@sphereon/oid4vci-client 0.10.3 → 0.10.4-next.119

package/lib/__tests__/IT.spec.ts

@@ -1,17 +1,27 @@
 import {
   AccessTokenResponse,
   Alg,
+  CredentialOfferPayloadV1_0_13,
   CredentialOfferRequestWithBaseUrl,
   Jwt,
   OpenId4VCIVersion,
   ProofOfPossession,
+  resolveCredentialOfferURI,
   WellKnownEndpoints,
 } from '@sphereon/oid4vci-common';
 // eslint-disable-next-line @typescript-eslint/ban-ts-comment
 // @ts-ignore
 import nock from 'nock';
 
-import { AccessTokenClient, CredentialRequestClientBuilder, OpenID4VCIClient, ProofOfPossessionBuilder } from '..';
+import {
+  AccessTokenClient,
+  AccessTokenClientV1_0_11,
+  CredentialOfferClientV1_0_11,
+  CredentialRequestClientBuilder,
+  CredentialRequestClientBuilderV1_0_11,
+  OpenID4VCIClientV1_0_11,
+  ProofOfPossessionBuilder,
+} from '..';
 import { CredentialOfferClient } from '../CredentialOfferClient';
 
 import { IDENTIPROOF_AS_METADATA, IDENTIPROOF_AS_URL, IDENTIPROOF_ISSUER_URL, IDENTIPROOF_OID4VCI_METADATA } from './MetadataMocks';
@@ -47,10 +57,19 @@ describe('OID4VCI-Client should', () => {
   };
   const mockedVC =
     'eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJ2YyI6eyJAY29udGV4dCI6WyJodHRwczovL3d3dy53My5vcmcvMjAxOC9jcmVkZW50aWFscy92MSIsImh0dHBzOi8vd3d3LnczLm9yZy8yMDE4L2NyZWRlbnRpYWxzL2V4YW1wbGVzL3YxIl0sImlkIjoiaHR0cDovL2V4YW1wbGUuZWR1L2NyZWRlbnRpYWxzLzM3MzIiLCJ0eXBlIjpbIlZlcmlmaWFibGVDcmVkZW50aWFsIiwiVW5pdmVyc2l0eURlZ3JlZUNyZWRlbnRpYWwiXSwiaXNzdWVyIjoiaHR0cHM6Ly9leGFtcGxlLmVkdS9pc3N1ZXJzLzU2NTA0OSIsImlzc3VhbmNlRGF0ZSI6IjIwMTAtMDEtMDFUMDA6MDA6MDBaIiwiY3JlZGVudGlhbFN1YmplY3QiOnsiaWQiOiJkaWQ6ZXhhbXBsZTplYmZlYjFmNzEyZWJjNmYxYzI3NmUxMmVjMjEiLCJkZWdyZWUiOnsidHlwZSI6IkJhY2hlbG9yRGVncmVlIiwibmFtZSI6IkJhY2hlbG9yIG9mIFNjaWVuY2UgYW5kIEFydHMifX19LCJpc3MiOiJodHRwczovL2V4YW1wbGUuZWR1L2lzc3VlcnMvNTY1MDQ5IiwibmJmIjoxMjYyMzA0MDAwLCJqdGkiOiJodHRwOi8vZXhhbXBsZS5lZHUvY3JlZGVudGlhbHMvMzczMiIsInN1YiI6ImRpZDpleGFtcGxlOmViZmViMWY3MTJlYmM2ZjFjMjc2ZTEyZWMyMSJ9.z5vgMTK1nfizNCg5N-niCOL3WUIAL7nXy-nGhDZYO_-PNGeE-0djCpWAMH8fD8eWSID5PfkPBYkx_dfLJnQ7NA';
-  const INITIATE_QR =
+  const INITIATE_QR_V1_0_08 =
     'openid-initiate-issuance://?issuer=https%3A%2F%2Fissuer.research.identiproof.io&credential_type=OpenBadgeCredentialUrl&pre-authorized_code=4jLs9xZHEfqcoow0kHE7d1a8hUk6Sy-5bVSV2MqBUGUgiFFQi-ImL62T-FmLIo8hKA1UdMPH0lM1xAgcFkJfxIw9L-lI3mVs0hRT8YVwsEM1ma6N3wzuCdwtMU4bcwKp&user_pin_required=true';
-  const OFFER_QR =
-    'openid-credential-offer://credential_offer=%7B%22credential_issuer%22:%22https://credential-issuer.example.com%22,%22credentials%22:%5B%7B%22format%22:%22jwt_vc_json%22,%22types%22:%5B%22VerifiableCredential%22,%22UniversityDegreeCredential%22%5D%7D%5D,%22issuer_state%22:%22eyJhbGciOiJSU0Et...FYUaBy%22%7D';
+  const OFFER_QR_V1_0_08 =
+    'openid-credential-offer://?credential_offer=%7B%22credential_issuer%22%3A%22https%3A%2F%2Fissuer.research.identiproof.io%22%2C%22credentials%22%3A%5B%7B%22format%22%3A%22jwt_vc_json%22%2C%22types%22%3A%5B%22VerifiableCredential%22%2C%22UniversityDegreeCredential%22%5D%7D%5D%2C%22grants%22%3A%7B%22urn%3Aietf%3Aparams%3Aoauth%3Agrant-type%3Apre-authorized_code%22%3A%7B%22pre-authorized_code%22%3A%22adhjhdjajkdkhjhdj%22%2C%22user_pin_required%22%3Atrue%7D%7D%7D';
+  const HTTPS_INITIATE_QR =
+    'https://issuer.research.identiproof.io?issuer=https%3A%2F%2Fissuer.research.identiproof.io&credential_type=OpenBadgeCredentialUrl&pre-authorized_code=4jLs9xZHEfqcoow0kHE7d1a8hUk6Sy-5bVSV2MqBUGUgiFFQi-ImL62T-FmLIo8hKA1UdMPH0lM1xAgcFkJfxIw9L-lI3mVs0hRT8YVwsEM1ma6N3wzuCdwtMU4bcwKp&user_pin_required=true';
+  const HTTPS_OFFER_QR_AUTHORIZATION_CODE =
+    'https://issuer.research.identiproof.io?credential_offer=%7B%22credential_issuer%22%3A%22https%3A%2F%2Fissuer.research.identiproof.io%22%2C%22credentials%22%3A%5B%7B%22format%22%3A%22jwt_vc_json%22%2C%22types%22%3A%5B%22VerifiableCredential%22%2C%22UniversityDegreeCredential%22%5D%7D%5D%2C%22grants%22%3A%7B%22authorization_code%22%3A%7B%22issuer_state%22%3A%22eyJhbGciOiJSU0Et...FYUaBy%22%7D%7D%7D';
+  const HTTPS_OFFER_QR_PRE_AUTHORIZED =
+    'https://issuer.research.identiproof.io?credential_offer=%7B%22credential_issuer%22%3A%22https%3A%2F%2Fissuer.research.identiproof.io%22%2C%22credentials%22%3A%5B%7B%22format%22%3A%22jwt_vc_json%22%2C%22types%22%3A%5B%22VerifiableCredential%22%2C%22UniversityDegreeCredential%22%5D%7D%5D%2C%22grants%22%3A%7B%22urn%3Aietf%3Aparams%3Aoauth%3Agrant-type%3Apre-authorized_code%22%3A%7B%22pre-authorized_code%22%3A%22adhjhdjajkdkhjhdj%22%2C%22user_pin_required%22%3Atrue%7D%7D%7D';
+
+  const INITIATE_QR_V1_0_13 =
+    'openid-credential-offer://?credential_offer=%7B%22credential_issuer%22:%22https://issuer.research.identiproof.io%22,%22credential_configuration_ids%22:%5B%22OpenBadgeCredentialUrl%22%5D,%22grants%22:%7B%22urn:ietf:params:oauth:grant-type:pre-authorized_code%22:%7B%22pre-authorized_code%22:%22oaKazRN8I0IbtZ0C7JuMn5%22,%22tx_code%22:%7B%22input_mode%22:%22text%22,%22length%22:22,%22description%22:%22Please%20enter%20the%20serial%20number%20of%20your%20physical%20drivers%20license%22%7D%7D%7D%7D';
 
