@sphereon/oid4vc-common 0.17.0 → 0.17.1-feature.esm.cjs.24

package/dist/jwt/JwtVerifier.js

@@ -1,80 +0,0 @@
-"use strict";
-var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
-    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
-    return new (P || (P = Promise))(function (resolve, reject) {
-        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
-        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
-        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
-        step((generator = generator.apply(thisArg, _arguments || [])).next());
-    });
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.getJwtVerifierWithContext = exports.getJwkVerifier = exports.getX5cVerifier = exports.getDidJwtVerifier = void 0;
-const getDidJwtVerifier = (jwt, options) => {
-    const { type } = options;
-    if (!jwt.header.kid)
-        throw new Error(`Received an invalid JWT. Missing kid header.`);
-    if (!jwt.header.alg)
-        throw new Error(`Received an invalid JWT. Missing alg header.`);
-    if (!jwt.header.kid.includes('#')) {
-        throw new Error(`Received an invalid JWT.. '${type}' contains an invalid kid header.`);
-    }
-    return { method: 'did', didUrl: jwt.header.kid, type: type, alg: jwt.header.alg };
-};
-exports.getDidJwtVerifier = getDidJwtVerifier;
-const getIssuer = (type, payload) => {
-    // For 'request-object' the `iss` value is not required so we map the issuer to client_id
-    if (type === 'request-object') {
-        if (!payload.client_id) {
-            throw new Error('Missing required field client_id in request object JWT');
-        }
-        return payload.client_id;
-    }
-    if (typeof payload.iss !== 'string') {
-        throw new Error(`Received an invalid JWT. '${type}' contains an invalid iss claim or it is missing.`);
-    }
-    return payload.iss;
-};
-const getX5cVerifier = (jwt, options) => {
-    const { type } = options;
-    if (!jwt.header.x5c)
-        throw new Error(`Received an invalid JWT. Missing x5c header.`);
-    if (!jwt.header.alg)
-        throw new Error(`Received an invalid JWT. Missing alg header.`);
-    if (!Array.isArray(jwt.header.x5c) || jwt.header.x5c.length === 0 || !jwt.header.x5c.every((cert) => typeof cert === 'string')) {
-        throw new Error(`Received an invalid JWT.. '${type}' contains an invalid x5c header.`);
-    }
-    return {
-        method: 'x5c',
-        x5c: jwt.header.x5c,
-        issuer: getIssuer(type, jwt.payload),
-        type: type,
-        alg: jwt.header.alg,
-    };
-};
-exports.getX5cVerifier = getX5cVerifier;
-const getJwkVerifier = (jwt, options) => __awaiter(void 0, void 0, void 0, function* () {
-    const { type } = options;
-    if (!jwt.header.jwk)
-        throw new Error(`Received an invalid JWT.  Missing jwk header.`);
-    if (!jwt.header.alg)
-        throw new Error(`Received an invalid JWT. Missing alg header.`);
-    if (typeof jwt.header.jwk !== 'object') {
-        throw new Error(`Received an invalid JWT. '${type}' contains an invalid jwk header.`);
-    }
-    return { method: 'jwk', type, jwk: jwt.header.jwk, alg: jwt.header.alg };
-});
-exports.getJwkVerifier = getJwkVerifier;
-const getJwtVerifierWithContext = (jwt, options) => __awaiter(void 0, void 0, void 0, function* () {
-    var _a;
-    const { header, payload } = jwt;
-    if ((_a = header.kid) === null || _a === void 0 ? void 0 : _a.startsWith('did:'))
-        return (0, exports.getDidJwtVerifier)({ header, payload }, options);
-    else if (jwt.header.x5c)
-        return (0, exports.getX5cVerifier)({ header, payload }, options);
-    else if (jwt.header.jwk)
-        return (0, exports.getJwkVerifier)({ header, payload }, options);
-    return { method: 'custom', type: options.type };
-});
-exports.getJwtVerifierWithContext = getJwtVerifierWithContext;
-//# sourceMappingURL=JwtVerifier.js.map

