@sphereon/oid4vci-client 0.19.1-next.2 → 0.19.1-next.220
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.cjs +961 -2390
- package/dist/index.cjs.map +1 -1
- package/dist/index.d.cts +128 -417
- package/dist/index.d.ts +128 -417
- package/dist/index.js +940 -2379
- package/dist/index.js.map +1 -1
- package/package.json +5 -5
package/dist/index.d.cts
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
import { CredentialFormat, ISimpleLogger } from '@sphereon/ssi-types';
|
|
2
2
|
import { CreateDPoPClientOpts, JWK } from '@sphereon/oid4vc-common';
|
|
3
3
|
import * as _sphereon_oid4vci_common from '@sphereon/oid4vci-common';
|
|
4
|
-
import { AccessTokenRequestOpts, OpenIDResponse, AccessTokenResponse, DPoPResponseParams, AccessTokenRequest, TxCodeAndPinRequired, EndpointMetadata, AuthorizationServerOpts, IssuerOpts, RequestObjectOpts, PKCEOpts,
|
|
4
|
+
import { AccessTokenRequestOpts, OpenIDResponse, AccessTokenResponse, DPoPResponseParams, AccessTokenRequest, TxCodeAndPinRequired, EndpointMetadata, AuthorizationServerOpts, IssuerOpts, RequestObjectOpts, PKCEOpts, EndpointMetadataResultV1_0_15, AuthorizationRequestOpts, CredentialOfferRequestWithBaseUrl, CredentialConfigurationSupportedV1_0_15, OpenId4VCIVersion, AuthorizationChallengeRequestOpts, AuthorizationChallengeCodeResponse, CommonAuthorizationChallengeRequest, ExperimentalSubjectIssuance, UniformCredentialOfferRequest, CredentialIssuerMetadataV1_0_15, Jwt, ProofOfPossessionCallbacks, PoPMode, ProofOfPossession, Alg, Typ, AuthorizationDetails, OID4VCICredentialFormat, CredentialResponse, CredentialRequest, CredentialRequestV1_0_15, CredentialIssuerMetadata, NotificationRequest, NotificationResponseResult, WellKnownEndpoints, CredentialOfferPayload, CredentialOfferPayloadV1_0_15, IssuerMetadataV1_0_15, AuthorizationResponse, CredentialResponseV1_0_15, AuthzFlowType, CredentialConfigurationSupported } from '@sphereon/oid4vci-common';
|
|
5
5
|
|
|
6
6
|
declare class AccessTokenClient {
|
|
7
7
|
acquireAccessToken(opts: AccessTokenRequestOpts): Promise<OpenIDResponse<AccessTokenResponse, DPoPResponseParams>>;
|
|
@@ -32,44 +32,15 @@ declare class AccessTokenClient {
|
|
|
32
32
|
private throwNotSupportedFlow;
|
|
33
33
|
}
|
|
34
34
|
|
|
35
|
-
declare class AccessTokenClientV1_0_11 {
|
|
36
|
-
acquireAccessToken(opts: AccessTokenRequestOpts): Promise<OpenIDResponse<AccessTokenResponse, DPoPResponseParams>>;
|
|
37
|
-
acquireAccessTokenUsingRequest({ accessTokenRequest, isPinRequired, metadata, asOpts, createDPoPOpts, issuerOpts, }: {
|
|
38
|
-
accessTokenRequest: AccessTokenRequest;
|
|
39
|
-
isPinRequired?: boolean;
|
|
40
|
-
metadata?: EndpointMetadata;
|
|
41
|
-
asOpts?: AuthorizationServerOpts;
|
|
42
|
-
issuerOpts?: IssuerOpts;
|
|
43
|
-
createDPoPOpts?: CreateDPoPClientOpts;
|
|
44
|
-
}): Promise<OpenIDResponse<AccessTokenResponse, DPoPResponseParams>>;
|
|
45
|
-
createAccessTokenRequest(opts: Omit<AccessTokenRequestOpts, 'createDPoPOpts'>): Promise<AccessTokenRequest>;
|
|
46
|
-
private assertPreAuthorizedGrantType;
|
|
47
|
-
private assertAuthorizationGrantType;
|
|
48
|
-
private isPinRequiredValue;
|
|
49
|
-
private assertNumericPin;
|
|
50
|
-
private assertNonEmptyPreAuthorizedCode;
|
|
51
|
-
private assertNonEmptyCodeVerifier;
|
|
52
|
-
private assertNonEmptyCode;
|
|
53
|
-
private validate;
|
|
54
|
-
private sendAuthCode;
|
|
55
|
-
static determineTokenURL({ asOpts, issuerOpts, metadata, }: {
|
|
56
|
-
asOpts?: AuthorizationServerOpts;
|
|
57
|
-
issuerOpts?: IssuerOpts;
|
|
58
|
-
metadata?: EndpointMetadata;
|
|
59
|
-
}): string;
|
|
60
|
-
private static creatTokenURLFromURL;
|
|
61
|
-
private throwNotSupportedFlow;
|
|
62
|
-
}
|
|
63
|
-
|
|
64
35
|
declare function createSignedAuthRequestWhenNeeded(requestObject: Record<string, any>, opts: RequestObjectOpts & {
|
|
65
36
|
aud?: string;
|
|
66
37
|
}): Promise<void>;
|
|
67
|
-
declare const createAuthorizationRequestUrl: ({ pkce, endpointMetadata, authorizationRequest, credentialOffer, credentialConfigurationSupported, clientId, version
|
|
38
|
+
declare const createAuthorizationRequestUrl: ({ pkce, endpointMetadata, authorizationRequest, credentialOffer, credentialConfigurationSupported, clientId, version }: {
|
|
68
39
|
pkce: PKCEOpts;
|
|
69
|
-
endpointMetadata:
|
|
40
|
+
endpointMetadata: EndpointMetadataResultV1_0_15;
|
|
70
41
|
authorizationRequest: AuthorizationRequestOpts;
|
|
71
42
|
credentialOffer?: CredentialOfferRequestWithBaseUrl;
|
|
72
|
-
credentialConfigurationSupported?: Record<string,
|
|
43
|
+
credentialConfigurationSupported?: Record<string, CredentialConfigurationSupportedV1_0_15>;
|
|
73
44
|
clientId?: string;
|
|
74
45
|
version?: OpenId4VCIVersion;
|
|
75
46
|
}) => Promise<string>;
|
|
@@ -84,18 +55,63 @@ declare const sendAuthorizationChallengeRequest: (authorizationChallengeCodeUrl:
|
|
|
84
55
|
headers?: Record<string, string>;
|
|
85
56
|
