM,SAAS,oBAAoB,SAAsC;AACxE,QAAM,MAAM,QAAQ,OAAO,oBAAI,KAAK;AACpC,QAAM,aAAa,KAAK,MAAM,IAAI,QAAQ,IAAI,GAAI;AAElD,MAAI,aAAa,QAAQ,MAAM,qBAAqB;AAClD,UAAM,IAAI,MAAM,wDAAwD;AAAA,EAC1E;AAEA,MAAI,QAAQ,MAAM,aAAa,8BAA8B;AAC3D,UAAM,IAAI,MAAM,2CAA2C;AAAA,EAC7D;AACF;;;ACJA;AAAA,EACE;AAAA,EAEA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,OACK;","names":["ItWalletSpecsVersion"]}
1
+ {"version":3,"sources":["../src/config.ts","../src/constants.ts","../src/errors/parse.ts","../src/errors/errors.ts","../src/fetcher.ts","../src/parse.ts","../src/validation.ts","../src/verify.ts","../src/index.ts"],"sourcesContent":["/**\n * Supported versions of the Italian Wallet technical specifications\n */\nexport enum ItWalletSpecsVersion {\n V1_0 = \"V1_0\",\n V1_3 = \"V1_3\",\n V1_4 = \"V1_4\",\n}\n\n/**\n * Configuration options for the IO Wallet SDK\n */\nexport interface IoWalletSdkConfigOptions<\n V extends ItWalletSpecsVersion = ItWalletSpecsVersion,\n> {\n /**\n * The version of the Italian Wallet specification to use.\n * REQUIRED - must be explicitly set by the user.\n *\n * @example\n * const config = new IoWalletSdkConfig({ itWalletSpecsVersion: ItWalletSpecsVersion.V1_3 });\n */\n itWalletSpecsVersion: V;\n}\n\ninterface WithConfig {\n config: IoWalletSdkConfig;\n}\n\ntype WithConfigVersion<\n T extends WithConfig,\n V extends ItWalletSpecsVersion,\n> = T extends { config: IoWalletSdkConfig<V> } ? T : never;\n\n/**\n * Type guard to check if the provided options have a specific config version\n *\n * @param options - The options object containing the config to check\n * @param version - The version to check against\n * @returns True if the options' config version matches the provided version\n */\nexport function hasConfigVersion<\n T extends WithConfig,\n V extends ItWalletSpecsVersion,\n>(options: T, version: V): options is WithConfigVersion<T, V> {\n return options.config.itWalletSpecsVersion === version;\n}\n\n/**\n * Configuration class for the IO Wallet SDK\n *\n * This class manages the version of the Italian Wallet technical specifications\n * to use throughout the SDK. The version determines the format of credential\n * requests and responses.\n *\n * @example Basic usage\n * const config = new IoWalletSdkConfig({ itWalletSpecsVersion: ItWalletSpecsVersion.V1_0 });\n * console.log(config.itWalletSpecsVersion); // ItWalletSpecsVersion.V1_0\n *\n * @example Type guard usage\n * if (config.isVersion(ItWalletSpecsVersion.V1_3)) {\n * // TypeScript narrows config.itWalletSpecsVersion to ItWalletSpecsVersion.V1_3\n * }\n */\nexport class IoWalletSdkConfig<\n V extends ItWalletSpecsVersion = ItWalletSpecsVersion,\n> {\n public readonly itWalletSpecsVersion: V;\n\n constructor(options: IoWalletSdkConfigOptions<V>) {\n