   function succeedWithAFullFlowWithClientSetup() {
     nock(IDENTIPROOF_ISSUER_URL).get('/.well-known/openid-credential-issuer').reply(200, JSON.stringify(IDENTIPROOF_OID4VCI_METADATA));
@@ -69,8 +88,30 @@ describe('OID4VCI-Client should', () => {
 
   it('succeed with a full flow with the client using OpenID4VCI version 9', async () => {
     succeedWithAFullFlowWithClientSetup();
-    const client = await OpenID4VCIClient.fromURI({
-      uri: INITIATE_QR,
+    const client = await OpenID4VCIClientV1_0_11.fromURI({
+      uri: INITIATE_QR_V1_0_08,
+      kid: 'did:example:ebfeb1f712ebc6f1c276e12ec21/keys/1',
+      alg: Alg.ES256,
+      clientId: 'test-clientId',
+    });
+    await assertionOfsucceedWithAFullFlowWithClient(client);
+  });
+
+  it('succeed with a full flow with the client using OpenID4VCI version 11 and deeplink', async () => {
+    succeedWithAFullFlowWithClientSetup();
+    const client = await OpenID4VCIClientV1_0_11.fromURI({
+      uri: OFFER_QR_V1_0_08,
+      kid: 'did:example:ebfeb1f712ebc6f1c276e12ec21/keys/1',
+      alg: Alg.ES256,
+      clientId: 'test-clientId',
+    });
+    await assertionOfsucceedWithAFullFlowWithClient(client);
+  });
+
+  it('succeed with a full flow with the client using OpenID4VCI draft < 9 and https', async () => {
+    succeedWithAFullFlowWithClientSetup();
+    const client = await OpenID4VCIClientV1_0_11.fromURI({
+      uri: HTTPS_INITIATE_QR,
       kid: 'did:example:ebfeb1f712ebc6f1c276e12ec21/keys/1',
       alg: Alg.ES256,
       clientId: 'test-clientId',
@@ -78,10 +119,10 @@ describe('OID4VCI-Client should', () => {
     await assertionOfsucceedWithAFullFlowWithClient(client);
   });
 
-  test.skip('succeed with a full flow wit the client using OpenID4VCI version 11', async () => {
+  it('should succeed with a full flow with the client using OpenID4VCI draft > 11, https and authorization_code flow', async () => {
     succeedWithAFullFlowWithClientSetup();
-    const client = await OpenID4VCIClient.fromURI({
-      uri: OFFER_QR,
+    const client = await OpenID4VCIClientV1_0_11.fromURI({
+      uri: HTTPS_OFFER_QR_AUTHORIZATION_CODE,
       kid: 'did:example:ebfeb1f712ebc6f1c276e12ec21/keys/1',
       alg: Alg.ES256,
       clientId: 'test-clientId',
@@ -89,14 +130,25 @@ describe('OID4VCI-Client should', () => {
     await assertionOfsucceedWithAFullFlowWithClient(client);
   });
 