}) => Promise<OpenIDResponse<AuthorizationChallengeCodeResponse>>;
|
|
86
57
|
|
|
87
|
-
declare
|
|
88
|
-
|
|
89
|
-
|
|
90
|
-
|
|
91
|
-
|
|
92
|
-
|
|
93
|
-
|
|
58
|
+
declare class CredentialRequestClientBuilderV1_0_15 {
|
|
59
|
+
credentialEndpoint?: string;
|
|
60
|
+
deferredCredentialEndpoint?: string;
|
|
61
|
+
nonceEndpoint?: string;
|
|
62
|
+
deferredCredentialAwait: boolean;
|
|
63
|
+
deferredCredentialIntervalInMS: number;
|
|
64
|
+
credentialIdentifier?: string;
|
|
65
|
+
credentialConfigurationId?: string;
|
|
66
|
+
credentialTypes?: string[];
|
|
67
|
+
token?: string;
|
|
68
|
+
version?: OpenId4VCIVersion;
|
|
69
|
+
subjectIssuance?: ExperimentalSubjectIssuance;
|
|
70
|
+
issuerState?: string;
|
|
71
|
+
static fromCredentialIssuer({ credentialIssuer, metadata, version, credentialIdentifier, credentialConfigurationId, credentialTypes }: {
|
|
72
|
+
credentialIssuer: string;
|
|
73
|
+
metadata?: EndpointMetadataResultV1_0_15;
|
|
74
|
+
version?: OpenId4VCIVersion;
|
|
75
|
+
credentialIdentifier?: string;
|
|
76
|
+
credentialConfigurationId?: string;
|
|
77
|
+
credentialTypes?: string | string[];
|
|
78
|
+
}): CredentialRequestClientBuilderV1_0_15;
|
|
79
|
+
static fromURI({ uri, metadata }: {
|
|
80
|
+
uri: string;
|
|
81
|
+
metadata?: EndpointMetadataResultV1_0_15;
|
|
82
|
+
}): Promise<CredentialRequestClientBuilderV1_0_15>;
|
|
83
|
+
static fromCredentialOfferRequest(opts: {
|
|
84
|
+
request: UniformCredentialOfferRequest;
|
|
85
|
+
scheme?: string;
|
|
86
|
+
baseUrl?: string;
|
|
87
|
+
version?: OpenId4VCIVersion;
|
|
88
|
+
metadata?: EndpointMetadataResultV1_0_15;
|
|
89
|
+
}): CredentialRequestClientBuilderV1_0_15;
|
|
90
|
+
static fromCredentialOffer({ credentialOffer, metadata }: {
|
|
91
|
+
credentialOffer: CredentialOfferRequestWithBaseUrl;
|
|
92
|
+
metadata?: EndpointMetadataResultV1_0_15;
|
|
93
|
+
}): CredentialRequestClientBuilderV1_0_15;
|
|
94
|
+
withCredentialEndpointFromMetadata(metadata: CredentialIssuerMetadataV1_0_15): this;
|
|
95
|
+
withCredentialEndpoint(credentialEndpoint: string): this;
|
|
96
|
+
withIssuerState(issuerState?: string): this;
|
|
97
|
+
withDeferredCredentialEndpointFromMetadata(metadata: CredentialIssuerMetadataV1_0_15): this;
|
|
98
|
+
withDeferredCredentialEndpoint(deferredCredentialEndpoint: string): this;
|
|
99
|
+
withNonceEndpointFromMetadata(metadata: CredentialIssuerMetadataV1_0_15): this;
|
|
100
|
+
withNonceEndpoint(nonceEndpoint: string): this;
|
|
101
|
+
withDeferredCredentialAwait(deferredCredentialAwait: boolean, deferredCredentialIntervalInMS?: number): this;
|
|
102
|
+
withCredentialIdentifier(credentialIdentifier: string): this;
|
|
103
|
+
withCredentialConfigurationId(credentialConfigurationId: string): this;
|
|
104
|
+
withCredentialType(credentialTypes: string | string[]): this;
|
|
105
|
+
withSubjectIssuance(subjectIssuance: ExperimentalSubjectIssuance): this;
|
|
106
|
+
withToken(accessToken: string): this;
|
|
107
|
+
withTokenFromResponse(response: AccessTokenResponse): this;
|
|
108
|
+
withVersion(version: OpenId4VCIVersion): this;
|
|
109
|
+
build(): CredentialRequestClient;
|
|
110
|
+
}
|
|
94
111
|
|
|
95
112
|
declare class ProofOfPossessionBuilder<DIDDoc = never> {
|
|
96
113
|
private readonly proof?;
|
|
97
114
|
private readonly callbacks?;
|
|
98
|
-
private readonly version;
|
|
99
115
|
private readonly mode;
|
|
100
116
|
private kid?;
|
|
101
117
|
private jwk?;
|
|
@@ -142,150 +158,6 @@ declare class ProofOfPossessionBuilder<DIDDoc = never> {
|
|
|
142
158
|
build(): Promise<ProofOfPossession>;
|
|
143
159
|
}
|
|
144
160
|
|
|
145
|
-
interface CredentialRequestOptsV1_0_11 {
|
|
146
|
-
deferredCredentialAwait?: boolean;
|
|
147
|
-
deferredCredentialIntervalInMS?: number;
|
|
148
|
-
credentialEndpoint: string;
|
|
149
|
-
deferredCredentialEndpoint?: string;
|
|
150
|
-
credentialTypes: string[];
|
|
151
|
-
format?: CredentialFormat | OID4VCICredentialFormat;
|
|
152
|
-
proof: ProofOfPossession;
|
|
153
|
-
token: string;
|
|
154
|
-
version: OpenId4VCIVersion;
|
|
155
|
-
}
|
|
156
|
-
declare class CredentialRequestClientV1_0_11 {
|
|
157
|
-
private readonly _credentialRequestOpts;
|
|
158
|
-
private _isDeferred;
|
|
159
|
-
get credentialRequestOpts(): CredentialRequestOptsV1_0_11;
|
|
160
|
-
isDeferred(): boolean;
|
|
161
|
-
getCredentialEndpoint(): string;
|
|
162
|
-
getDeferredCredentialEndpoint(): string | undefined;
|
|
163
|
-
constructor(builder: CredentialRequestClientBuilderV1_0_11);
|
|
164
|
-
acquireCredentialsUsingProof(opts: {
|
|
165
|
-
proofInput: ProofOfPossessionBuilder | ProofOfPossession;
|
|
166
|
-
credentialTypes?: string | string[];
|
|
167
|
-
context?: string[];
|
|
168
|
-
format?: CredentialFormat | OID4VCICredentialFormat;
|
|
169
|
-
createDPoPOpts?: CreateDPoPClientOpts;
|
|
170
|
-
}): Promise<OpenIDResponse<CredentialResponse, DPoPResponseParams> & {
|
|
171
|
-
access_token: string;
|
|
172
|
-
}>;
|
|
