@sphereon/oid4vci-client 0.10.3 → 0.10.4-next.119

package/lib/functions/OpenIDUtils.ts

@@ -0,0 +1,25 @@
+import { getJson, OpenIDResponse, WellKnownEndpoints } from '@sphereon/oid4vci-common';
+import Debug from 'debug';
+
+const debug = Debug('sphereon:openid4vci:openid-utils');
+/**
+ * Allows to retrieve information from a well-known location
+ *
+ * @param host The host
+ * @param endpointType The endpoint type, currently supports OID4VCI, OIDC and OAuth2 endpoint types
+ * @param opts Options, like for instance whether an error should be thrown in case the endpoint doesn't exist
+ */
+export const retrieveWellknown = async <T>(
+  host: string,
+  endpointType: WellKnownEndpoints,
+  opts?: { errorOnNotFound?: boolean },
+): Promise<OpenIDResponse<T>> => {
+  const result: OpenIDResponse<T> = await getJson(`${host.endsWith('/') ? host.slice(0, -1) : host}${endpointType}`, {
+    exceptionOnHttpErrorStatus: opts?.errorOnNotFound,
+  });
+  if (result.origResponse.status >= 400) {
+    // We only get here when error on not found is false
+    debug(`host ${host} with endpoint type ${endpointType} status: ${result.origResponse.status}, ${result.origResponse.statusText}`);
+  }
+  return result;
+};

package/lib/functions/index.ts

@@ -1,3 +1,2 @@
-export * from '@sphereon/oid4vci-common/dist/functions/Encoding';
-export * from '@sphereon/oid4vci-common/dist/functions/HttpUtils';
-export * from './ProofUtil';
+export * from './AuthorizationUtil';
+export * from './notifications';

package/lib/functions/notifications.ts

@@ -0,0 +1,32 @@
+import { NotificationErrorResponse, NotificationRequest, NotificationResult, post } from '@sphereon/oid4vci-common';
+
+import { CredentialRequestOpts } from '../CredentialRequestClient';
+import { LOG } from '../types';
+
+export async function sendNotification(
+  credentialRequestOpts: Partial<CredentialRequestOpts>,
+  request: NotificationRequest,
+  accessToken?: string,
+): Promise<NotificationResult> {
+  LOG.info(`Sending status notification event '${request.event}' for id ${request.notification_id}`);
+  if (!credentialRequestOpts.notificationEndpoint) {
+    throw Error(`Cannot send notification when no notification endpoint is provided`);
+  }
+  const token = accessToken ?? credentialRequestOpts.token;
+  const response = await post<NotificationErrorResponse>(credentialRequestOpts.notificationEndpoint, JSON.stringify(request), {
+    ...(token && { bearerToken: token }),
+  });
+  const error = response.errorBody?.error !== undefined;
+  const result = {
+    error,
+    response: error ? await response.errorBody?.json() : undefined,
+  };
+  if (error) {
+    LOG.warning(
+      `Notification endpoint returned an error for event '${request.event}' and id ${request.notification_id}: ${await response.errorBody?.json()}`,
+    );
+  } else {
+    LOG.debug(`Notification endpoint returned success for event '${request.event}' and id ${request.notification_id}`);
+  }
+  return result;
+}

package/lib/index.ts

@@ -1,9 +1,24 @@
+import { VCI_LOGGERS } from '@sphereon/oid4vci-common';
+import { ISimpleLogger } from '@sphereon/ssi-types';
+
+export const LOG: ISimpleLogger<string> = VCI_LOGGERS.get('sphereon:oid4vci:client');
+
 export * from './AccessTokenClient';
+export * from './AccessTokenClientV1_0_11';
+export * from './AuthorizationCodeClient';
+export * from './AuthorizationCodeClientV1_0_11';
 export * from './CredentialRequestClient';
 export * from './CredentialOfferClient';
-export * from './CredentialRequestClient';
+export * from './CredentialOfferClientV1_0_11';
+export * from './CredentialOfferClientV1_0_13';
+export * from './CredentialRequestClientV1_0_11';
 export * from './CredentialRequestClientBuilder';
+export * from './CredentialRequestClientBuilderV1_0_11';
 export * from './functions';
 export * from './MetadataClient';
+export * from './MetadataClientV1_0_13';
+export * from './MetadataClientV1_0_11';
 export * from './OpenID4VCIClient';
+export * from './OpenID4VCIClientV1_0_13';
+export * from './OpenID4VCIClientV1_0_11';
 export * from './ProofOfPossessionBuilder';