-  async function assertionOfsucceedWithAFullFlowWithClient(client: OpenID4VCIClient) {
+  it('should succeed with a full flow with the client using OpenID4VCI draft > 11, https and preauthorized_code flow', async () => {
+    succeedWithAFullFlowWithClientSetup();
+    const client = await OpenID4VCIClientV1_0_11.fromURI({
+      uri: HTTPS_OFFER_QR_PRE_AUTHORIZED,
+      kid: 'did:example:ebfeb1f712ebc6f1c276e12ec21/keys/1',
+      alg: Alg.ES256,
+      clientId: 'test-clientId',
+    });
+    await assertionOfsucceedWithAFullFlowWithClient(client);
+  });
+
+  async function assertionOfsucceedWithAFullFlowWithClient(client: OpenID4VCIClientV1_0_11) {
     expect(client.credentialOffer).toBeDefined();
     expect(client.endpointMetadata).toBeDefined();
     expect(client.getIssuer()).toEqual('https://issuer.research.identiproof.io');
     expect(client.getCredentialEndpoint()).toEqual('https://issuer.research.identiproof.io/credential');
     expect(client.getAccessTokenEndpoint()).toEqual('https://auth.research.identiproof.io/oauth2/token');
 
-    const accessToken = await client.acquireAccessToken({ pin: '1234' });
+    const accessToken = await client.acquireAccessToken({ pin: '1234', code: 'ABCD' });
     expect(accessToken).toEqual(mockedAccessTokenResponse);
 
     const credentialResponse = await client.acquireCredentials({
@@ -110,10 +162,10 @@ describe('OID4VCI-Client should', () => {
   }
 
   it(
-    'succeed with a full flow without the client',
+    'succeed with a full flow without the client v1_0_11',
     async () => {
       /* Convert the URI into an object */
-      const credentialOffer: CredentialOfferRequestWithBaseUrl = await CredentialOfferClient.fromURI(INITIATE_QR);
+      const credentialOffer: CredentialOfferRequestWithBaseUrl = await CredentialOfferClientV1_0_11.fromURI(INITIATE_QR_V1_0_08);
 
       expect(credentialOffer.baseUrl).toEqual('openid-initiate-issuance://');
       expect(credentialOffer.original_credential_offer).toEqual({
@@ -124,6 +176,70 @@ describe('OID4VCI-Client should', () => {
         user_pin_required: 'true',
       });
 