173
|
-
acquireCredentialsUsingRequest(uniformRequest: UniformCredentialRequest, createDPoPOpts?: CreateDPoPClientOpts): Promise<OpenIDResponse<CredentialResponse, DPoPResponseParams> & {
|
|
174
|
-
access_token: string;
|
|
175
|
-
}>;
|
|
176
|
-
acquireDeferredCredential(response: Pick<CredentialResponse, 'transaction_id' | 'acceptance_token' | 'c_nonce'>, opts?: {
|
|
177
|
-
bearerToken?: string;
|
|
178
|
-
}): Promise<OpenIDResponse<CredentialResponse> & {
|
|
179
|
-
access_token: string;
|
|
180
|
-
}>;
|
|
181
|
-
createCredentialRequest(opts: {
|
|
182
|
-
proofInput: ProofOfPossessionBuilder | ProofOfPossession;
|
|
183
|
-
credentialTypes?: string | string[];
|
|
184
|
-
context?: string[];
|
|
185
|
-
format?: CredentialFormat | OID4VCICredentialFormat;
|
|
186
|
-
version: OpenId4VCIVersion;
|
|
187
|
-
}): Promise<UniformCredentialRequest>;
|
|
188
|
-
private version;
|
|
189
|
-
private isV11OrHigher;
|
|
190
|
-
}
|
|
191
|
-
|
|
192
|
-
declare class CredentialRequestClientBuilderV1_0_11 {
|
|
193
|
-
credentialEndpoint?: string;
|
|
194
|
-
deferredCredentialEndpoint?: string;
|
|
195
|
-
deferredCredentialAwait: boolean;
|
|
196
|
-
deferredCredentialIntervalInMS: number;
|
|
197
|
-
credentialTypes: string[];
|
|
198
|
-
format?: CredentialFormat | OID4VCICredentialFormat;
|
|
199
|
-
token?: string;
|
|
200
|
-
version?: OpenId4VCIVersion;
|
|
201
|
-
subjectIssuance?: ExperimentalSubjectIssuance;
|
|
202
|
-
issuerState?: string;
|
|
203
|
-
static fromCredentialIssuer({ credentialIssuer, metadata, version, credentialTypes, }: {
|
|
204
|
-
credentialIssuer: string;
|
|
205
|
-
metadata?: EndpointMetadata;
|
|
206
|
-
version?: OpenId4VCIVersion;
|
|
207
|
-
credentialTypes: string | string[];
|
|
208
|
-
}): CredentialRequestClientBuilderV1_0_11;
|
|
209
|
-
static fromURI({ uri, metadata }: {
|
|
210
|
-
uri: string;
|
|
211
|
-
metadata?: EndpointMetadata;
|
|
212
|
-
}): Promise<CredentialRequestClientBuilderV1_0_11>;
|
|
213
|
-
static fromCredentialOfferRequest(opts: {
|
|
214
|
-
request: UniformCredentialOfferRequest;
|
|
215
|
-
scheme?: string;
|
|
216
|
-
baseUrl?: string;
|
|
217
|
-
version?: OpenId4VCIVersion;
|
|
218
|
-
metadata?: EndpointMetadata;
|
|
219
|
-
}): CredentialRequestClientBuilderV1_0_11;
|
|
220
|
-
static fromCredentialOffer({ credentialOffer, metadata, }: {
|
|
221
|
-
credentialOffer: CredentialOfferRequestWithBaseUrl;
|
|
222
|
-
metadata?: EndpointMetadata;
|
|
223
|
-
}): CredentialRequestClientBuilderV1_0_11;
|
|
224
|
-
withIssuerState(issuerState?: string): this;
|
|
225
|
-
withCredentialEndpointFromMetadata(metadata: CredentialIssuerMetadata): this;
|
|
226
|
-
withCredentialEndpoint(credentialEndpoint: string): this;
|
|
227
|
-
withDeferredCredentialEndpointFromMetadata(metadata: CredentialIssuerMetadata): this;
|
|
228
|
-
withDeferredCredentialEndpoint(deferredCredentialEndpoint: string): this;
|
|
229
|
-
withDeferredCredentialAwait(deferredCredentialAwait: boolean, deferredCredentialIntervalInMS?: number): this;
|
|
230
|
-
withCredentialType(credentialTypes: string | string[]): this;
|
|
231
|
-
withFormat(format: CredentialFormat | OID4VCICredentialFormat): this;
|
|
232
|
-
withSubjectIssuance(subjectIssuance: ExperimentalSubjectIssuance): this;
|
|
233
|
-
withToken(accessToken: string): this;
|
|
234
|
-
withTokenFromResponse(response: AccessTokenResponse): this;
|
|
235
|
-
withVersion(version: OpenId4VCIVersion): this;
|
|
236
|
-
build(): CredentialRequestClientV1_0_11;
|
|
237
|
-
}
|
|
238
|
-
|
|
239
|
-
declare class CredentialRequestClientBuilderV1_0_13 {
|
|
240
|
-
credentialEndpoint?: string;
|
|
241
|
-
deferredCredentialEndpoint?: string;
|
|
242
|
-
deferredCredentialAwait: boolean;
|
|
243
|
-
deferredCredentialIntervalInMS: number;
|
|
244
|
-
credentialIdentifier?: string;
|
|
245
|
-
credentialTypes?: string[];
|
|
246
|
-
format?: CredentialFormat | OID4VCICredentialFormat;
|
|
247
|
-
token?: string;
|
|
248
|
-
version?: OpenId4VCIVersion;
|
|
249
|
-
subjectIssuance?: ExperimentalSubjectIssuance;
|
|
250
|
-
issuerState?: string;
|
|
251
|
-
static fromCredentialIssuer({ credentialIssuer, metadata, version, credentialIdentifier, credentialTypes, }: {
|
|
252
|
-
credentialIssuer: string;
|
|
253
|
-
metadata?: EndpointMetadata;
|
|
254
|
-
version?: OpenId4VCIVersion;
|
|
255
|
-
credentialIdentifier?: string;
|
|
256
|
-
credentialTypes?: string | string[];
|
|
257
|
-
}): CredentialRequestClientBuilderV1_0_13;
|
|
258
|
-
static fromURI({ uri, metadata }: {
|
|
259
|
-
uri: string;
|
|
260
|
-
metadata?: EndpointMetadata;
|
|
261
|
-
}): Promise<CredentialRequestClientBuilderV1_0_13>;
|
|
262
|
-
static fromCredentialOfferRequest(opts: {
|
|
263
|
-
request: UniformCredentialOfferRequest;
|
|
264
|
-
scheme?: string;
|
|
265
|
-
baseUrl?: string;
|
|
266
|
-
version?: OpenId4VCIVersion;
|
|
267
|
-
metadata?: EndpointMetadata;
|
|
268
|
-
}): CredentialRequestClientBuilderV1_0_13;
