@sphereon/oid4vc-common 0.16.1-next.24 → 0.16.1-next.252

package/dist/index.d.ts

@@ -3,6 +3,7 @@ export declare const VCI_LOGGERS: Loggers;
 export declare const VCI_LOG_COMMON: import("@sphereon/ssi-types").ISimpleLogger<unknown>;
 export * from './jwt';
 export * from './dpop';
+export * from './oauth';
 export { v4 as uuidv4 } from 'uuid';
 export { defaultHasher } from './hasher';
 //# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../lib/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,qBAAqB,CAAC;AAE9C,eAAO,MAAM,WAAW,SAAkB,CAAC;AAC3C,eAAO,MAAM,cAAc,sDAA6C,CAAC;AAEzE,cAAc,OAAO,CAAC;AACtB,cAAc,QAAQ,CAAC;AAEvB,OAAO,EAAE,EAAE,IAAI,MAAM,EAAE,MAAM,MAAM,CAAC;AACpC,OAAO,EAAE,aAAa,EAAE,MAAM,UAAU,CAAC"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../lib/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,qBAAqB,CAAC;AAE9C,eAAO,MAAM,WAAW,SAAkB,CAAC;AAC3C,eAAO,MAAM,cAAc,sDAA6C,CAAC;AAEzE,cAAc,OAAO,CAAC;AACtB,cAAc,QAAQ,CAAC;AACvB,cAAc,SAAS,CAAC;AAExB,OAAO,EAAE,EAAE,IAAI,MAAM,EAAE,MAAM,MAAM,CAAC;AACpC,OAAO,EAAE,aAAa,EAAE,MAAM,UAAU,CAAC"}

package/dist/index.js

@@ -20,6 +20,7 @@ exports.VCI_LOGGERS = ssi_types_1.Loggers.DEFAULT;
 exports.VCI_LOG_COMMON = exports.VCI_LOGGERS.get('sphereon:oid4vci:common');
 __exportStar(require("./jwt"), exports);
 __exportStar(require("./dpop"), exports);
+__exportStar(require("./oauth"), exports);
 var uuid_1 = require("uuid");
 Object.defineProperty(exports, "uuidv4", { enumerable: true, get: function () { return uuid_1.v4; } });
 var hasher_1 = require("./hasher");

package/dist/index.js.map

@@ -1 +1 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../lib/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;AAAA,mDAA8C;AAEjC,QAAA,WAAW,GAAG,mBAAO,CAAC,OAAO,CAAC;AAC9B,QAAA,cAAc,GAAG,mBAAW,CAAC,GAAG,CAAC,yBAAyB,CAAC,CAAC;AAEzE,wCAAsB;AACtB,yCAAuB;AAEvB,6BAAoC;AAA3B,8FAAA,EAAE,OAAU;AACrB,mCAAyC;AAAhC,uGAAA,aAAa,OAAA"}
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../lib/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;AAAA,mDAA8C;AAEjC,QAAA,WAAW,GAAG,mBAAO,CAAC,OAAO,CAAC;AAC9B,QAAA,cAAc,GAAG,mBAAW,CAAC,GAAG,CAAC,yBAAyB,CAAC,CAAC;AAEzE,wCAAsB;AACtB,yCAAuB;AACvB,0CAAwB;AAExB,6BAAoC;AAA3B,8FAAA,EAAE,OAAU;AACrB,mCAAyC;AAAhC,uGAAA,aAAa,OAAA"}

package/dist/jwt/Jwk.types.d.ts

@@ -30,4 +30,7 @@ export interface JWK extends BaseJWK {
     x5u?: string;
     [propName: string]: unknown;
 }
+export type JWKS = {
+    keys: JWK[];
+};
 //# sourceMappingURL=Jwk.types.d.ts.map

package/dist/jwt/Jwk.types.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"Jwk.types.d.ts","sourceRoot":"","sources":["../../lib/jwt/Jwk.types.ts"],"names":[],"mappings":"AAAA,MAAM,WAAW,OAAO;IACtB,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,CAAC,CAAC,EAAE,MAAM,CAAC;IACX,CAAC,CAAC,EAAE,MAAM,CAAC;IACX,CAAC,CAAC,EAAE,MAAM,CAAC;IACX,CAAC,CAAC,EAAE,MAAM,CAAC;CACZ;AAED,MAAM,WAAW,GAAI,SAAQ,OAAO;IAClC,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,CAAC,CAAC,EAAE,MAAM,CAAC;IACX,EAAE,CAAC,EAAE,MAAM,CAAC;IACZ,EAAE,CAAC,EAAE,MAAM,CAAC;IACZ,GAAG,CAAC,EAAE,OAAO,CAAC;IACd,CAAC,CAAC,EAAE,MAAM,CAAC;IACX,OAAO,CAAC,EAAE,MAAM,EAAE,CAAC;IACnB,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,GAAG,CAAC,EAAE,KAAK,CAAC;QACV,CAAC,CAAC,EAAE,MAAM,CAAC;QACX,CAAC,CAAC,EAAE,MAAM,CAAC;QACX,CAAC,CAAC,EAAE,MAAM,CAAC;KACZ,CAAC,CAAC;IACH,CAAC,CAAC,EAAE,MAAM,CAAC;IACX,CAAC,CAAC,EAAE,MAAM,CAAC;IACX,EAAE,CAAC,EAAE,MAAM,CAAC;IACZ,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,GAAG,CAAC,EAAE,MAAM,EAAE,CAAC;IACf,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,GAAG,CAAC,EAAE,MAAM,CAAC;IAEb,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC;CAC7B"}
+{"version":3,"file":"Jwk.types.d.ts","sourceRoot":"","sources":["../../lib/jwt/Jwk.types.ts"],"names":[],"mappings":"AAAA,MAAM,WAAW,OAAO;IACtB,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,CAAC,CAAC,EAAE,MAAM,CAAC;IACX,CAAC,CAAC,EAAE,MAAM,CAAC;IACX,CAAC,CAAC,EAAE,MAAM,CAAC;IACX,CAAC,CAAC,EAAE,MAAM,CAAC;CACZ;AAED,MAAM,WAAW,GAAI,SAAQ,OAAO;IAClC,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,CAAC,CAAC,EAAE,MAAM,CAAC;IACX,EAAE,CAAC,EAAE,MAAM,CAAC;IACZ,EAAE,CAAC,EAAE,MAAM,CAAC;IACZ,GAAG,CAAC,EAAE,OAAO,CAAC;IACd,CAAC,CAAC,EAAE,MAAM,CAAC;IACX,OAAO,CAAC,EAAE,MAAM,EAAE,CAAC;IACnB,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,GAAG,CAAC,EAAE,KAAK,CAAC;QACV,CAAC,CAAC,EAAE,MAAM,CAAC;QACX,CAAC,CAAC,EAAE,MAAM,CAAC;QACX,CAAC,CAAC,EAAE,MAAM,CAAC;KACZ,CAAC,CAAC;IACH,CAAC,CAAC,EAAE,MAAM,CAAC;IACX,CAAC,CAAC,EAAE,MAAM,CAAC;IACX,EAAE,CAAC,EAAE,MAAM,CAAC;IACZ,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,GAAG,CAAC,EAAE,MAAM,EAAE,CAAC;IACf,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,GAAG,CAAC,EAAE,MAAM,CAAC;IAEb,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC;CAC7B;AAED,MAAM,MAAM,IAAI,GAAG;IACjB,IAAI,EAAE,GAAG,EAAE,CAAC;CACb,CAAC"}