package/dist/jwt/JwtVerifier.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"JwtVerifier.js","sourceRoot":"","sources":["../../lib/jwt/JwtVerifier.ts"],"names":[],"mappings":";;;;;;;;;;;;AAyDO,MAAM,iBAAiB,GAAG,CAAC,GAA+C,EAAE,OAA0B,EAAkB,EAAE;IAC/H,MAAM,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC;IACzB,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,GAAG;QAAE,MAAM,IAAI,KAAK,CAAC,8CAA8C,CAAC,CAAC;IACrF,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,GAAG;QAAE,MAAM,IAAI,KAAK,CAAC,8CAA8C,CAAC,CAAC;IAErF,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;QAClC,MAAM,IAAI,KAAK,CAAC,8BAA8B,IAAI,mCAAmC,CAAC,CAAC;IACzF,CAAC;IACD,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,GAAG,CAAC,MAAM,CAAC,GAAG,EAAE,IAAI,EAAE,IAAI,EAAE,GAAG,EAAE,GAAG,CAAC,MAAM,CAAC,GAAG,EAAE,CAAC;AACpF,CAAC,CAAC;AATW,QAAA,iBAAiB,qBAS5B;AAEF,MAAM,SAAS,GAAG,CAAC,IAAa,EAAE,OAAmB,EAAU,EAAE;IAC/D,yFAAyF;IACzF,IAAI,IAAI,KAAK,gBAAgB,EAAE,CAAC;QAC9B,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,CAAC;YACvB,MAAM,IAAI,KAAK,CAAC,wDAAwD,CAAC,CAAC;QAC5E,CAAC;QACD,OAAO,OAAO,CAAC,SAAmB,CAAC;IACrC,CAAC;IAED,IAAI,OAAO,OAAO,CAAC,GAAG,KAAK,QAAQ,EAAE,CAAC;QACpC,MAAM,IAAI,KAAK,CAAC,6BAA6B,IAAI,mDAAmD,CAAC,CAAC;IACxG,CAAC;IACD,OAAO,OAAO,CAAC,GAAG,CAAC;AACrB,CAAC,CAAC;AAEK,MAAM,cAAc,GAAG,CAAC,GAA+C,EAAE,OAA0B,EAAkB,EAAE;IAC5H,MAAM,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC;IACzB,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,GAAG;QAAE,MAAM,IAAI,KAAK,CAAC,8CAA8C,CAAC,CAAC;IACrF,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,GAAG;QAAE,MAAM,IAAI,KAAK,CAAC,8CAA8C,CAAC,CAAC;IAErF,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,IAAI,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,MAAM,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,OAAO,IAAI,KAAK,QAAQ,CAAC,EAAE,CAAC;QAC/H,MAAM,IAAI,KAAK,CAAC,8BAA8B,IAAI,mCAAmC,CAAC,CAAC;IACzF,CAAC;IAED,OAAO;QACL,MAAM,EAAE,KAAK;QACb,GAAG,EAAE,GAAG,CAAC,MAAM,CAAC,GAAG;QACnB,MAAM,EAAE,SAAS,CAAC,IAAI,EAAE,GAAG,CAAC,OAAO,CAAC;QACpC,IAAI,EAAE,IAAI;QACV,GAAG,EAAE,GAAG,CAAC,MAAM,CAAC,GAAG;KACpB,CAAC;AACJ,CAAC,CAAC;AAhBW,QAAA,cAAc,kBAgBzB;AAEK,MAAM,cAAc,GAAG,CAAO,GAA+C,EAAE,OAA0B,EAA2B,EAAE;IAC3I,MAAM,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC;IACzB,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,GAAG;QAAE,MAAM,IAAI,KAAK,CAAC,+CAA+C,CAAC,CAAC;IACtF,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,GAAG;QAAE,MAAM,IAAI,KAAK,CAAC,8CAA8C,CAAC,CAAC;IAErF,IAAI,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,KAAK,QAAQ,EAAE,CAAC;QACvC,MAAM,IAAI,KAAK,CAAC,6BAA6B,IAAI,mCAAmC,CAAC,CAAC;IACxF,CAAC;IAED,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,GAAG,EAAE,GAAG,CAAC,MAAM,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,MAAM,CAAC,GAAG,EAAE,CAAC;AAC3E,CAAC,CAAA,CAAC;AAVW,QAAA,cAAc,kBAUzB;AAEK,MAAM,yBAAyB,GAAG,CACvC,GAA+C,EAC/C,OAA0B,EACJ,EAAE;;IACxB,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,GAAG,GAAG,CAAC;IAEhC,IAAI,MAAA,MAAM,CAAC,GAAG,0CAAE,UAAU,CAAC,MAAM,CAAC;QAAE,OAAO,IAAA,yBAAiB,EAAC,EAAE,MAAM,EAAE,OAAO,EAAE,EAAE,OAAO,CAAC,CAAC;SACtF,IAAI,GAAG,CAAC,MAAM,CAAC,GAAG;QAAE,OAAO,IAAA,sBAAc,EAAC,EAAE,MAAM,EAAE,OAAO,EAAE,EAAE,OAAO,CAAC,CAAC;SACxE,IAAI,GAAG,CAAC,MAAM,CAAC,GAAG;QAAE,OAAO,IAAA,sBAAc,EAAC,EAAE,MAAM,EAAE,OAAO,EAAE,EAAE,OAAO,CAAC,CAAC;IAE7E,OAAO,EAAE,MAAM,EAAE,QAAQ,EAAE,IAAI,EAAE,OAAO,CAAC,IAAI,EAAE,CAAC;AAClD,CAAC,CAAA,CAAC;AAXW,QAAA,yBAAyB,6BAWpC"}