|
|
269
|
-
static fromCredentialOffer({ credentialOffer, metadata, }: {
|
|
270
|
-
credentialOffer: CredentialOfferRequestWithBaseUrl;
|
|
271
|
-
metadata?: EndpointMetadata;
|
|
272
|
-
}): CredentialRequestClientBuilderV1_0_13;
|
|
273
|
-
withCredentialEndpointFromMetadata(metadata: CredentialIssuerMetadataV1_0_13): this;
|
|
274
|
-
withCredentialEndpoint(credentialEndpoint: string): this;
|
|
275
|
-
withIssuerState(issuerState?: string): this;
|
|
276
|
-
withDeferredCredentialEndpointFromMetadata(metadata: CredentialIssuerMetadataV1_0_13): this;
|
|
277
|
-
withDeferredCredentialEndpoint(deferredCredentialEndpoint: string): this;
|
|
278
|
-
withDeferredCredentialAwait(deferredCredentialAwait: boolean, deferredCredentialIntervalInMS?: number): this;
|
|
279
|
-
withCredentialIdentifier(credentialIdentifier: string): this;
|
|
280
|
-
withCredentialType(credentialTypes: string | string[]): this;
|
|
281
|
-
withFormat(format: CredentialFormat | OID4VCICredentialFormat): this;
|
|
282
|
-
withSubjectIssuance(subjectIssuance: ExperimentalSubjectIssuance): this;
|
|
283
|
-
withToken(accessToken: string): this;
|
|
284
|
-
withTokenFromResponse(response: AccessTokenResponse): this;
|
|
285
|
-
withVersion(version: OpenId4VCIVersion): this;
|
|
286
|
-
build(): CredentialRequestClient;
|
|
287
|
-
}
|
|
288
|
-
|
|
289
161
|
interface CredentialRequestOpts {
|
|
290
162
|
deferredCredentialAwait?: boolean;
|
|
291
163
|
deferredCredentialIntervalInMS?: number;
|
|
@@ -294,12 +166,13 @@ interface CredentialRequestOpts {
|
|
|
294
166
|
deferredCredentialEndpoint?: string;
|
|
295
167
|
credentialTypes?: string[];
|
|
296
168
|
credentialIdentifier?: string;
|
|
297
|
-
|
|
169
|
+
credentialConfigurationId?: string;
|
|
298
170
|
proof: ProofOfPossession;
|
|
299
171
|
token: string;
|
|
300
172
|
version: OpenId4VCIVersion;
|
|
301
173
|
subjectIssuance?: ExperimentalSubjectIssuance;
|
|
302
174
|
issuerState?: string;
|
|
175
|
+
authorizationDetails?: AuthorizationDetails[];
|
|
303
176
|
}
|
|
304
177
|
type CreateCredentialRequestOpts = {
|
|
305
178
|
credentialIdentifier?: string;
|
|
@@ -308,6 +181,7 @@ type CreateCredentialRequestOpts = {
|
|
|
308
181
|
format?: CredentialFormat | OID4VCICredentialFormat;
|
|
309
182
|
subjectIssuance?: ExperimentalSubjectIssuance;
|
|
310
183
|
version: OpenId4VCIVersion;
|
|
184
|
+
credentialConfigurationId?: string;
|
|
311
185
|
};
|
|
312
186
|
declare function buildProof(proofInput: ProofOfPossessionBuilder | ProofOfPossession, opts: {
|
|
313
187
|
version: OpenId4VCIVersion;
|
|
@@ -320,7 +194,7 @@ declare class CredentialRequestClient {
|
|
|
320
194
|
isDeferred(): boolean;
|
|
321
195
|
getCredentialEndpoint(): string;
|
|
322
196
|
getDeferredCredentialEndpoint(): string | undefined;
|
|
323
|
-
constructor(builder:
|
|
197
|
+
constructor(builder: CredentialRequestClientBuilderV1_0_15);
|
|
324
198
|
/**
|
|
325
199
|
* Typically you should not use this method, as it omits a proof from the request.
|
|
326
200
|
* There are certain issuers that in specific circumstances can do without this proof, because they have other means of user binding
|
|
@@ -331,7 +205,7 @@ declare class CredentialRequestClient {
|
|
|
331
205
|
credentialIdentifier?: string;
|
|
332
206
|
credentialTypes?: string | string[];
|
|
333
207
|
context?: string[];
|
|
334
|
-
format
|
|
208
|
+
format: CredentialFormat | OID4VCICredentialFormat;
|
|
335
209
|
subjectIssuance?: ExperimentalSubjectIssuance;
|
|
336
210
|
createDPoPOpts?: CreateDPoPClientOpts;
|
|
337
211
|
}): Promise<OpenIDResponse<CredentialResponse, DPoPResponseParams> & {
|
|
@@ -339,19 +213,19 @@ declare class CredentialRequestClient {
|
|
|
339
213
|
}>;
|
|
340
214
|
acquireCredentialsUsingProof(opts: {
|
|
341
215
|
proofInput: ProofOfPossessionBuilder | ProofOfPossession;
|
|
216
|
+
format: CredentialFormat | OID4VCICredentialFormat;
|
|
342
217
|
credentialIdentifier?: string;
|
|
343
218
|
credentialTypes?: string | string[];
|
|
344
219
|
context?: string[];
|
|
345
|
-
format?: CredentialFormat | OID4VCICredentialFormat;
|
|
346
220
|
subjectIssuance?: ExperimentalSubjectIssuance;
|
|
347
221
|
createDPoPOpts?: CreateDPoPClientOpts;
|
|
348
222
|
}): Promise<OpenIDResponse<CredentialResponse, DPoPResponseParams> & {
|
|
349
223
|
access_token: string;
|
|
350
224
|
}>;
|
|
351
|
-
acquireCredentialsUsingRequestWithoutProof(uniformRequest:
|
|
225
|
+
acquireCredentialsUsingRequestWithoutProof(uniformRequest: CredentialRequest, format: OID4VCICredentialFormat, createDPoPOpts?: CreateDPoPClientOpts): Promise<OpenIDResponse<CredentialResponse, DPoPResponseParams> & {
|
|
352
226
|
access_token: string;
|
|
353
227
|
}>;
|
|
354
|
-
acquireCredentialsUsingRequest(uniformRequest:
|
|
228
|
+
acquireCredentialsUsingRequest(uniformRequest: CredentialRequest, format: OID4VCICredentialFormat, createDPoPOpts?: CreateDPoPClientOpts): Promise<OpenIDResponse<CredentialResponse, DPoPResponseParams> & {