package/lib/types/index.ts

@@ -0,0 +1,6 @@
+import { VCI_LOGGERS } from '@sphereon/oid4vci-common';
+import { ISimpleLogger, LogMethod } from '@sphereon/ssi-types';
+
+export const LOG: ISimpleLogger<string> = VCI_LOGGERS.options('sphereon:oid4vci:client', { methods: [LogMethod.EVENT, LogMethod.DEBUG_PKG] }).get(
+  'sphereon:oid4vci:client',
+);

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@sphereon/oid4vci-client",
-  "version": "0.10.3",
+  "version": "0.10.4-next.119+a0d8ad3",
   "description": "OpenID for Verifiable Credential Issuance (OpenID4VCI) client",
   "source": "lib/index.ts",
   "main": "dist/index.js",
@@ -15,8 +15,8 @@
     "build": "tsc"
   },
   "dependencies": {
-    "@sphereon/oid4vci-common": "0.10.3",
-    "@sphereon/ssi-types": "^0.23.0",
+    "@sphereon/oid4vci-common": "0.10.4-next.119+a0d8ad3",
+    "@sphereon/ssi-types": "0.25.1-unstable.87",
     "cross-fetch": "^3.1.8",
     "debug": "^4.3.4"
   },
@@ -69,5 +69,5 @@
     "OIDC4VCI",
     "OID4VCI"
   ],
-  "gitHead": "4d46a7282a475c4e78d496f82f24114f700ee5e0"
+  "gitHead": "a0d8ad364f228b98c1b4e8aa4350652bd676eec5"
 }

package/dist/functions/ProofUtil.d.ts

@@ -1,30 +0,0 @@
-import { JWK, Jwt, ProofOfPossession, ProofOfPossessionCallbacks, Typ } from '@sphereon/oid4vci-common';
-/**
- *
- *  - proofOfPossessionCallback: JWTSignerCallback
- *    Mandatory if you want to create (sign) ProofOfPossession
- *  - proofOfPossessionVerifierCallback?: JWTVerifyCallback
- *    If exists, verifies the ProofOfPossession
- *  - proofOfPossessionCallbackArgs: ProofOfPossessionCallbackArgs
- *    arguments needed for signing ProofOfPossession
- * @param callbacks:
- *    - proofOfPossessionCallback: JWTSignerCallback
- *      Mandatory to create (sign) ProofOfPossession
- *    - proofOfPossessionVerifierCallback?: JWTVerifyCallback
- *      If exists, verifies the ProofOfPossession
- * @param jwtProps
- * @param existingJwt
- *  - Optional, clientId of the party requesting the credential
- */
-export declare const createProofOfPossession: <DIDDoc>(callbacks: ProofOfPossessionCallbacks<DIDDoc>, jwtProps?: JwtProps, existingJwt?: Jwt) => Promise<ProofOfPossession>;
-export interface JwtProps {
-    typ?: Typ;
-    kid?: string;
-    jwk?: JWK;
-    issuer?: string;
-    clientId?: string;
-    alg?: string;
-    jti?: string;
-    nonce?: string;
-}
-//# sourceMappingURL=ProofUtil.d.ts.map

package/dist/functions/ProofUtil.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"ProofUtil.d.ts","sourceRoot":"","sources":["../../lib/functions/ProofUtil.ts"],"names":[],"mappings":"AAAA,OAAO,EAGL,GAAG,EAEH,GAAG,EAGH,iBAAiB,EACjB,0BAA0B,EAC1B,GAAG,EACJ,MAAM,0BAA0B,CAAC;AAKlC;;;;;;;;;;;;;;;;GAgBG;AACH,eAAO,MAAM,uBAAuB,qEAEvB,QAAQ,gBACL,GAAG,KAChB,QAAQ,iBAAiB,CA0B3B,CAAC;AAQF,MAAM,WAAW,QAAQ;IACvB,GAAG,CAAC,EAAE,GAAG,CAAC;IACV,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,GAAG,CAAC,EAAE,GAAG,CAAC;IACV,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB"}