package/dist/jwt/index.d.ts

@@ -1,7 +0,0 @@
-export * from './JwkThumbprint';
-export * from './Jwt.types';
-export * from './JwtIssuer';
-export * from './JwtVerifier';
-export * from './jwtUtils';
-export * from './Jwk.types';
-//# sourceMappingURL=index.d.ts.map

package/dist/jwt/index.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../lib/jwt/index.ts"],"names":[],"mappings":"AAAA,cAAc,iBAAiB,CAAC;AAChC,cAAc,aAAa,CAAC;AAC5B,cAAc,aAAa,CAAC;AAC5B,cAAc,eAAe,CAAC;AAC9B,cAAc,YAAY,CAAC;AAC3B,cAAc,aAAa,CAAC"}

package/dist/jwt/index.js

@@ -1,23 +0,0 @@
-"use strict";
-var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    var desc = Object.getOwnPropertyDescriptor(m, k);
-    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
-      desc = { enumerable: true, get: function() { return m[k]; } };
-    }
-    Object.defineProperty(o, k2, desc);
-}) : (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    o[k2] = m[k];
-}));
-var __exportStar = (this && this.__exportStar) || function(m, exports) {
-    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-__exportStar(require("./JwkThumbprint"), exports);
-__exportStar(require("./Jwt.types"), exports);
-__exportStar(require("./JwtIssuer"), exports);
-__exportStar(require("./JwtVerifier"), exports);
-__exportStar(require("./jwtUtils"), exports);
-__exportStar(require("./Jwk.types"), exports);
-//# sourceMappingURL=index.js.map

package/dist/jwt/index.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../../lib/jwt/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,kDAAgC;AAChC,8CAA4B;AAC5B,8CAA4B;AAC5B,gDAA8B;AAC9B,6CAA2B;AAC3B,8CAA4B"}