this.itWalletSpecsVersion = options.itWalletSpecsVersion;\n }\n\n /**\n * Type guard for version checking\n *\n * @param version - The version to check against\n * @returns True if the config's version matches the provided version\n *\n * @internal\n */\n isVersion<W extends ItWalletSpecsVersion>(\n version: W,\n ): this is IoWalletSdkConfig<W> {\n const currentVersion: ItWalletSpecsVersion = this.itWalletSpecsVersion;\n return currentVersion === version;\n }\n}\n","/**\n * HTTP Content-Type constants for OAuth2 requests\n */\nexport const CONTENT_TYPES = {\n FORM_URLENCODED: \"application/x-www-form-urlencoded\",\n JSON: \"application/json\",\n} as const;\n\n/**\n * HTTP Header constants\n */\nexport const HEADERS = {\n AUTHORIZATION: \"Authorization\",\n CONTENT_TYPE: \"Content-Type\",\n DPOP: \"DPoP\",\n OAUTH_CLIENT_ATTESTATION: \"OAuth-Client-Attestation\",\n OAUTH_CLIENT_ATTESTATION_POP: \"OAuth-Client-Attestation-PoP\",\n} as const;\n\nexport const MAX_IAT_AGE_SECONDS = 5 * 60;\nexport const CLOCK_SKEW_TOLERANCE_SECONDS = 60;\n","import type z from \"zod\";\n\n/**\n * Some code comes from `zod-validation-error` package (MIT License) and\n * was slightly simplified to fit our needs.\n */\nconst constants = {\n identifierRegex: /[$_\\p{ID_Start}][$\\u200c\\u200d\\p{ID_Continue}]*/u,\n issueSeparator: \"\\n\\t- \",\n unionSeparator: \", or \",\n};\n\nfunction escapeQuotes(str: string): string {\n return str.replace(/\\\\/g, \"\\\\\\\\\").replace(/\"/g, '\\\\\"');\n}\n\ntype ZodIssue = z.ZodError[\"issues\"][number];\n\nfunction joinPath(path: PropertyKey[]): string {\n if (path.length === 1 && path[0] !== undefined) {\n return String(path[0]);\n }\n\n return path.reduce<string>((acc, item) => {\n // handle numeric indices\n if (typeof item === \"number\") {\n return `${acc}[${item.toString()}]`;\n }\n\n if (typeof item === \"symbol\") {\n return `${acc}[${JSON.stringify(String(item))}]`;\n }\n\n // handle quoted values\n if (item.includes('\"')) {\n return `${acc}[\"${escapeQuotes(item)}\"]`;\n }\n\n // handle special characters\n if (!constants.identifierRegex.test(item)) {\n return `${acc}[\"${item}\"]`;\n }\n\n // handle normal values\n const separator = acc.length === 0 ? \"\" : \".\";\n return acc + separator + item;\n }, \"\");\n}\nfunction getMessageFromZodIssue(issue: ZodIssue): string {\n if (issue.code === \"invalid_union\") {\n return getMessageFromUnionErrors(issue.errors);\n }\n\n if (issue.path.length !