package/dist/jwt/JwtVerifier.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"JwtVerifier.d.ts","sourceRoot":"","sources":["../../lib/jwt/JwtVerifier.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,GAAG,EAAE,SAAS,EAAE,UAAU,EAAE,WAAW,EAAE,MAAM,IAAI,CAAC;AAE7D,OAAO,EAAE,mBAAmB,EAAE,OAAO,EAAE,MAAM,YAAY,CAAC;AAE1D,MAAM,WAAW,eAAe;IAC9B,IAAI,EAAE,OAAO,CAAC;IACd,MAAM,EAAE,mBAAmB,CAAC;CAC7B;AAED,MAAM,WAAW,cAAe,SAAQ,eAAe;IACrD,MAAM,EAAE,KAAK,CAAC;IAEd,GAAG,EAAE,WAAW,GAAG,MAAM,CAAC;IAC1B,MAAM,EAAE,MAAM,CAAC;CAChB;AAED,MAAM,WAAW,cAAe,SAAQ,eAAe;IACrD,MAAM,EAAE,KAAK,CAAC;IAEd,GAAG,EAAE,WAAW,GAAG,MAAM,CAAC;IAE1B;;;;;OAKG;IACH,GAAG,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC;IAEnB;;OAEG;IACH,MAAM,EAAE,MAAM,CAAC;CAChB;AAED,MAAM,WAAW,2BAA4B,SAAQ,eAAe;IAClE,MAAM,EAAE,mBAAmB,CAAC;IAE5B;;OAEG;IACH,QAAQ,EAAE,MAAM,CAAC;CAClB;AAED,MAAM,WAAW,cAAe,SAAQ,eAAe;IACrD,MAAM,EAAE,KAAK,CAAC;IACd,GAAG,EAAE,WAAW,GAAG,MAAM,CAAC;IAE1B,GAAG,EAAE,GAAG,CAAC;CACV;AAED,MAAM,WAAW,iBAAkB,SAAQ,eAAe;IACxD,MAAM,EAAE,QAAQ,CAAC;CAClB;AAED,MAAM,MAAM,WAAW,GAAG,cAAc,GAAG,cAAc,GAAG,iBAAiB,GAAG,cAAc,GAAG,2BAA2B,CAAC;AAE7H,eAAO,MAAM,iBAAiB,QAAS;IAAE,MAAM,EAAE,SAAS,CAAC;IAAC,OAAO,EAAE,UAAU,CAAA;CAAE,WAAW;IAAE,IAAI,EAAE,OAAO,CAAA;CAAE,KAAG,cAS/G,CAAC;AAEF,eAAO,MAAM,cAAc,QAAS;IAAE,MAAM,EAAE,SAAS,CAAC;IAAC,OAAO,EAAE,UAAU,CAAA;CAAE,WAAW;IAAE,IAAI,EAAE,OAAO,CAAA;CAAE,KAAG,cAc5G,CAAC;AAEF,eAAO,MAAM,cAAc,QAAe;IAAE,MAAM,EAAE,SAAS,CAAC;IAAC,OAAO,EAAE,UAAU,CAAA;CAAE,WAAW;IAAE,IAAI,EAAE,OAAO,CAAA;CAAE,KAAG,QAAQ,cAAc,CAUxI,CAAC;AAEF,eAAO,MAAM,yBAAyB,QAC/B;IAAE,MAAM,EAAE,SAAS,CAAC;IAAC,OAAO,EAAE,UAAU,CAAA;CAAE,WACtC;IAAE,IAAI,EAAE,OAAO,CAAA;CAAE,KACzB,QAAQ,WAAW,CAQrB,CAAC;AAEF,MAAM,MAAM,qBAAqB,CAAC,CAAC,SAAS,WAAW,IAAI,CACzD,WAAW,EAAE,CAAC,EACd,GAAG,EAAE;IAAE,MAAM,EAAE,SAAS,CAAC;IAAC,OAAO,EAAE,UAAU,CAAC;IAAC,GAAG,EAAE,MAAM,CAAA;CAAE,KACzD,OAAO,CAAC,OAAO,CAAC,CAAC"}
+{"version":3,"file":"JwtVerifier.d.ts","sourceRoot":"","sources":["../../lib/jwt/JwtVerifier.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,GAAG,EAAE,SAAS,EAAE,UAAU,EAAE,WAAW,EAAE,MAAM,IAAI,CAAC;AAE7D,OAAO,EAAE,mBAAmB,EAAE,OAAO,EAAE,MAAM,YAAY,CAAC;AAE1D,MAAM,WAAW,eAAe;IAC9B,IAAI,EAAE,OAAO,CAAC;IACd,MAAM,EAAE,mBAAmB,CAAC;CAC7B;AAED,MAAM,WAAW,cAAe,SAAQ,eAAe;IACrD,MAAM,EAAE,KAAK,CAAC;IAEd,GAAG,EAAE,WAAW,GAAG,MAAM,CAAC;IAC1B,MAAM,EAAE,MAAM,CAAC;CAChB;AAED,MAAM,WAAW,cAAe,SAAQ,eAAe;IACrD,MAAM,EAAE,KAAK,CAAC;IAEd,GAAG,EAAE,WAAW,GAAG,MAAM,CAAC;IAE1B;;;;;OAKG;IACH,GAAG,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC;IAEnB;;OAEG;IACH,MAAM,EAAE,MAAM,CAAC;CAChB;AAED,MAAM,WAAW,2BAA4B,SAAQ,eAAe;IAClE,MAAM,EAAE,mBAAmB,CAAC;IAE5B;;OAEG;IACH,QAAQ,EAAE,MAAM,CAAC;CAClB;AAED,MAAM,WAAW,cAAe,SAAQ,eAAe;IACrD,MAAM,EAAE,KAAK,CAAC;IACd,GAAG,EAAE,WAAW,GAAG,MAAM,CAAC;IAE1B,GAAG,EAAE,GAAG,CAAC;CACV;AAED,MAAM,WAAW,iBAAkB,SAAQ,eAAe;IACxD,MAAM,EAAE,QAAQ,CAAC;CAClB;AAED,MAAM,MAAM,WAAW,GAAG,cAAc,GAAG,cAAc,GAAG,iBAAiB,GAAG,cAAc,GAAG,2BAA2B,CAAC;AAE7H,eAAO,MAAM,iBAAiB,QAAS;IAAE,MAAM,EAAE,SAAS,CAAC;IAAC,OAAO,EAAE,UAAU,CAAA;CAAE,WAAW;IAAE,IAAI,EAAE,OAAO,CAAA;CAAE,KAAG,cAS/G,CAAC;AAiBF,eAAO,MAAM,cAAc,QAAS;IAAE,MAAM,EAAE,SAAS,CAAC;IAAC,OAAO,EAAE,UAAU,CAAA;CAAE,WAAW;IAAE,IAAI,EAAE,OAAO,CAAA;CAAE,KAAG,cAgB5G,CAAC;AAEF,eAAO,MAAM,cAAc,QAAe;IAAE,MAAM,EAAE,SAAS,CAAC;IAAC,OAAO,EAAE,UAAU,CAAA;CAAE,WAAW;IAAE,IAAI,EAAE,OAAO,CAAA;CAAE,KAAG,QAAQ,cAAc,CAUxI,CAAC;AAEF,eAAO,MAAM,yBAAyB,QAC/B;IAAE,MAAM,EAAE,SAAS,CAAC;IAAC,OAAO,EAAE,UAAU,CAAA;CAAE,WACtC;IAAE,IAAI,EAAE,OAAO,CAAA;CAAE,KACzB,QAAQ,WAAW,CAQrB,CAAC;AAEF,MAAM,MAAM,qBAAqB,CAAC,CAAC,SAAS,WAAW,IAAI,CACzD,WAAW,EAAE,CAAC,EACd,GAAG,EAAE;IAAE,MAAM,EAAE,SAAS,CAAC;IAAC,OAAO,EAAE,UAAU,CAAC;IAAC,GAAG,EAAE,MAAM,CAAA;CAAE,KACzD,OAAO,CAAC,OAAO,CAAC,CAAC"}