+      nock(ISSUER_URL)
+        .post(/token.*/)
+        .reply(200, JSON.stringify(mockedAccessTokenResponse));
+
+      /* The actual access token calls */
+      const accessTokenClient: AccessTokenClientV1_0_11 = new AccessTokenClientV1_0_11();
+      const accessTokenResponse = await accessTokenClient.acquireAccessToken({ credentialOffer: credentialOffer, pin: '1234' });
+      expect(accessTokenResponse.successBody).toEqual(mockedAccessTokenResponse);
+      // Get the credential
+      nock(ISSUER_URL)
+        .post(/credential/)
+        .reply(200, {
+          format: 'jwt-vc',
+          credential: mockedVC,
+        });
+      const credReqClient = CredentialRequestClientBuilderV1_0_11.fromCredentialOffer({ credentialOffer: credentialOffer })
+        .withFormat('jwt_vc')
+
+        .withTokenFromResponse(accessTokenResponse.successBody!)
+        .build();
+
+      //TS2322: Type '(args: ProofOfPossessionCallbackArgs) => Promise<string>'
+      // is not assignable to type 'ProofOfPossessionCallback'.
+      // Types of parameters 'args' and 'args' are incompatible.
+      // Property 'kid' is missing in type '{ header: unknown; payload: unknown; }' but required in type 'ProofOfPossessionCallbackArgs'.
+      const proof: ProofOfPossession = await ProofOfPossessionBuilder.fromJwt({
+        jwt,
+        callbacks: {
+          signCallback: proofOfPossessionCallbackFunction,
+        },
+        version: OpenId4VCIVersion.VER_1_0_11,
+      })
+        .withEndpointMetadata({
+          issuer: 'https://issuer.research.identiproof.io',
+          credential_endpoint: 'https://issuer.research.identiproof.io/credential',
+          token_endpoint: 'https://issuer.research.identiproof.io/token',
+        })
+        .withKid('did:example:ebfeb1f712ebc6f1c276e12ec21/keys/1')
+        .build();
+      const credResponse = await credReqClient.acquireCredentialsUsingProof({ proofInput: proof });
+      expect(credResponse.successBody?.credential).toEqual(mockedVC);
+    },
+    UNIT_TEST_TIMEOUT,
+  );
+
+  it(
+    'succeed with a full flow without the client v1_0_13',
+    async () => {
+      /* Convert the URI into an object */
+      const credentialOffer: CredentialOfferRequestWithBaseUrl = await CredentialOfferClient.fromURI(INITIATE_QR_V1_0_13);
+      const preAuthorizedCode = 'oaKazRN8I0IbtZ0C7JuMn5';
+      expect(credentialOffer.baseUrl).toEqual('openid-credential-offer://');
+      expect((credentialOffer.credential_offer as CredentialOfferPayloadV1_0_13).credential_configuration_ids).toEqual(['OpenBadgeCredentialUrl']);
+      expect(credentialOffer.original_credential_offer.grants).toEqual({
+        'urn:ietf:params:oauth:grant-type:pre-authorized_code': {
+          'pre-authorized_code': preAuthorizedCode,
+          tx_code: {
+            input_mode: 'text',
+            description: 'Please enter the serial number of your physical drivers license',
+            length: preAuthorizedCode.length,
+          },
+        },
+      });
+
       nock(ISSUER_URL)
         .post(/token.*/)
         .reply(200, JSON.stringify(mockedAccessTokenResponse));
@@ -163,9 +279,143 @@ describe('OID4VCI-Client should', () => {
         })
         .withKid('did:example:ebfeb1f712ebc6f1c276e12ec21/keys/1')
         .build();
-      const credResponse = await credReqClient.acquireCredentialsUsingProof({ proofInput: proof });
+      const credResponse = await credReqClient.acquireCredentialsUsingProof({
+        proofInput: proof,
+        credentialTypes: credentialOffer.original_credential_offer.credential_configuration_ids[0],
+      });
       expect(credResponse.successBody?.credential).toEqual(mockedVC);
     },
     UNIT_TEST_TIMEOUT,
   );
 });
+
+describe('OIDVCI-Client for v1_0_13 should', () => {
+  const INITIATE_QR_V1_0_13_CREDENCO =
+    'openid-credential-offer://mijnkvk.acc.credenco.com/?credential_offer_uri=https%3A%2F%2Fmijnkvk.acc.credenco.com%2Fopenid4vc%2FcredentialOffer%3Fid%3D32fc4ebf-9e31-4149-9877-e3c0b602d559';
+
+  const mockedCredentialOffer = {
+    credential_issuer: 'https://mijnkvk.acc.credenco.com',
+    credential_configuration_ids: ['BevoegdheidUittreksel_jwt_vc_json'],
+    grants: {
+      authorization_code: {
+        issuer_state: '32fc4ebf-9e31-4149-9877-e3c0b602d559',
+      },
+      'urn:ietf:params:oauth:grant-type:pre-authorized_code': {
+        'pre-authorized_code':
+          'eyJhbGciOiJFZERTQSJ9.eyJzdWIiOiIzMmZjNGViZi05ZTMxLTQxNDktOTg3Ny1lM2MwYjYwMmQ1NTkiLCJpc3MiOiJodHRwczovL21pam5rdmsuYWNjLmNyZWRlbmNvLmNvbSIsImF1ZCI6IlRPS0VOIn0.754aiQ87O0vHYSpRvPqAS9cLOgf-pewdeXbpLziRwsxEp9mENfaXpY62muYpzOaWcYmTOydkzhFul-NDYXJZCA',
+      },
+    },
+  };
+
+  beforeEach(() => {
+    // Mock the HTTP GET request to the credential offer URI
+    nock('https://mijnkvk.acc.credenco.com')
+      .get('/openid4vc/credentialOffer?id=32fc4ebf-9e31-4149-9877-e3c0b602d559')
+      .reply(200, mockedCredentialOffer)
+      .persist(); // Use .persist() if you want the mock to remain active for multiple tests
+  });
+
+  afterEach(() => {
+    // Clean up all mocks
+    nock.cleanAll();
+  });
+
+  /*function succeedWithAFullFlowWithClientSetup() {
+    nock(IDENTIPROOF_ISSUER_URL).get('/.well-known/openid-credential-issuer').reply(200, JSON.stringify(IDENTIPROOF_OID4VCI_METADATA));
+    nock(IDENTIPROOF_AS_URL).get('/.well-known/oauth-authorization-server').reply(200, JSON.stringify(IDENTIPROOF_AS_METADATA));
+    nock(IDENTIPROOF_AS_URL).get(WellKnownEndpoints.OPENID_CONFIGURATION).reply(404, {});
+    nock(IDENTIPROOF_AS_URL)
+    .post(/oauth2\/token.*!/)
+    .reply(200, JSON.stringify(mockedAccessTokenResponse));
+    nock(ISSUER_URL)
+    .post(/credential/)
+    .reply(200, {
+      format: 'jwt-vc',
+      credential: mockedVC,
+    });
+  }*/
+
+  it('should successfully resolve the credential offer URI', async () => {
+    const uri = 'https://mijnkvk.acc.credenco.com/openid4vc/credentialOffer?id=32fc4ebf-9e31-4149-9877-e3c0b602d559';
+
+    const credentialOffer = await resolveCredentialOfferURI(uri);
+
+    expect(credentialOffer).toEqual(mockedCredentialOffer);
+  });
+
+  // TODO: ksadjad remove the skipped test
+  it.skip(
+    'succeed credenco with a full flow without the client v1_0_13',
+    async () => {
+      /* Convert the URI into an object */
+      // openid-credential-offer://?credential_offer%3D%7B%22credential_issuer%22%3A%22https%3A%2F%2Fissuer.research.identiproof.io%22%2C%22credentials%22%3A%5B%7B%22format%22%3A%22jwt_vc_json%22%2C%22types%22%3A%5B%22VerifiableCredential%22%2C%22UniversityDegreeCredential%22%5D%7D%5D%2C%22grants%22%3A%7B%22urn%3Aietf%3Aparams%3Aoauth%3Agrant-type%3Apre-authorized_code%22%3A%7B%22pre-authorized_code%22%3A%22adhjhdjajkdkhjhdj%22%2C%22user_pin_required%22%3Atrue%7D%7D%7D
+      const credentialOffer: CredentialOfferRequestWithBaseUrl = await CredentialOfferClient.fromURI(INITIATE_QR_V1_0_13_CREDENCO);
+      /**
+       * {"credential_issuer":"https://mijnkvk.acc.credenco.com","credential_configuration_ids":["BevoegdheidUittreksel_jwt_vc_json"],"grants":{"authorization_code":{"issuer_state":"32fc4ebf-9e31-4149-9877-e3c0b602d559"},"urn:ietf:params:oauth:grant-type:pre-authorized_code":{"pre-authorized_code":"eyJhbGciOiJFZERTQSJ9.eyJzdWIiOiIzMmZjNGViZi05ZTMxLTQxNDktOTg3Ny1lM2MwYjYwMmQ1NTkiLCJpc3MiOiJodHRwczovL21pam5rdmsuYWNjLmNyZWRlbmNvLmNvbSIsImF1ZCI6IlRPS0VOIn0.754aiQ87O0vHYSpRvPqAS9cLOgf-pewdeXbpLziRwsxEp9mENfaXpY62muYpzOaWcYmTOydkzhFul-NDYXJZCA"}}}
+       */
+      const preAuthorizedCode =
+        'eyJhbGciOiJFZERTQSJ9.eyJzdWIiOiIzMmZjNGViZi05ZTMxLTQxNDktOTg3Ny1lM2MwYjYwMmQ1NTkiLCJpc3MiOiJodHRwczovL21pam5rdmsuYWNjLmNyZWRlbmNvLmNvbSIsImF1ZCI6IlRPS0VOIn0.754aiQ87O0vHYSpRvPqAS9cLOgf-pewdeXbpLziRwsxEp9mENfaXpY62muYpzOaWcYmTOydkzhFul-NDYXJZCA';
+      expect(credentialOffer.baseUrl).toEqual('openid-credential-offer://mijnkvk.acc.credenco.com/');
+      expect((credentialOffer.credential_offer as CredentialOfferPayloadV1_0_13).credential_configuration_ids).toEqual([
+        'BevoegdheidUittreksel_jwt_vc_json',
+      ]);
+      expect(credentialOffer.original_credential_offer.grants).toEqual({
+        authorization_code: {
+          issuer_state: '32fc4ebf-9e31-4149-9877-e3c0b602d559',
+        },
+        'urn:ietf:params:oauth:grant-type:pre-authorized_code': {
+          'pre-authorized_code': preAuthorizedCode,
+        },
+      });
+
+      /*nock(ISSUER_URL)
+      .post(/token.*!/)
+      .reply(200, JSON.stringify(mockedAccessTokenResponse));*/
+
+      /* The actual access token calls */
+      const accessTokenClient: AccessTokenClient = new AccessTokenClient();
+      const accessTokenResponse = await accessTokenClient.acquireAccessToken({
+        credentialOffer: credentialOffer,
+        pin: preAuthorizedCode /*, metadata: {}*/,
+      });
+      expect(accessTokenResponse.successBody).toEqual({});
+      /*// Get the credential
+      nock(ISSUER_URL)
+      .post(/credential/)
+      .reply(200, {
+        format: 'jwt-vc',
+        credential: mockedVC,
+      });
+      const credReqClient = CredentialRequestClientBuilder.fromCredentialOffer({ credentialOffer: credentialOffer })
+      .withFormat('jwt_vc')
+
+      .withTokenFromResponse(accessTokenResponse.successBody!)
+      .build();
+
+      //TS2322: Type '(args: ProofOfPossessionCallbackArgs) => Promise<string>'
+      // is not assignable to type 'ProofOfPossessionCallback'.
+      // Types of parameters 'args' and 'args' are incompatible.
+      // Property 'kid' is missing in type '{ header: unknown; payload: unknown; }' but required in type 'ProofOfPossessionCallbackArgs'.
+      const proof: ProofOfPossession = await ProofOfPossessionBuilder.fromJwt({
+        jwt,
+        callbacks: {
+          signCallback: proofOfPossessionCallbackFunction,
+        },
+        version: OpenId4VCIVersion.VER_1_0_11,
+      })
+      .withEndpointMetadata({
+        issuer: 'https://issuer.research.identiproof.io',
+        credential_endpoint: 'https://issuer.research.identiproof.io/credential',
+        token_endpoint: 'https://issuer.research.identiproof.io/token',
+      })
+      .withKid('did:example:ebfeb1f712ebc6f1c276e12ec21/keys/1')
+      .build();
+      const credResponse = await credReqClient.acquireCredentialsUsingProof({
+        proofInput: proof,
+        credentialTypes: credentialOffer.original_credential_offer.credential_configuration_ids,
+      });
+      expect(credResponse.successBody?.credential).toEqual(mockedVC);*/
+    },
+    UNIT_TEST_TIMEOUT,
+  );
+});