== 0) {\n // handle array indices\n if (issue.path.length === 1) {\n const identifier = issue.path[0];\n\n if (typeof identifier === \"number\") {\n return `${issue.message} at index ${identifier}`;\n }\n }\n\n return `${issue.message} at \"${joinPath(issue.path)}\"`;\n }\n\n return issue.message;\n}\n\nfunction getMessageFromUnionErrors(unionErrors: ZodIssue[][]): string {\n return unionErrors\n .reduce<string[]>((acc, issues) => {\n const newIssues = issues\n .map((issue) => getMessageFromZodIssue(issue))\n .join(constants.issueSeparator);\n\n if (!acc.includes(newIssues)) acc.push(newIssues);\n\n return acc;\n }, [])\n .join(constants.unionSeparator);\n}\n\nexport function formatZodError(error?: z.ZodError): string {\n if (!error) return \"\";\n\n return `\\t- ${error?.issues.map((issue) => getMessageFromZodIssue(issue)).join(constants.issueSeparator)}`;\n}\n","import type { ZodError, z } from \"zod\";\n\nimport { formatZodError } from \"./parse\";\n\n// An error reason that supports both a string and a generic JSON object\ntype GenericErrorReason = Record<string, unknown> | string;\n\n/**\n * utility to format a set of attributes into an error message string\n *\n * @example\n * // returns \"foo=value bar=(list, item)\"\n * serializeAttrs({ foo: \"value\", bar: [\"list\", \"item\"] })\n *\n * @param attrs A key value record set\n * @returns a human-readable serialization of the set\n */\nexport const serializeAttrs = (\n attrs: Record<string, GenericErrorReason | number | string[] | undefined>,\n): string =>\n Object.entries(attrs)\n .filter(([, v]) => v !== undefined)\n .map(([k, v]) => {\n if (Array.isArray(v)) return [k, `(${v.join(\", \")})`];\n if (typeof v !== \"string\") return [k, JSON.stringify(v)];\n return [k, v];\n })\n .map((_) => _.join(\"=\"))\n .join(\" \");\n\n/**\n * An error subclass thrown when an HTTP request has a status code different from the one expected.\n */\nexport class UnexpectedStatusCodeError extends Error {\n code = \"ERR_UNEXPECTED_STATUS_CODE\";\n reason: GenericErrorReason;\n statusCode: number;\n\n constructor({\n message,\n reason,\n statusCode,\n }: {\n message: string;\n reason: GenericErrorReason;\n statusCode: number;\n }) {\n super(serializeAttrs({ message, reason, statusCode }));\n this.reason = reason;\n this.statusCode = statusCode;\n }\n}\n\n/**\n * An error subclass thrown when an unsupported Italian Wallet specification version is requested.\n *\n * This error is thrown when:\n * - A feature or method is called with a version that it doesn't support\n * - An invalid version identifier is provided\n *\n * @example\n * throw new ItWalletSpecsVersionError(\n * 'createCredentialRequest',\n * '2.0.0',\n * [ItWalletSpecsVersion.V1_0, ItWalletSpecsVersion.V1_3]\n * );\n * // Error: Feature \"createCredentialRequest\" does not support version 2.0.0.