package/dist/jwt/JwtVerifier.js

@@ -22,6 +22,19 @@ const getDidJwtVerifier = (jwt, options) => {
     return { method: 'did', didUrl: jwt.header.kid, type: type, alg: jwt.header.alg };
 };
 exports.getDidJwtVerifier = getDidJwtVerifier;
+const getIssuer = (type, payload) => {
+    // For 'request-object' the `iss` value is not required so we map the issuer to client_id
+    if (type === 'request-object') {
+        if (!payload.client_id) {
+            throw new Error('Missing required field client_id in request object JWT');
+        }
+        return payload.client_id;
+    }
+    if (typeof payload.iss !== 'string') {
+        throw new Error(`Received an invalid JWT. '${type}' contains an invalid iss claim or it is missing.`);
+    }
+    return payload.iss;
+};
 const getX5cVerifier = (jwt, options) => {
     const { type } = options;
     if (!jwt.header.x5c)
@@ -31,10 +44,13 @@ const getX5cVerifier = (jwt, options) => {
     if (!Array.isArray(jwt.header.x5c) || jwt.header.x5c.length === 0 || !jwt.header.x5c.every((cert) => typeof cert === 'string')) {
         throw new Error(`Received an invalid JWT.. '${type}' contains an invalid x5c header.`);
     }
-    if (typeof jwt.payload.iss !== 'string') {
-        throw new Error(`Received an invalid JWT. '${type}' contains an invalid iss claim.`);
-    }
-    return { method: 'x5c', x5c: jwt.header.x5c, issuer: jwt.payload.iss, type: type, alg: jwt.header.alg };
+    return {
+        method: 'x5c',
+        x5c: jwt.header.x5c,
+        issuer: getIssuer(type, jwt.payload),
+        type: type,
+        alg: jwt.header.alg,
+    };
 };
 exports.getX5cVerifier = getX5cVerifier;
 const getJwkVerifier = (jwt, options) => __awaiter(void 0, void 0, void 0, function* () {