|
|
355
229
|
access_token: string;
|
|
356
230
|
}>;
|
|
357
231
|
private acquireCredentialsUsingRequestImpl;
|
|
@@ -360,10 +234,10 @@ declare class CredentialRequestClient {
|
|
|
360
234
|
}): Promise<OpenIDResponse<CredentialResponse> & {
|
|
361
235
|
access_token: string;
|
|
362
236
|
}>;
|
|
363
|
-
createCredentialRequestWithoutProof(opts: CreateCredentialRequestOpts): Promise<
|
|
237
|
+
createCredentialRequestWithoutProof(opts: CreateCredentialRequestOpts): Promise<CredentialRequestV1_0_15>;
|
|
364
238
|
createCredentialRequest(opts: CreateCredentialRequestOpts & {
|
|
365
239
|
proofInput: ProofOfPossessionBuilder | ProofOfPossession;
|
|
366
|
-
}): Promise<
|
|
240
|
+
}): Promise<CredentialRequestV1_0_15>;
|
|
367
241
|
private createCredentialRequestImpl;
|
|
368
242
|
private version;
|
|
369
243
|
}
|
|
@@ -377,16 +251,7 @@ declare class CredentialOfferClient {
|
|
|
377
251
|
}): string;
|
|
378
252
|
}
|
|
379
253
|
|
|
380
|
-
declare class
|
|
381
|
-
static fromURI(uri: string, opts?: {
|
|
382
|
-
resolve?: boolean;
|
|
383
|
-
}): Promise<CredentialOfferRequestWithBaseUrlV1_0_11>;
|
|
384
|
-
static toURI(requestWithBaseUrl: CredentialOfferRequestWithBaseUrl, opts?: {
|
|
385
|
-
version?: OpenId4VCIVersion;
|
|
386
|
-
}): string;
|
|
387
|
-
}
|
|
388
|
-
|
|
389
|
-
declare class CredentialOfferClientV1_0_13 {
|
|
254
|
+
declare class CredentialOfferClientV1_0_15 {
|
|
390
255
|
static fromURI(uri: string, opts?: {
|
|
391
256
|
resolve?: boolean;
|
|
392
257
|
}): Promise<CredentialOfferRequestWithBaseUrl>;
|
|
@@ -398,7 +263,7 @@ declare class CredentialOfferClientV1_0_13 {
|
|
|
398
263
|
declare class CredentialRequestClientBuilder {
|
|
399
264
|
private _builder;
|
|
400
265
|
private constructor();
|
|
401
|
-
static fromCredentialIssuer({ credentialIssuer, metadata, version, credentialIdentifier, credentialTypes
|
|
266
|
+
static fromCredentialIssuer({ credentialIssuer, metadata, version, credentialIdentifier, credentialTypes }: {
|
|
402
267
|
credentialIssuer: string;
|
|
403
268
|
metadata?: EndpointMetadata;
|
|
404
269
|
version?: OpenId4VCIVersion;
|
|
@@ -407,34 +272,33 @@ declare class CredentialRequestClientBuilder {
|
|
|
407
272
|
}): CredentialRequestClientBuilder;
|
|
408
273
|
static fromURI({ uri, metadata }: {
|
|
409
274
|
uri: string;
|
|
410
|
-
metadata?:
|
|
275
|
+
metadata?: EndpointMetadataResultV1_0_15;
|
|
411
276
|
}): Promise<CredentialRequestClientBuilder>;
|
|
412
277
|
static fromCredentialOfferRequest(opts: {
|
|
413
278
|
request: UniformCredentialOfferRequest;
|
|
414
279
|
scheme?: string;
|
|
415
280
|
baseUrl?: string;
|
|
416
281
|
version?: OpenId4VCIVersion;
|
|
417
|
-
metadata?:
|
|
282
|
+
metadata?: EndpointMetadataResultV1_0_15;
|
|
418
283
|
}): CredentialRequestClientBuilder;
|
|
419
|
-
static fromCredentialOffer({ credentialOffer, metadata
|
|
284
|
+
static fromCredentialOffer({ credentialOffer, metadata }: {
|
|
420
285
|
credentialOffer: CredentialOfferRequestWithBaseUrl;
|
|
421
|
-
metadata?:
|
|
286
|
+
metadata?: EndpointMetadataResultV1_0_15;
|
|
422
287
|
}): CredentialRequestClientBuilder;
|
|
423
288
|
getVersion(): OpenId4VCIVersion | undefined;
|
|
424
|
-
withCredentialEndpointFromMetadata(metadata: CredentialIssuerMetadata |
|
|
289
|
+
withCredentialEndpointFromMetadata(metadata: CredentialIssuerMetadata | CredentialIssuerMetadataV1_0_15): this;
|
|
425
290
|
withCredentialEndpoint(credentialEndpoint: string): this;
|
|
426
|
-
withDeferredCredentialEndpointFromMetadata(metadata:
|
|
291
|
+
withDeferredCredentialEndpointFromMetadata(metadata: CredentialIssuerMetadataV1_0_15): this;
|
|
427
292
|
withDeferredCredentialEndpoint(deferredCredentialEndpoint: string): this;
|
|
428
293
|
withDeferredCredentialAwait(deferredCredentialAwait: boolean, deferredCredentialIntervalInMS?: number): this;
|
|
429
294
|
withCredentialIdentifier(credentialIdentifier: string): this;
|
|
430
295
|
withIssuerState(issuerState?: string): this;
|
|
431
296
|
withCredentialType(credentialTypes: string | string[]): this;
|
|
432
|
-
withFormat(format: CredentialFormat | OID4VCICredentialFormat): this;
|
|
433
297
|
withSubjectIssuance(subjectIssuance: ExperimentalSubjectIssuance): this;
|
|
434
298
|
withToken(accessToken: string): this;
|
|
435
299
|
withTokenFromResponse(response: AccessTokenResponse): this;
|
|
436
300
|
withVersion(version: OpenId4VCIVersion): this;
|
|
437
|
-
build():
|
|
301
|
+
build(): CredentialRequestClient;
|
|
438
302
|
}
|
|
439
303
|
|
|
440
304
|
declare const generateMissingPKCEOpts: (pkce: PKCEOpts) => PKCEOpts;
|
|
@@ -480,12 +344,12 @@ declare class MetadataClient {
|
|
|
480
344
|
*
|
|
481
345
|
* @param credentialOffer
|
|
482
346
|
*/
|
|
483
|
-
static retrieveAllMetadataFromCredentialOffer(credentialOffer: CredentialOfferRequestWithBaseUrl): Promise<
|
|
347
|
+