package/dist/functions/ProofUtil.js

@@ -1,106 +0,0 @@
-"use strict";
-var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
-    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
-    return new (P || (P = Promise))(function (resolve, reject) {
-        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
-        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
-        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
-        step((generator = generator.apply(thisArg, _arguments || [])).next());
-    });
-};
-var __importDefault = (this && this.__importDefault) || function (mod) {
-    return (mod && mod.__esModule) ? mod : { "default": mod };
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.createProofOfPossession = void 0;
-const oid4vci_common_1 = require("@sphereon/oid4vci-common");
-const debug_1 = __importDefault(require("debug"));
-const debug = (0, debug_1.default)('sphereon:openid4vci:token');
-/**
- *
- *  - proofOfPossessionCallback: JWTSignerCallback
- *    Mandatory if you want to create (sign) ProofOfPossession
- *  - proofOfPossessionVerifierCallback?: JWTVerifyCallback
- *    If exists, verifies the ProofOfPossession
- *  - proofOfPossessionCallbackArgs: ProofOfPossessionCallbackArgs
- *    arguments needed for signing ProofOfPossession
- * @param callbacks:
- *    - proofOfPossessionCallback: JWTSignerCallback
- *      Mandatory to create (sign) ProofOfPossession
- *    - proofOfPossessionVerifierCallback?: JWTVerifyCallback
- *      If exists, verifies the ProofOfPossession
- * @param jwtProps
- * @param existingJwt
- *  - Optional, clientId of the party requesting the credential
- */
-const createProofOfPossession = (callbacks, jwtProps, existingJwt) => __awaiter(void 0, void 0, void 0, function* () {
-    if (!callbacks.signCallback) {
-        debug(`no jwt signer callback or arguments supplied!`);
-        throw new Error(oid4vci_common_1.BAD_PARAMS);
-    }
-    const signerArgs = createJWT(jwtProps, existingJwt);
-    const jwt = yield callbacks.signCallback(signerArgs, signerArgs.header.kid);
-    const proof = {
-        proof_type: 'jwt',
-        jwt,
-    };
-    try {
-        partiallyValidateJWS(jwt);
-        if (callbacks.verifyCallback) {
-            debug(`Calling supplied verify callback....`);
-            yield callbacks.verifyCallback({ jwt, kid: signerArgs.header.kid });
-            debug(`Supplied verify callback return success result`);
-        }
-    }
-    catch (_a) {
-        debug(`JWS was not valid`);
-        throw new Error(oid4vci_common_1.JWS_NOT_VALID);
-    }
-    debug(`Proof of Possession JWT:\r\n${jwt}`);
-    return proof;
-});
-exports.createProofOfPossession = createProofOfPossession;
-const partiallyValidateJWS = (jws) => {
-    if (jws.split('.').length !== 3 || !jws.startsWith('ey')) {
-        throw new Error(oid4vci_common_1.JWS_NOT_VALID);
-    }
-};
-const createJWT = (jwtProps, existingJwt) => {
-    var _a, _b, _c, _d, _e, _f, _g, _h, _j, _k, _l, _m;
-    const aud = getJwtProperty('aud', true, jwtProps === null || jwtProps === void 0 ? void 0 : jwtProps.issuer, (_a = existingJwt === null || existingJwt === void 0 ? void 0 : existingJwt.payload) === null || _a === void 0 ? void 0 : _a.aud);