package/dist/jwt/JwtVerifier.js.map

@@ -1 +1 @@
-{"version":3,"file":"JwtVerifier.js","sourceRoot":"","sources":["../../lib/jwt/JwtVerifier.ts"],"names":[],"mappings":";;;;;;;;;;;;AAyDO,MAAM,iBAAiB,GAAG,CAAC,GAA+C,EAAE,OAA0B,EAAkB,EAAE;IAC/H,MAAM,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC;IACzB,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,GAAG;QAAE,MAAM,IAAI,KAAK,CAAC,8CAA8C,CAAC,CAAC;IACrF,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,GAAG;QAAE,MAAM,IAAI,KAAK,CAAC,8CAA8C,CAAC,CAAC;IAErF,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;QAClC,MAAM,IAAI,KAAK,CAAC,8BAA8B,IAAI,mCAAmC,CAAC,CAAC;IACzF,CAAC;IACD,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,GAAG,CAAC,MAAM,CAAC,GAAG,EAAE,IAAI,EAAE,IAAI,EAAE,GAAG,EAAE,GAAG,CAAC,MAAM,CAAC,GAAG,EAAE,CAAC;AACpF,CAAC,CAAC;AATW,QAAA,iBAAiB,qBAS5B;AAEK,MAAM,cAAc,GAAG,CAAC,GAA+C,EAAE,OAA0B,EAAkB,EAAE;IAC5H,MAAM,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC;IACzB,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,GAAG;QAAE,MAAM,IAAI,KAAK,CAAC,8CAA8C,CAAC,CAAC;IACrF,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,GAAG;QAAE,MAAM,IAAI,KAAK,CAAC,8CAA8C,CAAC,CAAC;IAErF,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,IAAI,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,MAAM,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,OAAO,IAAI,KAAK,QAAQ,CAAC,EAAE,CAAC;QAC/H,MAAM,IAAI,KAAK,CAAC,8BAA8B,IAAI,mCAAmC,CAAC,CAAC;IACzF,CAAC;IAED,IAAI,OAAO,GAAG,CAAC,OAAO,CAAC,GAAG,KAAK,QAAQ,EAAE,CAAC;QACxC,MAAM,IAAI,KAAK,CAAC,6BAA6B,IAAI,kCAAkC,CAAC,CAAC;IACvF,CAAC;IAED,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,GAAG,EAAE,GAAG,CAAC,MAAM,CAAC,GAAG,EAAE,MAAM,EAAE,GAAG,CAAC,OAAO,CAAC,GAAG,EAAE,IAAI,EAAE,IAAI,EAAE,GAAG,EAAE,GAAG,CAAC,MAAM,CAAC,GAAG,EAAE,CAAC;AAC1G,CAAC,CAAC;AAdW,QAAA,cAAc,kBAczB;AAEK,MAAM,cAAc,GAAG,CAAO,GAA+C,EAAE,OAA0B,EAA2B,EAAE;IAC3I,MAAM,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC;IACzB,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,GAAG;QAAE,MAAM,IAAI,KAAK,CAAC,+CAA+C,CAAC,CAAC;IACtF,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,GAAG;QAAE,MAAM,IAAI,KAAK,CAAC,8CAA8C,CAAC,CAAC;IAErF,IAAI,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,KAAK,QAAQ,EAAE,CAAC;QACvC,MAAM,IAAI,KAAK,CAAC,6BAA6B,IAAI,mCAAmC,CAAC,CAAC;IACxF,CAAC;IAED,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,GAAG,EAAE,GAAG,CAAC,MAAM,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,MAAM,CAAC,GAAG,EAAE,CAAC;AAC3E,CAAC,CAAA,CAAC;AAVW,QAAA,cAAc,kBAUzB;AAEK,MAAM,yBAAyB,GAAG,CACvC,GAA+C,EAC/C,OAA0B,EACJ,EAAE;;IACxB,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,GAAG,GAAG,CAAC;IAEhC,IAAI,MAAA,MAAM,CAAC,GAAG,0CAAE,UAAU,CAAC,MAAM,CAAC;QAAE,OAAO,IAAA,yBAAiB,EAAC,EAAE,MAAM,EAAE,OAAO,EAAE,EAAE,OAAO,CAAC,CAAC;SACtF,IAAI,GAAG,CAAC,MAAM,CAAC,GAAG;QAAE,OAAO,IAAA,sBAAc,EAAC,EAAE,MAAM,EAAE,OAAO,EAAE,EAAE,OAAO,CAAC,CAAC;SACxE,IAAI,GAAG,CAAC,MAAM,CAAC,GAAG;QAAE,OAAO,IAAA,sBAAc,EAAC,EAAE,MAAM,EAAE,OAAO,EAAE,EAAE,OAAO,CAAC,CAAC;IAE7E,OAAO,EAAE,MAAM,EAAE,QAAQ,EAAE,IAAI,EAAE,OAAO,CAAC,IAAI,EAAE,CAAC;AAClD,CAAC,CAAA,CAAC;AAXW,QAAA,yBAAyB,6BAWpC"}