static retrieveAllMetadataFromCredentialOffer(credentialOffer: CredentialOfferRequestWithBaseUrl): Promise<EndpointMetadataResultV1_0_15>;
|
|
484
348
|
/**
|
|
485
349
|
* Retrieve the metada using the initiation request obtained from a previous step
|
|
486
350
|
* @param request
|
|
487
351
|
*/
|
|
488
|
-
static retrieveAllMetadataFromCredentialOfferRequest(request: CredentialOfferPayload): Promise<
|
|
352
|
+
static retrieveAllMetadataFromCredentialOfferRequest(request: CredentialOfferPayload): Promise<EndpointMetadataResultV1_0_15>;
|
|
489
353
|
/**
|
|
490
354
|
* Retrieve all metadata from an issuer
|
|
491
355
|
* @param issuer The issuer URL
|
|
@@ -493,7 +357,7 @@ declare class MetadataClient {
|
|
|
493
357
|
*/
|
|
494
358
|
static retrieveAllMetadata(issuer: string, opts?: {
|
|
495
359
|
errorOnNotFound: boolean;
|
|
496
|
-
}): Promise<
|
|
360
|
+
}): Promise<EndpointMetadataResultV1_0_15>;
|
|
497
361
|
/**
|
|
498
362
|
* Retrieve only the OID4VCI metadata for the issuer. So no OIDC/OAuth2 metadata
|
|
499
363
|
*
|
|
@@ -502,21 +366,21 @@ declare class MetadataClient {
|
|
|
502
366
|
*/
|
|
503
367
|
static retrieveOpenID4VCIServerMetadata(issuerHost: string, opts?: {
|
|
504
368
|
errorOnNotFound?: boolean;
|
|
505
|
-
}): Promise<OpenIDResponse<
|
|
369
|
+
}): Promise<OpenIDResponse<CredentialIssuerMetadataV1_0_15> | undefined>;
|
|
506
370
|
}
|
|
507
371
|
|
|
508
|
-
declare class
|
|
372
|
+
declare class MetadataClientV1_0_15 {
|
|
509
373
|
/**
|
|
510
374
|
* Retrieve metadata using the Initiation obtained from a previous step
|
|
511
375
|
*
|
|
512
376
|
* @param credentialOffer
|
|
513
377
|
*/
|
|
514
|
-
static retrieveAllMetadataFromCredentialOffer(credentialOffer: CredentialOfferRequestWithBaseUrl): Promise<
|
|
378
|
+
static retrieveAllMetadataFromCredentialOffer(credentialOffer: CredentialOfferRequestWithBaseUrl): Promise<EndpointMetadataResultV1_0_15>;
|
|
515
379
|
/**
|
|
516
380
|
* Retrieve the metada using the initiation request obtained from a previous step
|
|
517
381
|
* @param request
|
|
518
382
|
*/
|
|
519
|
-
static retrieveAllMetadataFromCredentialOfferRequest(request:
|
|
383
|
+
static retrieveAllMetadataFromCredentialOfferRequest(request: CredentialOfferPayloadV1_0_15): Promise<EndpointMetadataResultV1_0_15>;
|
|
520
384
|
/**
|
|
521
385
|
* Retrieve all metadata from an issuer
|
|
522
386
|
* @param issuer The issuer URL
|
|
@@ -524,7 +388,7 @@ declare class MetadataClientV1_0_13 {
|
|
|
524
388
|
*/
|
|
525
389
|
static retrieveAllMetadata(issuer: string, opts?: {
|
|
526
390
|
errorOnNotFound: boolean;
|
|
527
|
-
}): Promise<
|
|
391
|
+
}): Promise<EndpointMetadataResultV1_0_15>;
|
|
528
392
|
/**
|
|
529
393
|
* Retrieve only the OID4VCI metadata for the issuer. So no OIDC/OAuth2 metadata
|
|
530
394
|
*
|
|
@@ -533,157 +397,17 @@ declare class MetadataClientV1_0_13 {
|
|
|
533
397
|
*/
|
|
534
398
|
static retrieveOpenID4VCIServerMetadata(issuerHost: string, opts?: {
|
|
535
399
|
errorOnNotFound?: boolean;
|
|
536
|
-
}): Promise<OpenIDResponse<
|
|
537
|
-
}
|
|
538
|
-
|
|
539
|
-
declare class MetadataClientV1_0_11 {
|
|
540
|
-
/**
|
|
541
|
-
* Retrieve metadata using the Initiation obtained from a previous step
|
|
542
|
-
*
|
|
543
|
-
* @param credentialOffer
|
|
544
|
-
*/
|
|
545
|
-
static retrieveAllMetadataFromCredentialOffer(credentialOffer: CredentialOfferRequestWithBaseUrl): Promise<EndpointMetadataResultV1_0_11>;
|
|
546
|
-
/**
|
|
547
|
-
* Retrieve the metada using the initiation request obtained from a previous step
|
|
548
|
-
* @param request
|
|
549
|
-
*/
|
|
550
|
-
static retrieveAllMetadataFromCredentialOfferRequest(request: CredentialOfferPayload): Promise<EndpointMetadataResultV1_0_11>;
|
|
551
|
-
/**
|
|
552
|
-
* Retrieve all metadata from an issuer
|
|
553
|
-
* @param issuer The issuer URL
|
|
554
|
-
* @param opts
|
|
555
|
-
*/
|
|
556
|
-
static retrieveAllMetadata(issuer: string, opts?: {
|
|
557
|
-
errorOnNotFound: boolean;
|
|
558
|
-
}): Promise<EndpointMetadataResultV1_0_11>;
|
|
559
|
-
/**
|
|
560
|
-
* Retrieve only the OID4VCI metadata for the issuer. So no OIDC/OAuth2 metadata
|
|
561
|
-
*
|
|
562
|
-
* @param issuerHost The issuer hostname
|
|
563
|
-
*/
|
|
564
|
-
static retrieveOpenID4VCIServerMetadata(issuerHost: string, opts?: {
|
|
565
|
-
errorOnNotFound?: boolean;
|
|
566
|
-
}): Promise<OpenIDResponse<CredentialIssuerMetadataV1_0_11> | undefined>;
|
|
567
|
-
}
|
|
568
|
-
|
|
569
|
-
interface OpenID4VCIClientStateV1_0_11 {
|
|
570
|
-
credentialIssuer: string;
|
|
571
|
-
credentialOffer?: CredentialOfferRequestWithBaseUrl;
|
|
572
|
-
clientId?: string;
|
|
573
|
-
kid?: string;
|
|
574
|
-
jwk?: JWK;
|
|
575
|
-
alg?: Alg | string;
|
|
576
|
-
endpointMetadata?: EndpointMetadataResultV1_0_11;
|
|
577
|
-
accessTokenResponse?: AccessTokenResponse;
|
|
578
|
-
dpopResponseParams?: DPoPResponseParams;
|
|
579
|
-
authorizationRequestOpts?: AuthorizationRequestOpts;
|
|
580
|
-