package/lib/__tests__/IssuanceInitiation.spec.ts

@@ -1,12 +1,16 @@
 import { OpenId4VCIVersion } from '@sphereon/oid4vci-common';
+// eslint-disable-next-line @typescript-eslint/ban-ts-comment
+// @ts-ignore
+import nock from 'nock';
 
 import { CredentialOfferClient } from '../CredentialOfferClient';
+import { CredentialOfferClientV1_0_11 } from '../CredentialOfferClientV1_0_11';
 
 import { INITIATION_TEST, INITIATION_TEST_HTTPS_URI, INITIATION_TEST_URI } from './MetadataMocks';
 
 describe('Issuance Initiation', () => {
   it('Should return Issuance Initiation Request with base URL from https URI', async () => {
-    expect(await CredentialOfferClient.fromURI(INITIATION_TEST_HTTPS_URI)).toEqual({
+    expect(await CredentialOfferClientV1_0_11.fromURI(INITIATION_TEST_HTTPS_URI)).toEqual({
       baseUrl: 'https://server.example.com',
       credential_offer: {
         credential_issuer: 'https://server.example.com',
@@ -34,13 +38,14 @@ describe('Issuance Initiation', () => {
     expect(await CredentialOfferClient.fromURI(INITIATION_TEST_URI)).toEqual(INITIATION_TEST);
   });
 