+{"version":3,"file":"JwtVerifier.js","sourceRoot":"","sources":["../../lib/jwt/JwtVerifier.ts"],"names":[],"mappings":";;;;;;;;;;;;AAyDO,MAAM,iBAAiB,GAAG,CAAC,GAA+C,EAAE,OAA0B,EAAkB,EAAE;IAC/H,MAAM,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC;IACzB,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,GAAG;QAAE,MAAM,IAAI,KAAK,CAAC,8CAA8C,CAAC,CAAC;IACrF,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,GAAG;QAAE,MAAM,IAAI,KAAK,CAAC,8CAA8C,CAAC,CAAC;IAErF,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;QAClC,MAAM,IAAI,KAAK,CAAC,8BAA8B,IAAI,mCAAmC,CAAC,CAAC;IACzF,CAAC;IACD,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,GAAG,CAAC,MAAM,CAAC,GAAG,EAAE,IAAI,EAAE,IAAI,EAAE,GAAG,EAAE,GAAG,CAAC,MAAM,CAAC,GAAG,EAAE,CAAC;AACpF,CAAC,CAAC;AATW,QAAA,iBAAiB,qBAS5B;AAEF,MAAM,SAAS,GAAG,CAAC,IAAa,EAAE,OAAmB,EAAU,EAAE;IAC/D,yFAAyF;IACzF,IAAI,IAAI,KAAK,gBAAgB,EAAE,CAAC;QAC9B,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,CAAC;YACvB,MAAM,IAAI,KAAK,CAAC,wDAAwD,CAAC,CAAC;QAC5E,CAAC;QACD,OAAO,OAAO,CAAC,SAAmB,CAAC;IACrC,CAAC;IAED,IAAI,OAAO,OAAO,CAAC,GAAG,KAAK,QAAQ,EAAE,CAAC;QACpC,MAAM,IAAI,KAAK,CAAC,6BAA6B,IAAI,mDAAmD,CAAC,CAAC;IACxG,CAAC;IACD,OAAO,OAAO,CAAC,GAAG,CAAC;AACrB,CAAC,CAAC;AAEK,MAAM,cAAc,GAAG,CAAC,GAA+C,EAAE,OAA0B,EAAkB,EAAE;IAC5H,MAAM,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC;IACzB,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,GAAG;QAAE,MAAM,IAAI,KAAK,CAAC,8CAA8C,CAAC,CAAC;IACrF,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,GAAG;QAAE,MAAM,IAAI,KAAK,CAAC,8CAA8C,CAAC,CAAC;IAErF,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,IAAI,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,MAAM,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,OAAO,IAAI,KAAK,QAAQ,CAAC,EAAE,CAAC;QAC/H,MAAM,IAAI,KAAK,CAAC,8BAA8B,IAAI,mCAAmC,CAAC,CAAC;IACzF,CAAC;IAED,OAAO;QACL,MAAM,EAAE,KAAK;QACb,GAAG,EAAE,GAAG,CAAC,MAAM,CAAC,GAAG;QACnB,MAAM,EAAE,SAAS,CAAC,IAAI,EAAE,GAAG,CAAC,OAAO,CAAC;QACpC,IAAI,EAAE,IAAI;QACV,GAAG,EAAE,GAAG,CAAC,MAAM,CAAC,GAAG;KACpB,CAAC;AACJ,CAAC,CAAC;AAhBW,QAAA,cAAc,kBAgBzB;AAEK,MAAM,cAAc,GAAG,CAAO,GAA+C,EAAE,OAA0B,EAA2B,EAAE;IAC3I,MAAM,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC;IACzB,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,GAAG;QAAE,MAAM,IAAI,KAAK,CAAC,+CAA+C,CAAC,CAAC;IACtF,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,GAAG;QAAE,MAAM,IAAI,KAAK,CAAC,8CAA8C,CAAC,CAAC;IAErF,IAAI,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,KAAK,QAAQ,EAAE,CAAC;QACvC,MAAM,IAAI,KAAK,CAAC,6BAA6B,IAAI,mCAAmC,CAAC,CAAC;IACxF,CAAC;IAED,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,GAAG,EAAE,GAAG,CAAC,MAAM,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,MAAM,CAAC,GAAG,EAAE,CAAC;AAC3E,CAAC,CAAA,CAAC;AAVW,QAAA,cAAc,kBAUzB;AAEK,MAAM,yBAAyB,GAAG,CACvC,GAA+C,EAC/C,OAA0B,EACJ,EAAE;;IACxB,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,GAAG,GAAG,CAAC;IAEhC,IAAI,MAAA,MAAM,CAAC,GAAG,0CAAE,UAAU,CAAC,MAAM,CAAC;QAAE,OAAO,IAAA,yBAAiB,EAAC,EAAE,MAAM,EAAE,OAAO,EAAE,EAAE,OAAO,CAAC,CAAC;SACtF,IAAI,GAAG,CAAC,MAAM,CAAC,GAAG;QAAE,OAAO,IAAA,sBAAc,EAAC,EAAE,MAAM,EAAE,OAAO,EAAE,EAAE,OAAO,CAAC,CAAC;SACxE,IAAI,GAAG,CAAC,MAAM,CAAC,GAAG;QAAE,OAAO,IAAA,sBAAc,EAAC,EAAE,MAAM,EAAE,OAAO,EAAE,EAAE,OAAO,CAAC,CAAC;IAE7E,OAAO,EAAE,MAAM,EAAE,QAAQ,EAAE,IAAI,EAAE,OAAO,CAAC,IAAI,EAAE,CAAC;AAClD,CAAC,CAAA,CAAC;AAXW,QAAA,yBAAyB,6BAWpC"}