package/dist/jwt/jwtUtils.d.ts

@@ -1,26 +0,0 @@
-import { JwtHeader, JwtPayload } from '..';
-export type JwtType = 'id-token' | 'request-object' | 'verifier-attestation' | 'dpop';
-export type JwtProtectionMethod = 'did' | 'x5c' | 'jwk' | 'openid-federation' | 'custom';
-export declare function parseJWT<Header = JwtHeader, Payload = JwtPayload>(jwt: string): {
-    header: NonNullable<Header>;
-    payload: NonNullable<Payload>;
-};
-export declare function getNowSkewed(now?: number, skewTime?: number): {
-    nowSkewedPast: number;
-    nowSkewedFuture: number;
-};
-/**
- * Returns the current unix timestamp in seconds.
- */
-export declare function epochTime(): number;
-export declare const BASE64_URL_REGEX: RegExp;
-export declare const isJws: (jws: string) => boolean;
-export declare const isJwe: (jwe: string) => boolean;
-export declare const decodeProtectedHeader: (jwt: string) => import("jwt-decode").JwtHeader;
-export declare const decodeJwt: (jwt: string) => JwtPayload;
-export declare const checkExp: (input: {
-    exp: number;
-    now?: number;
-    clockSkew?: number;
-}) => boolean;
-//# sourceMappingURL=jwtUtils.d.ts.map

package/dist/jwt/jwtUtils.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"jwtUtils.d.ts","sourceRoot":"","sources":["../../lib/jwt/jwtUtils.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,SAAS,EAAE,UAAU,EAAE,MAAM,IAAI,CAAC;AAE3C,MAAM,MAAM,OAAO,GAAG,UAAU,GAAG,gBAAgB,GAAG,sBAAsB,GAAG,MAAM,CAAC;AAEtF,MAAM,MAAM,mBAAmB,GAAG,KAAK,GAAG,KAAK,GAAG,KAAK,GAAG,mBAAmB,GAAG,QAAQ,CAAC;AAEzF,wBAAgB,QAAQ,CAAC,MAAM,GAAG,SAAS,EAAE,OAAO,GAAG,UAAU,EAAE,GAAG,EAAE,MAAM;;;EAQ7E;AAWD,wBAAgB,YAAY,CAAC,GAAG,CAAC,EAAE,MAAM,EAAE,QAAQ,CAAC,EAAE,MAAM;;;EAQ3D;AAED;;GAEG;AACH,wBAAgB,SAAS,WAExB;AAED,eAAO,MAAM,gBAAgB,QAA2E,CAAC;AAEzG,eAAO,MAAM,KAAK,QAAS,MAAM,YAGhC,CAAC;AACF,eAAO,MAAM,KAAK,QAAS,MAAM,YAGhC,CAAC;AAEF,eAAO,MAAM,qBAAqB,QAAS,MAAM,mCAEhD,CAAC;AAEF,eAAO,MAAM,SAAS,QAAS,MAAM,KAAG,UAEvC,CAAC;AAEF,eAAO,MAAM,QAAQ,UAAW;IAC9B,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB,YAGA,CAAC"}