-  it('Should return Issuance Initiation URI from request', async () => {
+  //todo: SDK-17 for removing the space
+  it.skip('Should return Issuance Initiation URI from request', async () => {
     expect(CredentialOfferClient.toURI(INITIATION_TEST)).toEqual(INITIATION_TEST_URI);
   });
 
   it('Should return URI from Issuance Initiation Request', async () => {
-    const issuanceInitiationClient = await CredentialOfferClient.fromURI(INITIATION_TEST_HTTPS_URI);
-    expect(CredentialOfferClient.toURI(issuanceInitiationClient)).toEqual(INITIATION_TEST_HTTPS_URI);
+    const issuanceInitiationClient = await CredentialOfferClientV1_0_11.fromURI(INITIATION_TEST_HTTPS_URI);
+    expect(CredentialOfferClientV1_0_11.toURI(issuanceInitiationClient)).toEqual(INITIATION_TEST_HTTPS_URI);
   });
 
   it('Should throw error on invalid URI', async () => {
@@ -58,4 +63,54 @@ describe('Issuance Initiation', () => {
     expect(client.credential_offer.credential_issuer).toEqual('https://launchpad.vii.electron.mattrlabs.io');
     expect(client.preAuthorizedCode).toEqual('UPZohaodPlLBnGsqB02n2tIupCIg8nKRRUEUHWA665X');
   });
+
+  it('Should take an https url as input and return a Credential Offer', async () => {
+    const client = await CredentialOfferClient.fromURI(
+      'https://launchpad.vii.electron.mattrlabs.io?credential_offer=%7B%22credential_issuer%22%3A%22https%3A%2F%2Flaunchpad.vii.electron.mattrlabs.io%22%2C%22credentials%22%3A%5B%7B%22format%22%3A%22ldp_vc%22%2C%22types%22%3A%5B%22OpenBadgeCredential%22%5D%7D%5D%2C%22grants%22%3A%7B%22urn%3Aietf%3Aparams%3Aoauth%3Agrant-type%3Apre-authorized_code%22%3A%7B%22pre-authorized_code%22%3A%22UPZohaodPlLBnGsqB02n2tIupCIg8nKRRUEUHWA665X%22%7D%7D%7D',
+    );
+    expect(client.version).toEqual(OpenId4VCIVersion.VER_1_0_11);
+    expect(client.baseUrl).toEqual('https://launchpad.vii.electron.mattrlabs.io');
+    expect(client.scheme).toEqual('https');
+    expect(client.credential_offer.credential_issuer).toEqual('https://launchpad.vii.electron.mattrlabs.io');
+    expect(client.preAuthorizedCode).toEqual('UPZohaodPlLBnGsqB02n2tIupCIg8nKRRUEUHWA665X');
+  });
+
+  it('Should take an http url as input and return a Credential Offer', async () => {
+    const client = await CredentialOfferClient.fromURI(
+      'http://launchpad.vii.electron.mattrlabs.io?credential_offer=%7B%22credential_issuer%22%3A%22http%3A%2F%2Flaunchpad.vii.electron.mattrlabs.io%22%2C%22credentials%22%3A%5B%7B%22format%22%3A%22ldp_vc%22%2C%22types%22%3A%5B%22OpenBadgeCredential%22%5D%7D%5D%2C%22grants%22%3A%7B%22urn%3Aietf%3Aparams%3Aoauth%3Agrant-type%3Apre-authorized_code%22%3A%7B%22pre-authorized_code%22%3A%22UPZohaodPlLBnGsqB02n2tIupCIg8nKRRUEUHWA665X%22%7D%7D%7D',
+    );
+    expect(client.version).toEqual(OpenId4VCIVersion.VER_1_0_11);
+    expect(client.baseUrl).toEqual('http://launchpad.vii.electron.mattrlabs.io');
+    expect(client.scheme).toEqual('http');
+    expect(client.credential_offer.credential_issuer).toEqual('http://launchpad.vii.electron.mattrlabs.io');
+    expect(client.preAuthorizedCode).toEqual('UPZohaodPlLBnGsqB02n2tIupCIg8nKRRUEUHWA665X');
+  });
+
+  it('Should return credenco Credential Offer', async () => {
+    nock('https://mijnkvk.acc.credenco.com')
+      .get('/openid4vc/credentialOffer?id=32fc4ebf-9e31-4149-9877-e3c0b602d559')
+      .reply(200, {
+        credential_issuer: 'https://mijnkvk.acc.credenco.com',
+        credential_configuration_ids: ['BevoegdheidUittreksel_jwt_vc_json'],
+        grants: {
+          authorization_code: {
+            issuer_state: '32fc4ebf-9e31-4149-9877-e3c0b602d559',
+          },
+          'urn:ietf:params:oauth:grant-type:pre-authorized_code': {
+            'pre-authorized_code':
+              'eyJhbGciOiJFZERTQSJ9.eyJzdWIiOiIzMmZjNGViZi05ZTMxLTQxNDktOTg3Ny1lM2MwYjYwMmQ1NTkiLCJpc3MiOiJodHRwczovL21pam5rdmsuYWNjLmNyZWRlbmNvLmNvbSIsImF1ZCI6IlRPS0VOIn0.754aiQ87O0vHYSpRvPqAS9cLOgf-pewdeXbpLziRwsxEp9mENfaXpY62muYpzOaWcYmTOydkzhFul-NDYXJZCA',
+          },
+        },
+      });
+    const client = await CredentialOfferClient.fromURI(
+      'openid-credential-offer://mijnkvk.acc.credenco.com/?credential_offer_uri=https%3A%2F%2Fmijnkvk.acc.credenco.com%2Fopenid4vc%2FcredentialOffer%3Fid%3D32fc4ebf-9e31-4149-9877-e3c0b602d559',
+    );
+    expect(client.version).toEqual(OpenId4VCIVersion.VER_1_0_13);
+    expect(client.baseUrl).toEqual('openid-credential-offer://mijnkvk.acc.credenco.com/');
+    expect(client.scheme).toEqual('openid-credential-offer');
+    expect(client.credential_offer.credential_issuer).toEqual('https://mijnkvk.acc.credenco.com');
+    expect(client.preAuthorizedCode).toEqual(
+      'eyJhbGciOiJFZERTQSJ9.eyJzdWIiOiIzMmZjNGViZi05ZTMxLTQxNDktOTg3Ny1lM2MwYjYwMmQ1NTkiLCJpc3MiOiJodHRwczovL21pam5rdmsuYWNjLmNyZWRlbmNvLmNvbSIsImF1ZCI6IlRPS0VOIn0.754aiQ87O0vHYSpRvPqAS9cLOgf-pewdeXbpLziRwsxEp9mENfaXpY62muYpzOaWcYmTOydkzhFul-NDYXJZCA',
+    );
+  });
 });