package/dist/jwt/jwtUtils.d.ts

@@ -13,4 +13,14 @@ export declare function getNowSkewed(now?: number, skewTime?: number): {
  * Returns the current unix timestamp in seconds.
  */
 export declare function epochTime(): number;
+export declare const BASE64_URL_REGEX: RegExp;
+export declare const isJws: (jws: string) => boolean;
+export declare const isJwe: (jwe: string) => boolean;
+export declare const decodeProtectedHeader: (jwt: string) => import("jwt-decode").JwtHeader;
+export declare const decodeJwt: (jwt: string) => JwtPayload;
+export declare const checkExp: (input: {
+    exp: number;
+    now?: number;
+    clockSkew?: number;
+}) => boolean;
 //# sourceMappingURL=jwtUtils.d.ts.map

package/dist/jwt/jwtUtils.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"jwtUtils.d.ts","sourceRoot":"","sources":["../../lib/jwt/jwtUtils.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,SAAS,EAAE,UAAU,EAAE,MAAM,IAAI,CAAC;AAE3C,MAAM,MAAM,OAAO,GAAG,UAAU,GAAG,gBAAgB,GAAG,sBAAsB,GAAG,MAAM,CAAC;AAEtF,MAAM,MAAM,mBAAmB,GAAG,KAAK,GAAG,KAAK,GAAG,KAAK,GAAG,mBAAmB,GAAG,QAAQ,CAAC;AAEzF,wBAAgB,QAAQ,CAAC,MAAM,GAAG,SAAS,EAAE,OAAO,GAAG,UAAU,EAAE,GAAG,EAAE,MAAM;;;EAQ7E;AAWD,wBAAgB,YAAY,CAAC,GAAG,CAAC,EAAE,MAAM,EAAE,QAAQ,CAAC,EAAE,MAAM;;;EAQ3D;AAED;;GAEG;AACH,wBAAgB,SAAS,WAExB"}
+{"version":3,"file":"jwtUtils.d.ts","sourceRoot":"","sources":["../../lib/jwt/jwtUtils.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,SAAS,EAAE,UAAU,EAAE,MAAM,IAAI,CAAC;AAE3C,MAAM,MAAM,OAAO,GAAG,UAAU,GAAG,gBAAgB,GAAG,sBAAsB,GAAG,MAAM,CAAC;AAEtF,MAAM,MAAM,mBAAmB,GAAG,KAAK,GAAG,KAAK,GAAG,KAAK,GAAG,mBAAmB,GAAG,QAAQ,CAAC;AAEzF,wBAAgB,QAAQ,CAAC,MAAM,GAAG,SAAS,EAAE,OAAO,GAAG,UAAU,EAAE,GAAG,EAAE,MAAM;;;EAQ7E;AAWD,wBAAgB,YAAY,CAAC,GAAG,CAAC,EAAE,MAAM,EAAE,QAAQ,CAAC,EAAE,MAAM;;;EAQ3D;AAED;;GAEG;AACH,wBAAgB,SAAS,WAExB;AAED,eAAO,MAAM,gBAAgB,QAA2E,CAAC;AAEzG,eAAO,MAAM,KAAK,QAAS,MAAM,YAGhC,CAAC;AACF,eAAO,MAAM,KAAK,QAAS,MAAM,YAGhC,CAAC;AAEF,eAAO,MAAM,qBAAqB,QAAS,MAAM,mCAEhD,CAAC;AAEF,eAAO,MAAM,SAAS,QAAS,MAAM,KAAG,UAEvC,CAAC;AAEF,eAAO,MAAM,QAAQ,UAAW;IAC9B,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB,YAGA,CAAC"}

package/dist/jwt/jwtUtils.js

@@ -1,6 +1,6 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.epochTime = exports.getNowSkewed = exports.parseJWT = void 0;
+exports.checkExp = exports.decodeJwt = exports.decodeProtectedHeader = exports.isJwe = exports.isJws = exports.BASE64_URL_REGEX = exports.epochTime = exports.getNowSkewed = exports.parseJWT = void 0;
 const jwt_decode_1 = require("jwt-decode");
 function parseJWT(jwt) {
     const header = (0, jwt_decode_1.jwtDecode)(jwt, { header: true });
@@ -35,4 +35,28 @@ function epochTime() {
     return Math.floor(Date.now() / 1000);
 }
 exports.epochTime = epochTime;
+exports.BASE64_URL_REGEX = /^([0-9a-zA-Z-_]{4})*(([0-9a-zA-Z-_]{2}(==)?)|([0-9a-zA-Z-_]{3}(=)?))?$/;
+const isJws = (jws) => {
+    const jwsParts = jws.split('.');
+    return jwsParts.length === 3 && jwsParts.every((part) => exports.BASE64_URL_REGEX.test(part));
+};
+exports.isJws = isJws;
+const isJwe = (jwe) => {
+    const jweParts = jwe.split('.');
+    return jweParts.length === 5 && jweParts.every((part) => exports.BASE64_URL_REGEX.test(part));
+};
+exports.isJwe = isJwe;
+const decodeProtectedHeader = (jwt) => {
+    return (0, jwt_decode_1.jwtDecode)(jwt, { header: true });
+};
+exports.decodeProtectedHeader = decodeProtectedHeader;
+const decodeJwt = (jwt) => {
+    return (0, jwt_decode_1.jwtDecode)(jwt, { header: false });
+};
+exports.decodeJwt = decodeJwt;
+const checkExp = (input) => {
+    const { exp, now, clockSkew } = input;
+    return exp < (now !== null && now !== void 0 ? now : Date.now() / 1000) - (clockSkew !== null && clockSkew !== void 0 ? clockSkew : 120);
+};
+exports.checkExp = checkExp;
 //# sourceMappingURL=jwtUtils.js.map