authorizationCodeResponse?: AuthorizationResponse | AuthorizationChallengeCodeResponse;
|
|
581
|
-
pkce: PKCEOpts;
|
|
582
|
-
accessToken?: string;
|
|
583
|
-
authorizationURL?: string;
|
|
584
|
-
}
|
|
585
|
-
declare class OpenID4VCIClientV1_0_11 {
|
|
586
|
-
private readonly _state;
|
|
587
|
-
private constructor();
|
|
588
|
-
static fromCredentialIssuer({ kid, alg, retrieveServerMetadata, clientId, credentialIssuer, pkce, authorizationRequest, createAuthorizationRequestURL, }: {
|
|
589
|
-
credentialIssuer: string;
|
|
590
|
-
kid?: string;
|
|
591
|
-
alg?: Alg | string;
|
|
592
|
-
retrieveServerMetadata?: boolean;
|
|
593
|
-
clientId?: string;
|
|
594
|
-
createAuthorizationRequestURL?: boolean;
|
|
595
|
-
authorizationRequest?: AuthorizationRequestOpts;
|
|
596
|
-
pkce?: PKCEOpts;
|
|
597
|
-
}): Promise<OpenID4VCIClientV1_0_11>;
|
|
598
|
-
static fromState({ state }: {
|
|
599
|
-
state: OpenID4VCIClientStateV1_0_11 | string;
|
|
600
|
-
}): Promise<OpenID4VCIClientV1_0_11>;
|
|
601
|
-
static fromURI({ uri, kid, alg, retrieveServerMetadata, clientId, pkce, createAuthorizationRequestURL, authorizationRequest, resolveOfferUri, }: {
|
|
602
|
-
uri: string;
|
|
603
|
-
kid?: string;
|
|
604
|
-
alg?: Alg | string;
|
|
605
|
-
retrieveServerMetadata?: boolean;
|
|
606
|
-
createAuthorizationRequestURL?: boolean;
|
|
607
|
-
resolveOfferUri?: boolean;
|
|
608
|
-
pkce?: PKCEOpts;
|
|
609
|
-
clientId?: string;
|
|
610
|
-
authorizationRequest?: AuthorizationRequestOpts;
|
|
611
|
-
}): Promise<OpenID4VCIClientV1_0_11>;
|
|
612
|
-
/**
|
|
613
|
-
* Allows you to create an Authorization Request URL when using an Authorization Code flow. This URL needs to be accessed using the front channel (browser)
|
|
614
|
-
*
|
|
615
|
-
* The Identity provider would present a login screen typically; after you authenticated, it would redirect to the provided redirectUri; which can be same device or cross-device
|
|
616
|
-
* @param opts
|
|
617
|
-
*/
|
|
618
|
-
createAuthorizationRequestUrl(opts?: {
|
|
619
|
-
authorizationRequest?: AuthorizationRequestOpts;
|
|
620
|
-
pkce?: PKCEOpts;
|
|
621
|
-
}): Promise<string>;
|
|
622
|
-
retrieveServerMetadata(): Promise<EndpointMetadataResultV1_0_11>;
|
|
623
|
-
private calculatePKCEOpts;
|
|
624
|
-
acquireAuthorizationChallengeCode(opts?: AuthorizationChallengeRequestOpts): Promise<AuthorizationChallengeCodeResponse>;
|
|
625
|
-
acquireAccessToken(opts?: Omit<AccessTokenRequestOpts, 'credentialOffer' | 'credentialIssuer' | 'metadata' | 'additionalParams'> & {
|
|
626
|
-
clientId?: string;
|
|
627
|
-
authorizationResponse?: string | AuthorizationResponse | AuthorizationChallengeCodeResponse;
|
|
628
|
-
additionalRequestParams?: Record<string, any>;
|
|
629
|
-
}): Promise<AccessTokenResponse & {
|
|
630
|
-
params?: DPoPResponseParams;
|
|
631
|
-
}>;
|
|
632
|
-
acquireCredentials({ credentialTypes, context, proofCallbacks, format, kid, jwk, alg, jti, deferredCredentialAwait, deferredCredentialIntervalInMS, createDPoPOpts, }: {
|
|
633
|
-
credentialTypes: string | string[];
|
|
634
|
-
context?: string[];
|
|
635
|
-
proofCallbacks: ProofOfPossessionCallbacks;
|
|
636
|
-
format?: CredentialFormat | OID4VCICredentialFormat;
|
|
637
|
-
kid?: string;
|
|
638
|
-
jwk?: JWK;
|
|
639
|
-
alg?: Alg | string;
|
|
640
|
-
jti?: string;
|
|
641
|
-
deferredCredentialAwait?: boolean;
|
|
642
|
-
deferredCredentialIntervalInMS?: number;
|
|
643
|
-
createDPoPOpts?: CreateDPoPClientOpts;
|
|
644
|
-
}): Promise<CredentialResponse>;
|
|
645
|
-
exportState(): Promise<string>;
|
|
646
|
-
getCredentialsSupportedV11(restrictToInitiationTypes: boolean, format?: (OID4VCICredentialFormat | string) | (OID4VCICredentialFormat | string)[]): Record<string, CredentialConfigurationSupported>;
|
|
647
|
-
getCredentialsSupported(format?: (OID4VCICredentialFormat | string) | (OID4VCICredentialFormat | string)[]): CredentialConfigurationSupported[];
|
|
648
|
-
getCredentialOfferTypes(): string[][];
|
|
649
|
-
issuerSupportedFlowTypes(): AuthzFlowType[];
|
|
650
|
-
isFlowTypeSupported(flowType: AuthzFlowType): boolean;
|
|
651
|
-
get authorizationURL(): string | undefined;
|
|
652
|
-
hasAuthorizationURL(): boolean;
|
|
653
|
-
get credentialOffer(): CredentialOfferRequestWithBaseUrl | undefined;
|
|
654
|
-
version(): OpenId4VCIVersion;
|
|
655
|
-
get endpointMetadata(): EndpointMetadataResultV1_0_11;
|
|
656
|
-
get kid(): string;
|
|
657
|
-
get alg(): string;
|
|
658
|
-
set clientId(value: string | undefined);
|
|
659
|
-
get clientId(): string | undefined;
|
|
660
|
-
hasAccessTokenResponse(): boolean;
|
|
661
|
-
get accessTokenResponse(): AccessTokenResponse;
|
|
662
|
-
get dpopResponseParams(): DPoPResponseParams | undefined;
|
|
663
|
-
getIssuer(): string;
|
|
664
|
-
getAccessTokenEndpoint(): string;
|
|
665
|
-
getCredentialEndpoint(): string;
|
|
666
|
-
hasDeferredCredentialEndpoint(): boolean;
|
|
667
|
-