\n * // Supported versions: V1_0, V1_3\n */\nexport class ItWalletSpecsVersionError extends Error {\n public readonly code = \"IT_WALLET_SPECS_VERSION_ERROR\";\n\n constructor(\n public readonly feature: string,\n public readonly requestedVersion: string,\n public readonly supportedVersions: readonly string[],\n ) {\n super(\n `Feature \"${feature}\" does not support version ${requestedVersion}.\\n` +\n `Supported versions: ${supportedVersions.join(\", \")}`,\n );\n this.name = \"ItWalletSpecsVersionError\";\n\n // Maintain proper stack trace for V8 engines (Node.js, Chrome)\n const ErrorConstructor = Error as {\n captureStackTrace?: (target: object, constructor: unknown) => void;\n };\n if (typeof ErrorConstructor.captureStackTrace === \"function\") {\n ErrorConstructor.captureStackTrace(this, ItWalletSpecsVersionError);\n }\n }\n}\n\nexport class ValidationError extends Error {\n public zodError: ZodError | undefined;\n\n constructor(message: string, zodError?: z.ZodError) {\n super(message);\n\n const formattedError = formatZodError(zodError);\n this.message = `${message}\\n${formattedError}`;\n\n Object.defineProperty(this, \"zodError\", {\n enumerable: false,\n value: zodError,\n writable: false,\n });\n }\n}\n","import { UnexpectedStatusCodeError } from \"./errors/errors\";\n\n/**\n * Check if a response is in the expected status, otherwise throw an error\n * @param status - The expected status\n * @param customError - A custom error compatible with {@link UnexpectedStatusCodeError}\n * @throws UnexpectedStatusCodeError if the status is different from the one expected\n * @returns The given response object\n */\nexport const hasStatusOrThrow =\n (status: number | number[], customError?: typeof UnexpectedStatusCodeError) =>\n async (res: Response): Promise<Response> => {\n if (\n Array.isArray(status)\n ? !status.includes(res.status)\n : res.status !== status\n ) {\n const ErrorClass = customError ?? UnexpectedStatusCodeError;\n throw new ErrorClass({\n message: `Http request failed. Expected ${status}, got ${res.status}, url: ${res.url}`,\n reason: await parseRawHttpResponse(res), // Pass the response body as reason so the original error can surface\n statusCode: res.status,\n });\n }\n return res;\n };\n\n/**\n * Utility function to parse a raw HTTP response as JSON if supported, otherwise as text.\n */\nexport const parseRawHttpResponse = <T extends Record<string, unknown>>(\n response: Response,\n) =>\n response.headers.get(\"content-type\")?.includes(\"application/json\")\n ? (response.json() as Promise<T>)\n : response.text();\n","import { z } from \"zod\";\n\nimport { ValidationError } from \"./errors/errors\";\n\nexport type BaseSchema = z.ZodTypeAny;\n\nconst SAFE_STRINGIFY_MAX_LENGTH = 200;\n\nfunction safeStringify(value: unknown): string {\n try {\n const result = JSON.stringify(value, (_key, val) =>\n typeof val === \"bigint\" ? `[BigInt: ${val}]` : val,\n );\n if (result === undefined) {\n return String(value);\n }\n return result.length > SAFE_STRINGIFY_MAX_LENGTH\n ? `${result.slice(0, SAFE_STRINGIFY_MAX_LENGTH)}…`\n : result;\n } catch {\n return \"[unserializable]\";\n }\n}\n\nexport function parseWithErrorHandling<Schema extends BaseSchema>(\n schema: Schema,\n data: unknown,\n customErrorMessage?: string,\n): z.infer<Schema> {\n const parseResult = schema.safeParse(data);\n\n if (!parseResult.success) {\n throw new ValidationError(\n customErrorMessage ??\n `Error validating schema with data ${safeStringify(data)}`,\n parseResult.error,\n );\n }\n\n return parseResult.data;\n}\n\nexport function formatError(message: string, prefix?: string): string {\n return prefix ? `${prefix} ${message}` : message;\n}\n","import z from \"zod\";\n\n/**\n * For the moment, these are all the supported algorithms in both\n * {@link https://italia.github.io/eid-wallet-it-docs/releases/1.3.3/en/algorithms.html#cryptographic-algorithms|v1.3.3} and\n * {@link https://italia.github.io/eid-wallet-it-docs/releases/1.0.2/en/algorithms.html#cryptographic-algorithms|v1.0.2},\n * and in both specifications the `alg` field MUST be one of those values.\n */\nexport const zItwSupportedSignatureAlg = z.enum([\n \"ES256\",\n \"ES384\",\n \"ES512\",\n \"PS256\",\n \"PS384\",\n \"PS512\",\n]);\nexport type ItwSupportedSignatureAlg = z.infer<\n typeof zItwSupportedSignatureAlg\n>;\n\nexport const zHttpMethod = z.enum([\n \"GET\",\n \"POST\",\n \"PUT\",\n \"DELETE\",\n \"HEAD\",\n \"OPTIONS\",\n \"TRACE\",\n \"CONNECT\",\n \"PATCH\",\n]);\nexport type HttpMethod = z.infer<typeof zHttpMethod>;\n","import { CLOCK_SKEW_TOLERANCE_SECONDS, MAX_IAT_AGE_SECONDS } from \"./constants\";\n\nexport function verifyJwtIatOrThrow(options: { iat: number; now?: Date }) {\n const now = options.now ?? new Date();\n const nowSeconds = Math.floor(now.getTime() / 1000);\n\n if (nowSeconds - options.iat > MAX_IAT_AGE_SECONDS) {\n throw new Error(\"iat claim in JWT is too old (must be within 5 minutes)\");\n }\n\n if (options.iat - nowSeconds > CLOCK_SKEW_TOLERANCE_SECONDS) {\n throw new Error(\"iat claim in JWT is too far in the future\");\n }\n}\n","export * from \"./config\";\nexport * from \"./constants\";\nexport * from \"./errors/errors\";\nexport * from \"./errors/parse\";\nexport * from \"./fetcher\";\nexport type * from \"./globals\";\nexport * from \"./parse\";\nexport * from \"./validation\";\nexport * from \"./verify\";\n\nexport {\n type CallbackContext,\n HashAlgorithm,\n type HashCallback,\n type JwtSignerJwk,\n calculateJwkThumbprint,\n decodeJwt,\n} from \"@openid4vc/oauth2\";\n\nexport {\n ContentType,\n type Fetch,\n JsonParseError,\n addSecondsToDate,\n createFetcher,\n dateToSeconds,\n decodeBase64,\n decodeUtf8String,\n