package/dist/jwt/jwtUtils.js.map

@@ -1 +1 @@
-{"version":3,"file":"jwtUtils.js","sourceRoot":"","sources":["../../lib/jwt/jwtUtils.ts"],"names":[],"mappings":";;;AAAA,2CAAuC;AAQvC,SAAgB,QAAQ,CAA2C,GAAW;IAC5E,MAAM,MAAM,GAAG,IAAA,sBAAS,EAAS,GAAG,EAAE,EAAE,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC;IACxD,MAAM,OAAO,GAAG,IAAA,sBAAS,EAAU,GAAG,EAAE,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC;IAE3D,IAAI,CAAC,OAAO,IAAI,CAAC,MAAM,EAAE,CAAC;QACxB,MAAM,IAAI,KAAK,CAAC,+CAA+C,CAAC,CAAC;IACnE,CAAC;IACD,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,CAAC;AAC7B,CAAC;AARD,4BAQC;AAED;;;;;;GAMG;AACH,MAAM,iBAAiB,GAAG,EAAE,CAAC;AAE7B,SAAgB,YAAY,CAAC,GAAY,EAAE,QAAiB;IAC1D,MAAM,IAAI,GAAG,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,SAAS,EAAE,CAAC;IACrC,MAAM,SAAS,GAAG,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,iBAAiB,CAAC;IAE1D,OAAO;QACL,aAAa,EAAE,IAAI,GAAG,SAAS;QAC/B,eAAe,EAAE,IAAI,GAAG,SAAS;KAClC,CAAC;AACJ,CAAC;AARD,oCAQC;AAED;;GAEG;AACH,SAAgB,SAAS;IACvB,OAAO,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;AACvC,CAAC;AAFD,8BAEC"}
+{"version":3,"file":"jwtUtils.js","sourceRoot":"","sources":["../../lib/jwt/jwtUtils.ts"],"names":[],"mappings":";;;AAAA,2CAAuC;AAQvC,SAAgB,QAAQ,CAA2C,GAAW;IAC5E,MAAM,MAAM,GAAG,IAAA,sBAAS,EAAS,GAAG,EAAE,EAAE,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC;IACxD,MAAM,OAAO,GAAG,IAAA,sBAAS,EAAU,GAAG,EAAE,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC;IAE3D,IAAI,CAAC,OAAO,IAAI,CAAC,MAAM,EAAE,CAAC;QACxB,MAAM,IAAI,KAAK,CAAC,+CAA+C,CAAC,CAAC;IACnE,CAAC;IACD,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,CAAC;AAC7B,CAAC;AARD,4BAQC;AAED;;;;;;GAMG;AACH,MAAM,iBAAiB,GAAG,EAAE,CAAC;AAE7B,SAAgB,YAAY,CAAC,GAAY,EAAE,QAAiB;IAC1D,MAAM,IAAI,GAAG,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,SAAS,EAAE,CAAC;IACrC,MAAM,SAAS,GAAG,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,iBAAiB,CAAC;IAE1D,OAAO;QACL,aAAa,EAAE,IAAI,GAAG,SAAS;QAC/B,eAAe,EAAE,IAAI,GAAG,SAAS;KAClC,CAAC;AACJ,CAAC;AARD,oCAQC;AAED;;GAEG;AACH,SAAgB,SAAS;IACvB,OAAO,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;AACvC,CAAC;AAFD,8BAEC;AAEY,QAAA,gBAAgB,GAAG,wEAAwE,CAAC;AAElG,MAAM,KAAK,GAAG,CAAC,GAAW,EAAE,EAAE;IACnC,MAAM,QAAQ,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAChC,OAAO,QAAQ,CAAC,MAAM,KAAK,CAAC,IAAI,QAAQ,CAAC,KAAK,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,wBAAgB,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;AACxF,CAAC,CAAC;AAHW,QAAA,KAAK,SAGhB;AACK,MAAM,KAAK,GAAG,CAAC,GAAW,EAAE,EAAE;IACnC,MAAM,QAAQ,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAChC,OAAO,QAAQ,CAAC,MAAM,KAAK,CAAC,IAAI,QAAQ,CAAC,KAAK,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,wBAAgB,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;AACxF,CAAC,CAAC;AAHW,QAAA,KAAK,SAGhB;AAEK,MAAM,qBAAqB,GAAG,CAAC,GAAW,EAAE,EAAE;IACnD,OAAO,IAAA,sBAAS,EAAC,GAAG,EAAE,EAAE,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC;AAC1C,CAAC,CAAC;AAFW,QAAA,qBAAqB,yBAEhC;AAEK,MAAM,SAAS,GAAG,CAAC,GAAW,EAAc,EAAE;IACnD,OAAO,IAAA,sBAAS,EAAC,GAAG,EAAE,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC;AAC3C,CAAC,CAAC;AAFW,QAAA,SAAS,aAEpB;AAEK,MAAM,QAAQ,GAAG,CAAC,KAIxB,EAAE,EAAE;IACH,MAAM,EAAE,GAAG,EAAE,GAAG,EAAE,SAAS,EAAE,GAAG,KAAK,CAAC;IACtC,OAAO,GAAG,GAAG,CAAC,GAAG,aAAH,GAAG,cAAH,GAAG,GAAI,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,GAAG,CAAC,SAAS,aAAT,SAAS,cAAT,SAAS,GAAI,GAAG,CAAC,CAAC;AAC/D,CAAC,CAAC;AAPW,QAAA,QAAQ,YAOnB"}

package/dist/oauth/DynamicClientRegistration.types.d.ts

@@ -0,0 +1,19 @@
+import { JWKS } from '../jwt';
+export interface DynamicRegistrationClientMetadata {
+    redirect_uris?: string[];
+    token_endpoint_auth_method?: string;
+    grant_types?: string;
+    response_types?: string;
+    client_name?: string;
+    client_uri?: string;
+    logo_uri?: string;
+    scope?: string;
+    contacts?: string[];
+    tos_uri?: string;
+    policy_uri?: string;
+    jwks_uri?: string;
+    jwks?: JWKS;
+    software_id?: string;
+    software_version?: string;
+}
+//# sourceMappingURL=DynamicClientRegistration.types.d.ts.map

package/dist/oauth/DynamicClientRegistration.types.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"DynamicClientRegistration.types.d.ts","sourceRoot":"","sources":["../../lib/oauth/DynamicClientRegistration.types.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,MAAM,QAAQ,CAAC;AAG9B,MAAM,WAAW,iCAAiC;IAChD,aAAa,CAAC,EAAE,MAAM,EAAE,CAAC;IACzB,0BAA0B,CAAC,EAAE,MAAM,CAAC;IACpC,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,QAAQ,CAAC,EAAE,MAAM,EAAE,CAAC;IACpB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,IAAI,CAAC,EAAE,IAAI,CAAC;IACZ,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,gBAAgB,CAAC,EAAE,MAAM,CAAC;CAC3B"}

package/dist/oauth/DynamicClientRegistration.types.js

@@ -0,0 +1,3 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+//# sourceMappingURL=DynamicClientRegistration.types.js.map

package/dist/oauth/DynamicClientRegistration.types.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"DynamicClientRegistration.types.js","sourceRoot":"","sources":["../../lib/oauth/DynamicClientRegistration.types.ts"],"names":[],"mappings":""}

package/dist/oauth/index.d.ts

@@ -0,0 +1,2 @@
+export * from './DynamicClientRegistration.types';
+//# sourceMappingURL=index.d.ts.map

package/dist/oauth/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../lib/oauth/index.ts"],"names":[],"mappings":"AAAA,cAAc,mCAAmC,CAAC"}

package/dist/oauth/index.js

@@ -0,0 +1,18 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+__exportStar(require("./DynamicClientRegistration.types"), exports);
+//# sourceMappingURL=index.js.map