package/dist/jwt/jwtUtils.js

@@ -1,62 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.checkExp = exports.decodeJwt = exports.decodeProtectedHeader = exports.isJwe = exports.isJws = exports.BASE64_URL_REGEX = exports.epochTime = exports.getNowSkewed = exports.parseJWT = void 0;
-const jwt_decode_1 = require("jwt-decode");
-function parseJWT(jwt) {
-    const header = (0, jwt_decode_1.jwtDecode)(jwt, { header: true });
-    const payload = (0, jwt_decode_1.jwtDecode)(jwt, { header: false });
-    if (!payload || !header) {
-        throw new Error('Jwt Payload and/or Header could not be parsed');
-    }
-    return { header, payload };
-}
-exports.parseJWT = parseJWT;
-/**
- * The maximum allowed clock skew time in seconds. If an time based validation
- * is performed against current time (`now`), the validation can be of by the skew
- * time.
- *
- * See https://datatracker.ietf.org/doc/html/rfc7519#section-4.1.5
- */
-const DEFAULT_SKEW_TIME = 60;
-function getNowSkewed(now, skewTime) {
-    const _now = now ? now : epochTime();
-    const _skewTime = skewTime ? skewTime : DEFAULT_SKEW_TIME;
-    return {
-        nowSkewedPast: _now - _skewTime,
-        nowSkewedFuture: _now + _skewTime,
-    };
-}
-exports.getNowSkewed = getNowSkewed;
-/**
- * Returns the current unix timestamp in seconds.
- */
-function epochTime() {
-    return Math.floor(Date.now() / 1000);
-}
-exports.epochTime = epochTime;
-exports.BASE64_URL_REGEX = /^([0-9a-zA-Z-_]{4})*(([0-9a-zA-Z-_]{2}(==)?)|([0-9a-zA-Z-_]{3}(=)?))?$/;
-const isJws = (jws) => {
-    const jwsParts = jws.split('.');
-    return jwsParts.length === 3 && jwsParts.every((part) => exports.BASE64_URL_REGEX.test(part));
-};
-exports.isJws = isJws;
-const isJwe = (jwe) => {
-    const jweParts = jwe.split('.');
-    return jweParts.length === 5 && jweParts.every((part) => exports.BASE64_URL_REGEX.test(part));
-};
-exports.isJwe = isJwe;
-const decodeProtectedHeader = (jwt) => {
-    return (0, jwt_decode_1.jwtDecode)(jwt, { header: true });
-};
-exports.decodeProtectedHeader = decodeProtectedHeader;
-const decodeJwt = (jwt) => {
-    return (0, jwt_decode_1.jwtDecode)(jwt, { header: false });
-};
-exports.decodeJwt = decodeJwt;
-const checkExp = (input) => {
-    const { exp, now, clockSkew } = input;
-    return exp < (now !== null && now !== void 0 ? now : Date.now() / 1000) - (clockSkew !== null && clockSkew !== void 0 ? clockSkew : 120);
-};
-exports.checkExp = checkExp;
-//# sourceMappingURL=jwtUtils.js.map

package/dist/jwt/jwtUtils.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"jwtUtils.js","sourceRoot":"","sources":["../../lib/jwt/jwtUtils.ts"],"names":[],"mappings":";;;AAAA,2CAAuC;AAQvC,SAAgB,QAAQ,CAA2C,GAAW;IAC5E,MAAM,MAAM,GAAG,IAAA,sBAAS,EAAS,GAAG,EAAE,EAAE,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC;IACxD,MAAM,OAAO,GAAG,IAAA,sBAAS,EAAU,GAAG,EAAE,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC;IAE3D,IAAI,CAAC,OAAO,IAAI,CAAC,MAAM,EAAE,CAAC;QACxB,MAAM,IAAI,KAAK,CAAC,+CAA+C,CAAC,CAAC;IACnE,CAAC;IACD,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,CAAC;AAC7B,CAAC;AARD,4BAQC;AAED;;;;;;GAMG;AACH,MAAM,iBAAiB,GAAG,EAAE,CAAC;AAE7B,SAAgB,YAAY,CAAC,GAAY,EAAE,QAAiB;IAC1D,MAAM,IAAI,GAAG,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,SAAS,EAAE,CAAC;IACrC,MAAM,SAAS,GAAG,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,iBAAiB,CAAC;IAE1D,OAAO;QACL,aAAa,EAAE,IAAI,GAAG,SAAS;QAC/B,eAAe,EAAE,IAAI,GAAG,SAAS;KAClC,CAAC;AACJ,CAAC;AARD,oCAQC;AAED;;GAEG;AACH,SAAgB,SAAS;IACvB,OAAO,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;AACvC,CAAC;AAFD,8BAEC;AAEY,QAAA,gBAAgB,GAAG,wEAAwE,CAAC;AAElG,MAAM,KAAK,GAAG,CAAC,GAAW,EAAE,EAAE;IACnC,MAAM,QAAQ,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAChC,OAAO,QAAQ,CAAC,MAAM,KAAK,CAAC,IAAI,QAAQ,CAAC,KAAK,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,wBAAgB,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;AACxF,CAAC,CAAC;AAHW,QAAA,KAAK,SAGhB;AACK,MAAM,KAAK,GAAG,CAAC,GAAW,EAAE,EAAE;IACnC,MAAM,QAAQ,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAChC,OAAO,QAAQ,CAAC,MAAM,KAAK,CAAC,IAAI,QAAQ,CAAC,KAAK,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,wBAAgB,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;AACxF,CAAC,CAAC;AAHW,QAAA,KAAK,SAGhB;AAEK,MAAM,qBAAqB,GAAG,CAAC,GAAW,EAAE,EAAE;IACnD,OAAO,IAAA,sBAAS,EAAC,GAAG,EAAE,EAAE,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC;AAC1C,CAAC,CAAC;AAFW,QAAA,qBAAqB,yBAEhC;AAEK,MAAM,SAAS,GAAG,CAAC,GAAW,EAAc,EAAE;IACnD,OAAO,IAAA,sBAAS,EAAC,GAAG,EAAE,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC;AAC3C,CAAC,CAAC;AAFW,QAAA,SAAS,aAEpB;AAEK,MAAM,QAAQ,GAAG,CAAC,KAIxB,EAAE,EAAE;IACH,MAAM,EAAE,GAAG,EAAE,GAAG,EAAE,SAAS,EAAE,GAAG,KAAK,CAAC;IACtC,OAAO,GAAG,GAAG,CAAC,GAAG,aAAH,GAAG,cAAH,GAAG,GAAI,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,GAAG,CAAC,SAAS,aAAT,SAAS,cAAT,SAAS,GAAI,GAAG,CAAC,CAAC;AAC/D,CAAC,CAAC;AAPW,QAAA,QAAQ,YAOnB"}