-    const iss = getJwtProperty('iss', false, jwtProps === null || jwtProps === void 0 ? void 0 : jwtProps.clientId, (_b = existingJwt === null || existingJwt === void 0 ? void 0 : existingJwt.payload) === null || _b === void 0 ? void 0 : _b.iss);
-    const jti = getJwtProperty('jti', false, jwtProps === null || jwtProps === void 0 ? void 0 : jwtProps.jti, (_c = existingJwt === null || existingJwt === void 0 ? void 0 : existingJwt.payload) === null || _c === void 0 ? void 0 : _c.jti);
-    const typ = getJwtProperty('typ', true, jwtProps === null || jwtProps === void 0 ? void 0 : jwtProps.typ, (_d = existingJwt === null || existingJwt === void 0 ? void 0 : existingJwt.header) === null || _d === void 0 ? void 0 : _d.typ, 'jwt');
-    const nonce = getJwtProperty('nonce', false, jwtProps === null || jwtProps === void 0 ? void 0 : jwtProps.nonce, (_e = existingJwt === null || existingJwt === void 0 ? void 0 : existingJwt.payload) === null || _e === void 0 ? void 0 : _e.nonce); // Officially this is required, but some implementations don't have it
-    // eslint-disable-next-line @typescript-eslint/no-non-null-assertion
-    const alg = getJwtProperty('alg', false, jwtProps === null || jwtProps === void 0 ? void 0 : jwtProps.alg, (_f = existingJwt === null || existingJwt === void 0 ? void 0 : existingJwt.header) === null || _f === void 0 ? void 0 : _f.alg, 'ES256');
-    const kid = getJwtProperty('kid', false, jwtProps === null || jwtProps === void 0 ? void 0 : jwtProps.kid, (_g = existingJwt === null || existingJwt === void 0 ? void 0 : existingJwt.header) === null || _g === void 0 ? void 0 : _g.kid);
-    const jwk = getJwtProperty('jwk', false, jwtProps === null || jwtProps === void 0 ? void 0 : jwtProps.jwk, (_h = existingJwt === null || existingJwt === void 0 ? void 0 : existingJwt.header) === null || _h === void 0 ? void 0 : _h.jwk);
-    const jwt = existingJwt ? existingJwt : {};
-    const now = +new Date();
-    const jwtPayload = Object.assign(Object.assign({ aud, iat: (_k = (_j = jwt.payload) === null || _j === void 0 ? void 0 : _j.iat) !== null && _k !== void 0 ? _k : Math.round(now / 1000 - 60), exp: (_m = (_l = jwt.payload) === null || _l === void 0 ? void 0 : _l.exp) !== null && _m !== void 0 ? _m : Math.round(now / 1000 + 10 * 60), nonce }, (iss ? { iss } : {})), (jti ? { jti } : {}));
-    const jwtHeader = {
-        typ,
-        alg,
-        kid,
-        jwk,
-    };
-    return {
-        payload: Object.assign(Object.assign({}, jwt.payload), jwtPayload),
-        header: Object.assign(Object.assign({}, jwt.header), jwtHeader),
-    };
-};
-const getJwtProperty = (propertyName, required, option, jwtProperty, defaultValue) => {
-    if (typeof option === 'string' && option && jwtProperty && option !== jwtProperty) {
-        throw Error(`Cannot have a property '${propertyName}' with value '${option}' and different JWT value '${jwtProperty}' at the same time`);
-    }
-    let result = (jwtProperty ? jwtProperty : option);
-    if (!result) {
-        if (required) {
-            throw Error(`No ${propertyName} property provided either in a JWT or as option`);
-        }
-        result = defaultValue;
-    }
-    return result;
-};
-//# sourceMappingURL=ProofUtil.js.map