package/dist/oauth/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../lib/oauth/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,oEAAkD"}

package/lib/index.ts

@@ -5,6 +5,7 @@ export const VCI_LOG_COMMON = VCI_LOGGERS.get('sphereon:oid4vci:common');
 
 export * from './jwt';
 export * from './dpop';
+export * from './oauth';
 
 export { v4 as uuidv4 } from 'uuid';
 export { defaultHasher } from './hasher';

package/lib/jwt/Jwk.types.ts

@@ -32,3 +32,7 @@ export interface JWK extends BaseJWK {
 
   [propName: string]: unknown;
 }
+
+export type JWKS = {
+  keys: JWK[];
+};

package/lib/jwt/JwtVerifier.ts

@@ -66,6 +66,21 @@ export const getDidJwtVerifier = (jwt: { header: JwtHeader; payload: JwtPayload
   return { method: 'did', didUrl: jwt.header.kid, type: type, alg: jwt.header.alg };
 };
 
+const getIssuer = (type: JwtType, payload: JwtPayload): string => {
+  // For 'request-object' the `iss` value is not required so we map the issuer to client_id
+  if (type === 'request-object') {
+    if (!payload.client_id) {
+      throw new Error('Missing required field client_id in request object JWT');
+    }
+    return payload.client_id as string;
+  }
+
+  if (typeof payload.iss !== 'string') {
+    throw new Error(`Received an invalid JWT. '${type}' contains an invalid iss claim or it is missing.`);
+  }
+  return payload.iss;
+};
+
 export const getX5cVerifier = (jwt: { header: JwtHeader; payload: JwtPayload }, options: { type: JwtType }): X5cJwtVerifier => {
   const { type } = options;
   if (!jwt.header.x5c) throw new Error(`Received an invalid JWT. Missing x5c header.`);
@@ -75,11 +90,13 @@ export const getX5cVerifier = (jwt: { header: JwtHeader; payload: JwtPayload },
     throw new Error(`Received an invalid JWT.. '${type}' contains an invalid x5c header.`);
   }
 
-  if (typeof jwt.payload.iss !== 'string') {
-    throw new Error(`Received an invalid JWT. '${type}' contains an invalid iss claim.`);
-  }
-
-  return { method: 'x5c', x5c: jwt.header.x5c, issuer: jwt.payload.iss, type: type, alg: jwt.header.alg };
+  return {
+    method: 'x5c',
+    x5c: jwt.header.x5c,
+    issuer: getIssuer(type, jwt.payload),
+    type: type,
+    alg: jwt.header.alg,
+  };
 };
 
 export const getJwkVerifier = async (jwt: { header: JwtHeader; payload: JwtPayload }, options: { type: JwtType }): Promise<JwkJwtVerifier> => {

package/lib/jwt/jwtUtils.ts

@@ -41,3 +41,31 @@ export function getNowSkewed(now?: number, skewTime?: number) {
 export function epochTime() {
   return Math.floor(Date.now() / 1000);
 }
+
+export const BASE64_URL_REGEX = /^([0-9a-zA-Z-_]{4})*(([0-9a-zA-Z-_]{2}(==)?)|([0-9a-zA-Z-_]{3}(=)?))?$/;
+
+export const isJws = (jws: string) => {
+  const jwsParts = jws.split('.');
+  return jwsParts.length === 3 && jwsParts.every((part) => BASE64_URL_REGEX.test(part));
+};
+export const isJwe = (jwe: string) => {
+  const jweParts = jwe.split('.');
+  return jweParts.length === 5 && jweParts.every((part) => BASE64_URL_REGEX.test(part));
+};
+
+export const decodeProtectedHeader = (jwt: string) => {
+  return jwtDecode(jwt, { header: true });
+};
+
+export const decodeJwt = (jwt: string): JwtPayload => {
+  return jwtDecode(jwt, { header: false });
+};
+
+export const checkExp = (input: {
+  exp: number;
+  now?: number; // The number of milliseconds elapsed since midnight, January 1, 1970 Universal Coordinated Time (UTC).
+  clockSkew?: number;
+}) => {
+  const { exp, now, clockSkew } = input;
+  return exp < (now ?? Date.now() / 1000) - (clockSkew ?? 120);
+};

package/lib/oauth/DynamicClientRegistration.types.ts

@@ -0,0 +1,20 @@
+import { JWKS } from '../jwt';
+
+// https://www.rfc-editor.org/rfc/rfc7591.html#section-2
+export interface DynamicRegistrationClientMetadata {
+  redirect_uris?: string[];
+  token_endpoint_auth_method?: string;
+  grant_types?: string;
+  response_types?: string;
+  client_name?: string;
+  client_uri?: string;
+  logo_uri?: string;
+  scope?: string;
+  contacts?: string[];
+  tos_uri?: string;
+  policy_uri?: string;
+  jwks_uri?: string;
+  jwks?: JWKS;
+  software_id?: string;
+  software_version?: string;
+}

package/lib/oauth/index.ts

@@ -0,0 +1 @@
+export * from './DynamicClientRegistration.types';

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@sphereon/oid4vc-common",
-  "version": "0.16.1-next.24+f696867",
+  "version": "0.16.1-next.252+c159817",
   "description": "OpenID 4 Verifiable Credentials Common",
   "source": "lib/index.ts",
   "main": "dist/index.js",
@@ -10,7 +10,7 @@
     "build:clean": "tsc --build --clean && tsc --build"
   },
   "dependencies": {
-    "@sphereon/ssi-types": "0.29.1-unstable.208",
+    "@sphereon/ssi-types": "0.30.2-feature.mdoc.funke2.367",
     "jwt-decode": "^4.0.0",
     "sha.js": "^2.4.11",
     "uint8arrays": "3.1.1",
@@ -52,5 +52,5 @@
   "publishConfig": {
     "access": "public"
   },
-  "gitHead": "f6968677ccd10c2ce8eb8484443971102547e8a2"
+  "gitHead": "c1598176383d747e3c3717c1a1718d73f280d68c"
 }