package/dist/oauth/DynamicClientRegistration.types.d.ts

@@ -1,19 +0,0 @@
-import { JWKS } from '../jwt';
-export interface DynamicRegistrationClientMetadata {
-    redirect_uris?: string[];
-    token_endpoint_auth_method?: string;
-    grant_types?: string;
-    response_types?: string;
-    client_name?: string;
-    client_uri?: string;
-    logo_uri?: string;
-    scope?: string;
-    contacts?: string[];
-    tos_uri?: string;
-    policy_uri?: string;
-    jwks_uri?: string;
-    jwks?: JWKS;
-    software_id?: string;
-    software_version?: string;
-}
-//# sourceMappingURL=DynamicClientRegistration.types.d.ts.map

package/dist/oauth/DynamicClientRegistration.types.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"DynamicClientRegistration.types.d.ts","sourceRoot":"","sources":["../../lib/oauth/DynamicClientRegistration.types.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,MAAM,QAAQ,CAAC;AAG9B,MAAM,WAAW,iCAAiC;IAChD,aAAa,CAAC,EAAE,MAAM,EAAE,CAAC;IACzB,0BAA0B,CAAC,EAAE,MAAM,CAAC;IACpC,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,QAAQ,CAAC,EAAE,MAAM,EAAE,CAAC;IACpB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,IAAI,CAAC,EAAE,IAAI,CAAC;IACZ,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,gBAAgB,CAAC,EAAE,MAAM,CAAC;CAC3B"}

package/dist/oauth/DynamicClientRegistration.types.js

@@ -1,3 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-//# sourceMappingURL=DynamicClientRegistration.types.js.map

package/dist/oauth/DynamicClientRegistration.types.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"DynamicClientRegistration.types.js","sourceRoot":"","sources":["../../lib/oauth/DynamicClientRegistration.types.ts"],"names":[],"mappings":""}

package/dist/oauth/index.d.ts

@@ -1,2 +0,0 @@
-export * from './DynamicClientRegistration.types';
-//# sourceMappingURL=index.d.ts.map

package/dist/oauth/index.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../lib/oauth/index.ts"],"names":[],"mappings":"AAAA,cAAc,mCAAmC,CAAC"}