package/dist/functions/ProofUtil.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"ProofUtil.js","sourceRoot":"","sources":["../../lib/functions/ProofUtil.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,6DAWkC;AAClC,kDAA0B;AAE1B,MAAM,KAAK,GAAG,IAAA,eAAK,EAAC,2BAA2B,CAAC,CAAC;AAEjD;;;;;;;;;;;;;;;;GAgBG;AACI,MAAM,uBAAuB,GAAG,CACrC,SAA6C,EAC7C,QAAmB,EACnB,WAAiB,EACW,EAAE;IAC9B,IAAI,CAAC,SAAS,CAAC,YAAY,EAAE,CAAC;QAC5B,KAAK,CAAC,+CAA+C,CAAC,CAAC;QACvD,MAAM,IAAI,KAAK,CAAC,2BAAU,CAAC,CAAC;IAC9B,CAAC;IAED,MAAM,UAAU,GAAG,SAAS,CAAC,QAAQ,EAAE,WAAW,CAAC,CAAC;IACpD,MAAM,GAAG,GAAG,MAAM,SAAS,CAAC,YAAY,CAAC,UAAU,EAAE,UAAU,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;IAC5E,MAAM,KAAK,GAAG;QACZ,UAAU,EAAE,KAAK;QACjB,GAAG;KACiB,CAAC;IAEvB,IAAI,CAAC;QACH,oBAAoB,CAAC,GAAG,CAAC,CAAC;QAC1B,IAAI,SAAS,CAAC,cAAc,EAAE,CAAC;YAC7B,KAAK,CAAC,sCAAsC,CAAC,CAAC;YAC9C,MAAM,SAAS,CAAC,cAAc,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,UAAU,CAAC,MAAM,CAAC,GAAG,EAAE,CAAC,CAAC;YACpE,KAAK,CAAC,gDAAgD,CAAC,CAAC;QAC1D,CAAC;IACH,CAAC;IAAC,WAAM,CAAC;QACP,KAAK,CAAC,mBAAmB,CAAC,CAAC;QAC3B,MAAM,IAAI,KAAK,CAAC,8BAAa,CAAC,CAAC;IACjC,CAAC;IACD,KAAK,CAAC,+BAA+B,GAAG,EAAE,CAAC,CAAC;IAC5C,OAAO,KAAK,CAAC;AACf,CAAC,CAAA,CAAC;AA9BW,QAAA,uBAAuB,2BA8BlC;AAEF,MAAM,oBAAoB,GAAG,CAAC,GAAW,EAAQ,EAAE;IACjD,IAAI,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,MAAM,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE,CAAC;QACzD,MAAM,IAAI,KAAK,CAAC,8BAAa,CAAC,CAAC;IACjC,CAAC;AACH,CAAC,CAAC;AAaF,MAAM,SAAS,GAAG,CAAC,QAAmB,EAAE,WAAiB,EAAO,EAAE;;IAChE,MAAM,GAAG,GAAG,cAAc,CAAoB,KAAK,EAAE,IAAI,EAAE,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,MAAM,EAAE,MAAA,WAAW,aAAX,WAAW,uBAAX,WAAW,CAAE,OAAO,0CAAE,GAAG,CAAC,CAAC;IACxG,MAAM,GAAG,GAAG,cAAc,CAAS,KAAK,EAAE,KAAK,EAAE,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,QAAQ,EAAE,MAAA,WAAW,aAAX,WAAW,uBAAX,WAAW,CAAE,OAAO,0CAAE,GAAG,CAAC,CAAC;IAChG,MAAM,GAAG,GAAG,cAAc,CAAS,KAAK,EAAE,KAAK,EAAE,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,GAAG,EAAE,MAAA,WAAW,aAAX,WAAW,uBAAX,WAAW,CAAE,OAAO,0CAAE,GAAG,CAAC,CAAC;IAC3F,MAAM,GAAG,GAAG,cAAc,CAAS,KAAK,EAAE,IAAI,EAAE,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