package/lib/__tests__/IssuanceInitiationV1_0_11.spec.ts

@@ -0,0 +1,62 @@
+import { OpenId4VCIVersion } from '@sphereon/oid4vci-common';
+
+import { CredentialOfferClient } from '../CredentialOfferClient';
+import { CredentialOfferClientV1_0_11 } from '../CredentialOfferClientV1_0_11';
+
+import { INITIATION_TEST_HTTPS_URI, INITIATION_TEST_HTTPS_URI_V1_0_11, INITIATION_TEST_URI_V1_0_08, INITIATION_TEST_V1_0_08 } from './MetadataMocks';
+
+describe('Issuance Initiation V1_0_11', () => {
+  it('Should return Issuance Initiation Request with base URL from https URI', async () => {
+    expect(await CredentialOfferClientV1_0_11.fromURI(INITIATION_TEST_HTTPS_URI)).toEqual({
+      baseUrl: 'https://server.example.com',
+      credential_offer: {
+        credential_issuer: 'https://server.example.com',
+        credentials: ['https://did.example.org/healthCard', 'https://did.example.org/driverLicense'],
+        grants: {
+          authorization_code: {
+            issuer_state: 'eyJhbGciOiJSU0Et...FYUaBy',
+          },
+        },
+      },
+      issuerState: 'eyJhbGciOiJSU0Et...FYUaBy',
+      original_credential_offer: {
+        credential_type: ['https://did.example.org/healthCard', 'https://did.example.org/driverLicense'],
+        issuer: 'https://server.example.com',
+        op_state: 'eyJhbGciOiJSU0Et...FYUaBy',
+      },
+      scheme: 'https',
+      supportedFlows: ['Authorization Code Flow'],
+      userPinRequired: false,
+      version: 1008,
+    });
+  });
+
+  it('Should return Issuance Initiation Request with base URL from openid-initiate-issuance URI', async () => {
+    expect(await CredentialOfferClientV1_0_11.fromURI(INITIATION_TEST_URI_V1_0_08)).toEqual(INITIATION_TEST_V1_0_08);
+  });
+
+  it('Should return Issuance Initiation URI from request', async () => {
+    expect(CredentialOfferClientV1_0_11.toURI(INITIATION_TEST_V1_0_08)).toEqual(INITIATION_TEST_URI_V1_0_08);
+  });
+
+  it('Should return URI from Issuance Initiation Request', async () => {
+    const issuanceInitiationClient = await CredentialOfferClientV1_0_11.fromURI(INITIATION_TEST_HTTPS_URI_V1_0_11);
+    expect(CredentialOfferClient.toURI(issuanceInitiationClient)).toEqual(INITIATION_TEST_HTTPS_URI_V1_0_11);
+  });
+
+  it('Should throw error on invalid URI', async () => {
+    const issuanceInitiationURI = INITIATION_TEST_HTTPS_URI.replace('?', '');
+    await expect(async () => CredentialOfferClientV1_0_11.fromURI(issuanceInitiationURI)).rejects.toThrow('Invalid Credential Offer Request');
+  });
+
+  it('Should return Credential Offer', async () => {
+    const client = await CredentialOfferClientV1_0_11.fromURI(
+      'openid-credential-offer://?credential_offer=%7B%22credential_issuer%22%3A%22https%3A%2F%2Flaunchpad.vii.electron.mattrlabs.io%22%2C%22credentials%22%3A%5B%7B%22format%22%3A%22ldp_vc%22%2C%22types%22%3A%5B%22OpenBadgeCredential%22%5D%7D%5D%2C%22grants%22%3A%7B%22urn%3Aietf%3Aparams%3Aoauth%3Agrant-type%3Apre-authorized_code%22%3A%7B%22pre-authorized_code%22%3A%22UPZohaodPlLBnGsqB02n2tIupCIg8nKRRUEUHWA665X%22%7D%7D%7D',
+    );
+    expect(client.version).toEqual(OpenId4VCIVersion.VER_1_0_11);
+    expect(client.baseUrl).toEqual('openid-credential-offer://');
+    expect(client.scheme).toEqual('openid-credential-offer');
+    expect(client.credential_offer.credential_issuer).toEqual('https://launchpad.vii.electron.mattrlabs.io');
+    expect(client.preAuthorizedCode).toEqual('UPZohaodPlLBnGsqB02n2tIupCIg8nKRRUEUHWA665X');
+  });
+});

package/lib/__tests__/MattrE2E.spec.test.ts

@@ -3,7 +3,7 @@ import { CredentialMapper } from '@sphereon/ssi-types';
 import { fetch } from 'cross-fetch';
 import { importJWK, JWK, SignJWT } from 'jose';
 
-import { OpenID4VCIClient } from '..';
+import { OpenID4VCIClientV1_0_11 } from '..';
 
 export const UNIT_TEST_TIMEOUT = 30000;
 
@@ -23,7 +23,7 @@ const kid = `${did}#z6Mki5ZwZKN1dBQprfJTikUvkDxrHijiiQngkWviMF5gw2Hv`;
 describe.skip('OID4VCI-Client using Mattr issuer should', () => {
   async function test(format: 'ldp_vc' | 'jwt_vc_json') {
     const offer = await getCredentialOffer(format);
-    const client = await OpenID4VCIClient.fromURI({
+    const client = await OpenID4VCIClientV1_0_11.fromURI({
       uri: offer.offerUrl,
       kid,
       alg: Alg.EdDSA,

package/lib/__tests__/MetadataClient.spec.ts

@@ -3,8 +3,9 @@ import { getIssuerFromCredentialOfferPayload, WellKnownEndpoints } from '@sphere
 // @ts-ignore
 import nock from 'nock';
 