encodeToBase64Url,\n encodeToUtf8String,\n objectToQueryParams,\n parseIfJson,\n setGlobalConfig,\n stringToJsonWithErrorHandling,\n} from \"@openid4vc/utils\";\n"],"mappings":";AAGO,IAAK,uBAAL,kBAAKA,0BAAL;AACL,EAAAA,sBAAA,UAAO;AACP,EAAAA,sBAAA,UAAO;AACP,EAAAA,sBAAA,UAAO;AAHG,SAAAA;AAAA,GAAA;AAsCL,SAAS,iBAGd,SAAY,SAAgD;AAC5D,SAAO,QAAQ,OAAO,yBAAyB;AACjD;AAkBO,IAAM,oBAAN,MAEL;AAAA,EACgB;AAAA,EAEhB,YAAY,SAAsC;AAChD,SAAK,uBAAuB,QAAQ;AAAA,EACtC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAUA,UACE,SAC8B;AAC9B,UAAM,iBAAuC,KAAK;AAClD,WAAO,mBAAmB;AAAA,EAC5B;AACF;;;ACpFO,IAAM,gBAAgB;AAAA,EAC3B,iBAAiB;AAAA,EACjB,MAAM;AACR;AAKO,IAAM,UAAU;AAAA,EACrB,eAAe;AAAA,EACf,cAAc;AAAA,EACd,MAAM;AAAA,EACN,0BAA0B;AAAA,EAC1B,8BAA8B;AAChC;AAEO,IAAM,sBAAsB,IAAI;AAChC,IAAM,+BAA+B;;;ACd5C,IAAM,YAAY;AAAA,EAChB,iBAAiB;AAAA,EACjB,gBAAgB;AAAA,EAChB,gBAAgB;AAClB;AAEA,SAAS,aAAa,KAAqB;AACzC,SAAO,IAAI,QAAQ,OAAO,MAAM,EAAE,QAAQ,MAAM,KAAK;AACvD;AAIA,SAAS,SAAS,MAA6B;AAC7C,MAAI,KAAK,WAAW,KAAK,KAAK,CAAC,MAAM,QAAW;AAC9C,WAAO,OAAO,KAAK,CAAC,CAAC;AAAA,EACvB;AAEA,SAAO,KAAK,OAAe,CAAC,KAAK,SAAS;AAExC,QAAI,OAAO,SAAS,UAAU;AAC5B,aAAO,GAAG,GAAG,IAAI,KAAK,SAAS,CAAC;AAAA,IAClC;AAEA,QAAI,OAAO,SAAS,UAAU;AAC5B,aAAO,GAAG,GAAG,IAAI,KAAK,UAAU,OAAO,IAAI,CAAC,CAAC;AAAA,IAC/C;AAGA,QAAI,KAAK,SAAS,GAAG,GAAG;AACtB,aAAO,GAAG,GAAG,KAAK,aAAa,IAAI,CAAC;AAAA,IACtC;AAGA,QAAI,CAAC,UAAU,gBAAgB,KAAK,IAAI,GAAG;AACzC,aAAO,GAAG,GAAG,KAAK,IAAI;AAAA,IACxB;AAGA,UAAM,YAAY,IAAI,WAAW,IAAI,KAAK;AAC1C,WAAO,MAAM,YAAY;AAAA,EAC3B,GAAG,EAAE;AACP;AACA,SAAS,uBAAuB,OAAyB;AACvD,MAAI,MAAM,SAAS,iBAAiB;AAClC,WAAO,0BAA0B,MAAM,MAAM;AAAA,EAC/C;AAEA,MAAI,MAAM,KAAK,WAAW,GAAG;AAE3B,QAAI,MAAM,KAAK,WAAW,GAAG;AAC3B,YAAM,aAAa,MAAM,KAAK,CAAC;AAE/B,UAAI,OAAO,eAAe,UAAU;AAClC,eAAO,GAAG,MAAM,OAAO,aAAa,UAAU;AAAA,MAChD;AAAA,IACF;AAEA,WAAO,GAAG,MAAM,OAAO,QAAQ,SAAS,MAAM,IAAI,CAAC;AAAA,EACrD;AAEA,SAAO,MAAM;AACf;AAEA,SAAS,0BAA0B,aAAmC;AACpE,SAAO,YACJ,OAAiB,CAAC,KAAK,WAAW;AACjC,UAAM,YAAY,OACf,IAAI,CAAC,UAAU,uBAAuB,KAAK,CAAC,EAC5C,KAAK,UAAU,cAAc;AAEhC,QAAI,CAAC,IAAI,SAAS,SAAS,EAAG,KAAI,KAAK,SAAS;AAEhD,WAAO;AAAA,EACT,GAAG,CAAC,CAAC,EACJ,KAAK,UAAU,cAAc;AAClC;AAEO,SAAS,eAAe,OAA4B;AACzD,MAAI,CAAC,MAAO,QAAO;AAEnB,SAAO,MAAO,OAAO,OAAO,IAAI,CAAC,UAAU,uBAAuB,KAAK,CAAC,EAAE,KAAK,UAAU,cAAc,CAAC;AAC1G;;;ACtEO,IAAM,iBAAiB,CAC5B,UAEA,OAAO,QAAQ,KAAK,EACjB,OAAO,CAAC,CAAC,EAAE,CAAC,MAAM,MAAM,MAAS,EACjC,IAAI,CAAC,CAAC,GAAG,CAAC,MAAM;AACf,MAAI,MAAM,QAAQ,CAAC,EAAG,QAAO,CAAC,GAAG,IAAI,EAAE,KAAK,IAAI,CAAC,GAAG;AACpD,MAAI,OAAO,MAAM,SAAU,QAAO,CAAC,GAAG,KAAK,UAAU,CAAC,CAAC;AACvD,SAAO,CAAC,GAAG,CAAC;AACd,CAAC,EACA,IAAI,CAAC,MAAM,EAAE,KAAK,GAAG,CAAC,EACtB,KAAK,GAAG;AAKN,IAAM,4BAAN,cAAwC,MAAM;AAAA,EACnD,OAAO;AAAA,EACP;AAAA,EACA;AAAA,EAEA,YAAY;AAAA,IACV;AAAA,IACA;AAAA,IACA;AAAA,EACF,GAIG;AACD,UAAM,eAAe,EAAE,SAAS,QAAQ,WAAW,CAAC,CAAC;AACrD