,GAAG,EAAE,MAAA,WAAW,aAAX,WAAW,uBAAX,WAAW,CAAE,MAAM,0CAAE,GAAG,EAAE,KAAK,CAAC,CAAC;IAChG,MAAM,KAAK,GAAG,cAAc,CAAS,OAAO,EAAE,KAAK,EAAE,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,KAAK,EAAE,MAAA,WAAW,aAAX,WAAW,uBAAX,WAAW,CAAE,OAAO,0CAAE,KAAK,CAAC,CAAC,CAAC,sEAAsE;IAC1K,oEAAoE;IACpE,MAAM,GAAG,GAAG,cAAc,CAAS,KAAK,EAAE,KAAK,EAAE,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,GAAG,EAAE,MAAA,WAAW,aAAX,WAAW,uBAAX,WAAW,CAAE,MAAM,0CAAE,GAAG,EAAE,OAAO,CAAE,CAAC;IACpG,MAAM,GAAG,GAAG,cAAc,CAAS,KAAK,EAAE,KAAK,EAAE,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,GAAG,EAAE,MAAA,WAAW,aAAX,WAAW,uBAAX,WAAW,CAAE,MAAM,0CAAE,GAAG,CAAC,CAAC;IAC1F,MAAM,GAAG,GAAG,cAAc,CAAU,KAAK,EAAE,KAAK,EAAE,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,GAAG,EAAE,MAAA,WAAW,aAAX,WAAW,uBAAX,WAAW,CAAE,MAAM,0CAAE,GAAG,CAAC,CAAC;IAC3F,MAAM,GAAG,GAAiB,WAAW,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,EAAE,CAAC;IACzD,MAAM,GAAG,GAAG,CAAC,IAAI,IAAI,EAAE,CAAC;IACxB,MAAM,UAAU,iCACd,GAAG,EACH,GAAG,EAAE,MAAA,MAAA,GAAG,CAAC,OAAO,0CAAE,GAAG,mCAAI,IAAI,CAAC,KAAK,CAAC,GAAG,GAAG,IAAI,GAAG,EAAE,CAAC,EACpD,GAAG,EAAE,MAAA,MAAA,GAAG,CAAC,OAAO,0CAAE,GAAG,mCAAI,IAAI,CAAC,KAAK,CAAC,GAAG,GAAG,IAAI,GAAG,EAAE,GAAG,EAAE,CAAC,EACzD,KAAK,IACF,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,GACpB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,CACxB,CAAC;IAEF,MAAM,SAAS,GAAc;QAC3B,GAAG;QACH,GAAG;QACH,GAAG;QACH,GAAG;KACJ,CAAC;IACF,OAAO;QACL,OAAO,kCAAO,GAAG,CAAC,OAAO,GAAK,UAAU,CAAE;QAC1C,MAAM,kCAAO,GAAG,CAAC,MAAM,GAAK,SAAS,CAAE;KACxC,CAAC;AACJ,CAAC,CAAC;AAEF,MAAM,cAAc,GAAG,CAAI,YAAoB,EAAE,QAAiB,EAAE,MAAqB,EAAE,WAAe,EAAE,YAAgB,EAAiB,EAAE;IAC7I,IAAI,OAAO,MAAM,KAAK,QAAQ,IAAI,MAAM,IAAI,WAAW,IAAI,MAAM,KAAK,WAAW,EAAE,CAAC;QAClF,MAAM,KAAK,CAAC,2BAA2B,YAAY,iBAAiB,MAAM,8BAA8B,WAAW,oBAAoB,CAAC,CAAC;IAC3I,CAAC;IACD,IAAI,MAAM,GAAG,CAAC,WAAW,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,MAAM,CAAkB,CAAC;IACnE,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,IAAI,QAAQ,EAAE,CAAC;YACb,MAAM,KAAK,CAAC,MAAM,YAAY,iDAAiD,CAAC,CAAC;QACnF,CAAC;QACD,MAAM,GAAG,YAAY,CAAC;IACxB,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC,CAAC"}