package/dist/oauth/index.js

@@ -1,18 +0,0 @@
-"use strict";
-var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    var desc = Object.getOwnPropertyDescriptor(m, k);
-    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
-      desc = { enumerable: true, get: function() { return m[k]; } };
-    }
-    Object.defineProperty(o, k2, desc);
-}) : (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    o[k2] = m[k];
-}));
-var __exportStar = (this && this.__exportStar) || function(m, exports) {
-    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-__exportStar(require("./DynamicClientRegistration.types"), exports);
-//# sourceMappingURL=index.js.map

package/dist/oauth/index.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../../lib/oauth/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,oEAAkD"}

package/dist/types/digest.types.d.ts

@@ -1,2 +0,0 @@
-export type DigestAlgorithm = 'sha256' | 'sha384' | 'sha512';
-//# sourceMappingURL=digest.types.d.ts.map

package/dist/types/digest.types.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"digest.types.d.ts","sourceRoot":"","sources":["../../lib/types/digest.types.ts"],"names":[],"mappings":"AAAA,MAAM,MAAM,eAAe,GAAG,QAAQ,GAAG,QAAQ,GAAG,QAAQ,CAAC"}

package/dist/types/digest.types.js

@@ -1,3 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-//# sourceMappingURL=digest.types.js.map

package/dist/types/digest.types.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"digest.types.js","sourceRoot":"","sources":["../../lib/types/digest.types.ts"],"names":[],"mappings":""}

package/dist/types/index.d.ts

@@ -1,2 +0,0 @@
-export * from './digest.types';
-//# sourceMappingURL=index.d.ts.map

package/dist/types/index.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../lib/types/index.ts"],"names":[],"mappings":"AAAA,cAAc,gBAAgB,CAAC"}

package/dist/types/index.js

@@ -1,18 +0,0 @@
-"use strict";
-var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    var desc = Object.getOwnPropertyDescriptor(m, k);
-    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
-      desc = { enumerable: true, get: function() { return m[k]; } };
-    }
-    Object.defineProperty(o, k2, desc);
-}) : (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    o[k2] = m[k];
-}));
-var __exportStar = (this && this.__exportStar) || function(m, exports) {
-    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-__exportStar(require("./digest.types"), exports);
-//# sourceMappingURL=index.js.map

package/dist/types/index.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../../lib/types/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,iDAA+B"}