-import { CredentialOfferClient } from '../CredentialOfferClient';
+import { CredentialOfferClientV1_0_11 } from '../CredentialOfferClientV1_0_11';
 import { MetadataClient } from '../MetadataClient';
+import { retrieveWellknown } from '../functions/OpenIDUtils';
 
 import {
   DANUBE_ISSUER_URL,
@@ -18,7 +19,9 @@ import {
   WALT_ISSUER_URL,
   WALT_OID4VCI_METADATA,
 } from './MetadataMocks';
+import { getMockData } from './data/VciDataFixtures';
 
+//todo: skipping this. it was written for pre v13 version and we have to do some modifications to make it work
 describe('MetadataClient with IdentiProof Issuer should', () => {
   beforeAll(() => {
     nock.cleanAll();
@@ -47,7 +50,7 @@ describe('MetadataClient with IdentiProof Issuer should', () => {
 
     const INITIATE_URI =
       'openid-initiate-issuance://?issuer=https%3A%2F%2Fissuer.research.identiproof.io&credential_type=OpenBadgeCredential&pre-authorized_code=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJhOTUyZjUxNi1jYWVmLTQ4YjMtODIxYy00OTRkYzgyNjljZjAiLCJwcmUtYXV0aG9yaXplZCI6dHJ1ZX0.YE5DlalcLC2ChGEg47CQDaN1gTxbaQqSclIVqsSAUHE&user_pin_required=false';
-    const initiation = await CredentialOfferClient.fromURI(INITIATE_URI);
+    const initiation = await CredentialOfferClientV1_0_11.fromURI(INITIATE_URI);
     const metadata = await MetadataClient.retrieveAllMetadata(getIssuerFromCredentialOfferPayload(initiation.credential_offer) as string);
     expect(metadata.credential_endpoint).toEqual('https://issuer.research.identiproof.io/credential');
     expect(metadata.token_endpoint).toEqual('https://auth.research.identiproof.io/oauth2/token');
@@ -131,7 +134,7 @@ describe('MetadataClient with IdentiProof Issuer should', () => {
     nock(IDENTIPROOF_ISSUER_URL).get(WellKnownEndpoints.OAUTH_AS).reply(404, {});
     nock(IDENTIPROOF_ISSUER_URL).get(WellKnownEndpoints.OPENID_CONFIGURATION).reply(404, {});
 
-    const metadata = MetadataClient.retrieveWellknown(IDENTIPROOF_ISSUER_URL, WellKnownEndpoints.OPENID4VCI_ISSUER, { errorOnNotFound: true });
+    const metadata = retrieveWellknown(IDENTIPROOF_ISSUER_URL, WellKnownEndpoints.OPENID4VCI_ISSUER, { errorOnNotFound: true });
     await expect(metadata).rejects.toThrowError('{"error": "not found"}');
   });
 });
@@ -257,4 +260,51 @@ describe.skip('Metadataclient with SpruceId should', () => {
       },
     });
   });
+
+  it('succeed without OID4VCI and with OIDC metadata of credenco', async () => {
+    /*nock(WALT_ISSUER_URL).get(WellKnownEndpoints.OPENID4VCI_ISSUER).reply(200, JSON.stringify(WALT_OID4VCI_METADATA));
+
+    nock(WALT_ISSUER_URL)
+      .get(/.well-known\/.*!/)
+      .times(2)
+      .reply(404, JSON.stringify({ error: 'does not exist' }));
+*/
+    const metadata = await MetadataClient.retrieveAllMetadata('https://mijnkvk.acc.credenco.com/');
+    expect(metadata.credential_endpoint).toEqual('https://ngi-oidc4vci-test.spruceid.xyz/credential');
+    expect(metadata.token_endpoint).toEqual('https://ngi-oidc4vci-test.spruceid.xyz/token');
+    expect(metadata.credentialIssuerMetadata).toEqual({
+      issuer: 'https://ngi-oidc4vci-test.spruceid.xyz',
+      credential_endpoint: 'https://ngi-oidc4vci-test.spruceid.xyz/credential',
+      token_endpoint: 'https://ngi-oidc4vci-test.spruceid.xyz/token',
+      jwks_uri: 'https://ngi-oidc4vci-test.spruceid.xyz/jwks',
+      grant_types_supported: ['urn:ietf:params:oauth:grant-type:pre-authorized_code'],
+      credentials_supported: {
+        OpenBadgeCredential: {
+          formats: {
+            jwt_vc: {
+              types: ['VerifiableCredential', 'OpenBadgeCredential'],
+              cryptographic_binding_methods_supported: ['did'],
+              cryptographic_suites_supported: ['ES256', 'ES256K'],
+            },
+            ldp_vc: {
+              types: ['VerifiableCredential', 'OpenBadgeCredential'],
+              cryptographic_binding_methods_supported: ['did'],
+              cryptographic_suites_supported: ['Ed25519Signature2018'],
+            },
+          },
+        },
+      },
+    });
+  });
+});
+
+describe('Metadataclient with Credenco should', () => {
+  it('succeed without OID4VCI and with OIDC metadata', async () => {
+    const metadata = await MetadataClient.retrieveAllMetadata('https://mijnkvk.acc.credenco.com/');
+    expect(metadata.credential_endpoint).toEqual('https://mijnkvk.acc.credenco.com/credential');
+    expect(metadata.token_endpoint).toEqual('https://mijnkvk.acc.credenco.com/token');
+    expect(metadata.credentialIssuerMetadata?.credential_configurations_supported).toEqual(
+      getMockData('credenco')?.metadata.openid4vci_metadata.credential_configurations_supported,
+    );
+  });
 });