package/lib/functions/ProofUtil.ts

@@ -1,128 +0,0 @@
-import {
-  BAD_PARAMS,
-  BaseJWK,
-  JWK,
-  JWS_NOT_VALID,
-  Jwt,
-  JWTHeader,
-  JWTPayload,
-  ProofOfPossession,
-  ProofOfPossessionCallbacks,
-  Typ,
-} from '@sphereon/oid4vci-common';
-import Debug from 'debug';
-
-const debug = Debug('sphereon:openid4vci:token');
-
-/**
- *
- *  - proofOfPossessionCallback: JWTSignerCallback
- *    Mandatory if you want to create (sign) ProofOfPossession
- *  - proofOfPossessionVerifierCallback?: JWTVerifyCallback
- *    If exists, verifies the ProofOfPossession
- *  - proofOfPossessionCallbackArgs: ProofOfPossessionCallbackArgs
- *    arguments needed for signing ProofOfPossession
- * @param callbacks:
- *    - proofOfPossessionCallback: JWTSignerCallback
- *      Mandatory to create (sign) ProofOfPossession
- *    - proofOfPossessionVerifierCallback?: JWTVerifyCallback
- *      If exists, verifies the ProofOfPossession
- * @param jwtProps
- * @param existingJwt
- *  - Optional, clientId of the party requesting the credential
- */
-export const createProofOfPossession = async <DIDDoc>(
-  callbacks: ProofOfPossessionCallbacks<DIDDoc>,
-  jwtProps?: JwtProps,
-  existingJwt?: Jwt,
-): Promise<ProofOfPossession> => {
-  if (!callbacks.signCallback) {
-    debug(`no jwt signer callback or arguments supplied!`);
-    throw new Error(BAD_PARAMS);
-  }
-
-  const signerArgs = createJWT(jwtProps, existingJwt);
-  const jwt = await callbacks.signCallback(signerArgs, signerArgs.header.kid);
-  const proof = {
-    proof_type: 'jwt',
-    jwt,
-  } as ProofOfPossession;
-
-  try {
-    partiallyValidateJWS(jwt);
-    if (callbacks.verifyCallback) {
-      debug(`Calling supplied verify callback....`);
-      await callbacks.verifyCallback({ jwt, kid: signerArgs.header.kid });
-      debug(`Supplied verify callback return success result`);
-    }
-  } catch {
-    debug(`JWS was not valid`);
-    throw new Error(JWS_NOT_VALID);
-  }
-  debug(`Proof of Possession JWT:\r\n${jwt}`);
-  return proof;
-};
-
-const partiallyValidateJWS = (jws: string): void => {
-  if (jws.split('.').length !== 3 || !jws.startsWith('ey')) {
-    throw new Error(JWS_NOT_VALID);
-  }
-};
-
-export interface JwtProps {
-  typ?: Typ;
-  kid?: string;
-  jwk?: JWK;
-  issuer?: string;
-  clientId?: string;
-  alg?: string;
-  jti?: string;
-  nonce?: string;
-}
-
-const createJWT = (jwtProps?: JwtProps, existingJwt?: Jwt): Jwt => {
-  const aud = getJwtProperty<string | string[]>('aud', true, jwtProps?.issuer, existingJwt?.payload?.aud);
-  const iss = getJwtProperty<string>('iss', false, jwtProps?.clientId, existingJwt?.payload?.iss);
-  const jti = getJwtProperty<string>('jti', false, jwtProps?.jti, existingJwt?.payload?.jti);
-  const typ = getJwtProperty<string>('typ', true, jwtProps?.typ, existingJwt?.header?.typ, 'jwt');
-  const nonce = getJwtProperty<string>('nonce', false, jwtProps?.nonce, existingJwt?.payload?.nonce); // Officially this is required, but some implementations don't have it
-  // eslint-disable-next-line @typescript-eslint/no-non-null-assertion
-  const alg = getJwtProperty<string>('alg', false, jwtProps?.alg, existingJwt?.header?.alg, 'ES256')!;
-  const kid = getJwtProperty<string>('kid', false, jwtProps?.kid, existingJwt?.header?.kid);
-  const jwk = getJwtProperty<BaseJWK>('jwk', false, jwtProps?.jwk, existingJwt?.header?.jwk);
-  const jwt: Partial<Jwt> = existingJwt ? existingJwt : {};
-  const now = +new Date();
-  const jwtPayload: Partial<JWTPayload> = {
-    aud,
-    iat: jwt.payload?.iat ?? Math.round(now / 1000 - 60), // Let's ensure we subtract 60 seconds for potential time offsets
-    exp: jwt.payload?.exp ?? Math.round(now / 1000 + 10 * 60),
-    nonce,
-    ...(iss ? { iss } : {}),
-    ...(jti ? { jti } : {}),
-  };
-
-  const jwtHeader: JWTHeader = {
-    typ,
-    alg,
-    kid,
-    jwk,
-  };
-  return {
-    payload: { ...jwt.payload, ...jwtPayload },
-    header: { ...jwt.header, ...jwtHeader },
-  };
-};
-
-const getJwtProperty = <T>(propertyName: string, required: boolean, option?: string | JWK, jwtProperty?: T, defaultValue?: T): T | undefined => {
-  if (typeof option === 'string' && option && jwtProperty && option !== jwtProperty) {
-    throw Error(`Cannot have a property '${propertyName}' with value '${option}' and different JWT value '${jwtProperty}' at the same time`);
-  }
-  let result = (jwtProperty ? jwtProperty : option) as T | undefined;
-  if (!result) {
-    if (required) {
-      throw Error(`No ${propertyName} property provided either in a JWT or as option`);
-    }
-    result = defaultValue;
-  }
-  return result;
-};