package/lib/__tests__/dpop.spec.ts

@@ -1,124 +0,0 @@
-import { createDPoP, getCreateDPoPOptions, verifyDPoP } from '../dpop';
-
-describe('dpop', () => {
-  const alg = 'HS256';
-  const jwk = { kty: 'Ed25519', crv: 'Ed25519', x: '123', y: '123' };
-  const jwtIssuer = { alg, jwk };
-  const htm = 'POST';
-  const htu = 'https://example.com/token';
-  const nonce = 'nonce';
-  const jwtPayloadProps = { htm, htu, nonce } as const;
-  const jwtHeaderProps = { alg, jwk, typ: 'dpop+jwt' };
-  const unsignedDpop =
-    'eyJhbGciOiJIUzI1NiIsImp3ayI6eyJrdHkiOiJFZDI1NTE5IiwiY3J2IjoiRWQyNTUxOSIsIngiOiIxMjMiLCJ5IjoiMTIzIn0sInR5cCI6ImRwb3Arand0In0.eyJodG0iOiJQT1NUIiwiaHR1IjoiaHR0cHM6Ly9leGFtcGxlLmNvbS90b2tlbiIsIm5vbmNlIjoibm9uY2UiLCJpYXQiOjE3MjIzMjcxOTQsImp0aSI6Ijk4OWNiZTc4LWI1ZTYtNDViYS1iYjMzLWQ0MGE4ZGEwZjFhYSJ9';
-
-  it('should create a dpop with valid options', async () => {
-    const dpop = await createDPoP({
-      jwtIssuer,
-      jwtPayloadProps,
-      createJwtCallback: async (dpopJwtIssuerWithContext, jwt) => {
-        expect(dpopJwtIssuerWithContext.alg).toEqual(alg);
-        expect(dpopJwtIssuerWithContext.jwk).toEqual(jwk);
-        expect(dpopJwtIssuerWithContext.dPoPSigningAlgValuesSupported).toBeUndefined();
-        expect(dpopJwtIssuerWithContext.type).toEqual('dpop');
-
-        expect(jwt.header).toStrictEqual(jwtHeaderProps);
-        expect(jwt.payload).toStrictEqual({
-          ...jwtPayloadProps,
-          iat: expect.any(Number),
-          jti: expect.any(String),
-        });
-
-        return unsignedDpop;
-      },
-    });
-
-    expect(unsignedDpop).toEqual(dpop);
-    expect.assertions(7);
-  });
-
-  it('should create a dpop with valid createDPoPOptions', async () => {
-    // eslint-disable-next-line @typescript-eslint/no-unused-vars
-    const { htm, htu, ...rest } = jwtPayloadProps;
-    const options = getCreateDPoPOptions(
-      {
-        jwtIssuer,
-        jwtPayloadProps: rest,
-        createJwtCallback: async (dpopJwtIssuerWithContext, jwt) => {
-          expect(dpopJwtIssuerWithContext.alg).toEqual(alg);
-          expect(dpopJwtIssuerWithContext.jwk).toEqual(jwk);
-          expect(dpopJwtIssuerWithContext.dPoPSigningAlgValuesSupported).toBeUndefined();
-          expect(dpopJwtIssuerWithContext.type).toEqual('dpop');
-
-          expect(jwt.header).toStrictEqual(jwtHeaderProps);
-          expect(jwt.payload).toStrictEqual({
-            ...jwtPayloadProps,
-            iat: expect.any(Number),
-            jti: expect.any(String),
-          });
-
-          return unsignedDpop;
-        },
-      },
-      htu + '?123412341#xyaksdjfaksdjf',
-    );
-
-    const dpop = await createDPoP(options);
-
-    expect(unsignedDpop).toEqual(dpop);
-    expect.assertions(7);
-  });
-
-  it('verify dpop fails if jwtVerifyCallback throws an error', async () => {
-    await expect(
-      verifyDPoP(
-        {
-          headers: { dpop: unsignedDpop },
-          fullUrl: htu + '?123412341#xyaksdjfaksdjf',
-          method: 'POST',
-        },
-        {
-          jwtVerifyCallback: async () => {
-            throw new Error('jwtVerifyCallback');
-          },
-          expectedNonce: 'nonce',
-          expectAccessToken: false,
-          now: 1722327194,
-        },
-      ),
-    ).rejects.toThrow();
-  });
-
-  it('should verify a dpop with valid options', async () => {
-    const dpop = await verifyDPoP(
-      {
-        headers: { dpop: unsignedDpop },
-        fullUrl: htu + '?123412341#xyaksdjfaksdjf',
-        method: 'POST',
-      },
-      {
-        jwtVerifyCallback: async (jwtVerifier, jwt) => {
-          expect(jwtVerifier.method).toEqual('jwk');
-          expect(jwtVerifier.jwk).toEqual(jwk);
-          expect(jwtVerifier.type).toEqual('dpop');
-          expect(jwtVerifier.alg).toEqual(alg);
-
-          expect(jwt.header).toStrictEqual(jwtHeaderProps);
-          expect(jwt.payload).toStrictEqual({
-            ...jwtPayloadProps,
-            iat: expect.any(Number),
-            jti: expect.any(String),
-          });
-          expect(jwt.raw).toEqual(unsignedDpop);
-
-          return true;
-        },
-        expectAccessToken: false,
-        expectedNonce: 'nonce',
-        now: 1722327194,
-      },
-    );
-    expect(dpop).toStrictEqual(jwk);
-    expect.assertions(8);
-  });
-});