,SAAK,SAAS;AACd,SAAK,aAAa;AAAA,EACpB;AACF;AAkBO,IAAM,4BAAN,MAAM,mCAAkC,MAAM;AAAA,EAGnD,YACkB,SACA,kBACA,mBAChB;AACA;AAAA,MACE,YAAY,OAAO,8BAA8B,gBAAgB;AAAA,sBACxC,kBAAkB,KAAK,IAAI,CAAC;AAAA,IACvD;AAPgB;AACA;AACA;AAMhB,SAAK,OAAO;AAGZ,UAAM,mBAAmB;AAGzB,QAAI,OAAO,iBAAiB,sBAAsB,YAAY;AAC5D,uBAAiB,kBAAkB,MAAM,0BAAyB;AAAA,IACpE;AAAA,EACF;AAAA,EAjBkB;AAAA,EACA;AAAA,EACA;AAAA,EALF,OAAO;AAqBzB;AAEO,IAAM,kBAAN,cAA8B,MAAM;AAAA,EAClC;AAAA,EAEP,YAAY,SAAiB,UAAuB;AAClD,UAAM,OAAO;AAEb,UAAM,iBAAiB,eAAe,QAAQ;AAC9C,SAAK,UAAU,GAAG,OAAO;AAAA,EAAK,cAAc;AAE5C,WAAO,eAAe,MAAM,YAAY;AAAA,MACtC,YAAY;AAAA,MACZ,OAAO;AAAA,MACP,UAAU;AAAA,IACZ,CAAC;AAAA,EACH;AACF;;;ACnGO,IAAM,mBACX,CAAC,QAA2B,gBAC5B,OAAO,QAAqC;AAC1C,MACE,MAAM,QAAQ,MAAM,IAChB,CAAC,OAAO,SAAS,IAAI,MAAM,IAC3B,IAAI,WAAW,QACnB;AACA,UAAM,aAAa,eAAe;AAClC,UAAM,IAAI,WAAW;AAAA,MACnB,SAAS,iCAAiC,MAAM,SAAS,IAAI,MAAM,UAAU,IAAI,GAAG;AAAA,MACpF,QAAQ,MAAM,qBAAqB,GAAG;AAAA;AAAA,MACtC,YAAY,IAAI;AAAA,IAClB,CAAC;AAAA,EACH;AACA,SAAO;AACT;AAKK,IAAM,uBAAuB,CAClC,aAEA,SAAS,QAAQ,IAAI,cAAc,GAAG,SAAS,kBAAkB,IAC5D,SAAS,KAAK,IACf,SAAS,KAAK;;;AC7BpB,IAAM,4BAA4B;AAElC,SAAS,cAAc,OAAwB;AAC7C,MAAI;AACF,UAAM,SAAS,KAAK;AAAA,MAAU;AAAA,MAAO,CAAC,MAAM,QAC1C,OAAO,QAAQ,WAAW,YAAY,GAAG,MAAM;AAAA,IACjD;AACA,QAAI,WAAW,QAAW;AACxB,aAAO,OAAO,KAAK;AAAA,IACrB;AACA,WAAO,OAAO,SAAS,4BACnB,GAAG,OAAO,MAAM,GAAG,yBAAyB,CAAC,WAC7C;AAAA,EACN,QAAQ;AACN,WAAO;AAAA,EACT;AACF;AAEO,SAAS,uBACd,QACA,MACA,oBACiB;AACjB,QAAM,cAAc,OAAO,UAAU,IAAI;AAEzC,MAAI,CAAC,YAAY,SAAS;AACxB,UAAM,IAAI;AAAA,MACR,sBACE,qCAAqC,cAAc,IAAI,CAAC;AAAA,MAC1D,YAAY;AAAA,IACd;AAAA,EACF;AAEA,SAAO,YAAY;AACrB;AAEO,SAAS,YAAY,SAAiB,QAAyB;AACpE,SAAO,SAAS,GAAG,MAAM,IAAI,OAAO,KAAK;AAC3C;;;AC5CA,OAAO,OAAO;AAQP,IAAM,4BAA4B,EAAE,KAAK;AAAA,EAC9C;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AACF,CAAC;AAKM,IAAM,cAAc,EAAE,KAAK;AAAA,EAChC;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AACF,CAAC;;;AC5BM,SAAS,oBAAoB,SAAsC;AACxE,QAAM,MAAM,QAAQ,OAAO,oBAAI,KAAK;AACpC,QAAM,aAAa,KAAK,MAAM,IAAI,QAAQ,IAAI,GAAI;AAElD,MAAI,aAAa,QAAQ,MAAM,qBAAqB;AAClD,UAAM,IAAI,MAAM,wDAAwD;AAAA,EAC1E;AAEA,MAAI,QAAQ,MAAM,aAAa,8BAA8B;AAC3D,UAAM,IAAI,MAAM,2CAA2C;AAAA,EAC7D;AACF;;;ACHA;AAAA,EAEE;AAAA,EAGA;AAAA,EACA;AAAA,OACK;AAEP;AAAA,EACE;AAAA,EAEA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,OACK;","names":["ItWalletSpecsVersion"]}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@pagopa/io-wallet-utils",
3
- "version": "1.2.1",
3
+ "version": "1.4.0-alpha-20260505074448",
4
4
  "files": [
5
5
  "dist"
6
6
  ],
@@ -27,7 +27,8 @@
27
27
  },
28
28
  "dependencies": {
29
29
  "zod": "^4.3.6",
30
- "@openid4vc/utils": "0.4.3"
30
+ "@openid4vc/utils": "0.4.3",
31
+ "@openid4vc/oauth2": "0.4.3"
31
32
  },
32
33
  "scripts": {
33
34
  "build": "tsup src/index.ts --format cjs,esm --dts --sourcemap",