getDeferredCredentialEndpoint(): string;
|
|
668
|
-
/**
|
|
669
|
-
* Too bad we need a method like this, but EBSI is not exposing metadata
|
|
670
|
-
*/
|
|
671
|
-
isEBSI(): boolean | undefined;
|
|
672
|
-
private assertIssuerData;
|
|
673
|
-
private assertServerMetadata;
|
|
674
|
-
private assertAccessToken;
|
|
675
|
-
private syncAuthorizationRequestOpts;
|
|
676
|
-
private getAuthorizationCode;
|
|
400
|
+
}): Promise<OpenIDResponse<IssuerMetadataV1_0_15> | undefined>;
|
|
677
401
|
}
|
|
678
402
|
|
|
679
|
-
interface
|
|
403
|
+
interface OpenID4VCIClientStateV1_0_15 {
|
|
680
404
|
credentialIssuer: string;
|
|
681
405
|
credentialOffer?: CredentialOfferRequestWithBaseUrl;
|
|
682
406
|
clientId?: string;
|
|
683
407
|
kid?: string;
|
|
684
408
|
jwk?: JWK;
|
|
685
409
|
alg?: Alg | string;
|
|
686
|
-
endpointMetadata?:
|
|
410
|
+
endpointMetadata?: EndpointMetadataResultV1_0_15;
|
|
687
411
|
accessTokenResponse?: AccessTokenResponse;
|
|
688
412
|
dpopResponseParams?: DPoPResponseParams;
|
|
689
413
|
authorizationRequestOpts?: AuthorizationRequestOpts;
|
|
@@ -691,12 +415,13 @@ interface OpenID4VCIClientStateV1_0_13 {
|
|
|
691
415
|
pkce: PKCEOpts;
|
|
692
416
|
accessToken?: string;
|
|
693
417
|
authorizationURL?: string;
|
|
694
|
-
|
|
418
|
+
cachedCNonce?: string;
|
|
419
|
+
keyAttestation?: string;
|
|
695
420
|
}
|
|
696
|
-
declare class
|
|
421
|
+
declare class OpenID4VCIClientV1_0_15 {
|
|
697
422
|
private readonly _state;
|
|
698
423
|
private constructor();
|
|
699
|
-
static fromCredentialIssuer({ kid, alg, retrieveServerMetadata, clientId, credentialIssuer, pkce, authorizationRequest, createAuthorizationRequestURL, }: {
|
|
424
|
+
static fromCredentialIssuer({ kid, alg, retrieveServerMetadata, clientId, credentialIssuer, pkce, authorizationRequest, createAuthorizationRequestURL, keyAttestation }: {
|
|
700
425
|
credentialIssuer: string;
|
|
701
426
|
kid?: string;
|
|
702
427
|
alg?: Alg | string;
|
|
@@ -705,11 +430,12 @@ declare class OpenID4VCIClientV1_0_13 {
|
|
|
705
430
|
createAuthorizationRequestURL?: boolean;
|
|
706
431
|
authorizationRequest?: AuthorizationRequestOpts;
|
|
707
432
|
pkce?: PKCEOpts;
|
|
708
|
-
|
|
433
|
+
keyAttestation?: string;
|
|
434
|
+
}): Promise<OpenID4VCIClientV1_0_15>;
|
|
709
435
|
static fromState({ state }: {
|
|
710
|
-
state:
|
|
711
|
-
}): Promise<
|
|
712
|
-
static fromURI({ uri, kid, alg, retrieveServerMetadata, clientId, pkce, createAuthorizationRequestURL, authorizationRequest, resolveOfferUri, }: {
|
|
436
|
+
state: OpenID4VCIClientStateV1_0_15 | string;
|
|
437
|
+
}): Promise<OpenID4VCIClientV1_0_15>;
|
|
438
|
+
static fromURI({ uri, kid, alg, retrieveServerMetadata, clientId, pkce, createAuthorizationRequestURL, authorizationRequest, resolveOfferUri, keyAttestation }: {
|
|
713
439
|
uri: string;
|
|
714
440
|
kid?: string;
|
|
715
441
|
alg?: Alg | string;
|
|
@@ -719,18 +445,14 @@ declare class OpenID4VCIClientV1_0_13 {
|
|
|
719
445
|
pkce?: PKCEOpts;
|
|
720
446
|
clientId?: string;
|
|
721
447
|
authorizationRequest?: AuthorizationRequestOpts;
|
|
722
|
-
|
|
723
|
-
|
|
724
|
-
* Allows you to create an Authorization Request URL when using an Authorization Code flow. This URL needs to be accessed using the front channel (browser)
|
|
725
|
-
*
|
|
726
|
-
* The Identity provider would present a login screen typically; after you authenticated, it would redirect to the provided redirectUri; which can be same device or cross-device
|
|
727
|
-
* @param opts
|
|
728
|
-
*/
|
|
448
|
+
keyAttestation?: string;
|
|
449
|
+
}): Promise<OpenID4VCIClientV1_0_15>;
|
|
729
450
|
createAuthorizationRequestUrl(opts?: {
|
|
730
451
|
authorizationRequest?: AuthorizationRequestOpts;
|
|
731
452
|
pkce?: PKCEOpts;
|
|
732
453
|
}): Promise<string>;
|
|
733
|
-
retrieveServerMetadata(): Promise<
|
|
454
|
+
retrieveServerMetadata(): Promise<EndpointMetadataResultV1_0_15>;
|
|
455
|
+
acquireNonce(): Promise<string>;
|
|
734
456
|
private calculatePKCEOpts;
|
|
735
457
|
acquireAuthorizationChallengeCode(opts?: AuthorizationChallengeRequestOpts): Promise<AuthorizationChallengeCodeResponse>;
|
|
736
458
|
acquireAccessToken(opts?: Omit<AccessTokenRequestOpts, 'credentialOffer' | 'credentialIssuer' | 'metadata' | 'additionalParams'> & {
|
|
@@ -740,50 +462,35 @@ declare class OpenID4VCIClientV1_0_13 {
|
|
|
740
462
|
}): Promise<AccessTokenResponse & {
|
|
741
463
|
params?: DPoPResponseParams;
|
|
742
464
|
}>;
|
|
743
|
-
|
|
744
|
-
credentialIdentifier?: string;
|
|
745
|
-
credentialTypes?: string | string[];
|
|
746
|
-
context?: string[];
|
|
747
|
-
format?: CredentialFormat | OID4VCICredentialFormat;
|
|
748
|
-
kid?: string;
|
|
749
|
-
jwk?: JWK;
|
|
750
|
-
alg?: Alg | string;
|
|
751
|
-
jti?: string;
|
|
752
|
-
deferredCredentialAwait?: boolean;
|
|
753
|
-
deferredCredentialIntervalInMS?: number;
|
|
754
|
-
experimentalHolderIssuanceSupported?: boolean;
|
|
755
|
-
createDPoPOpts?: CreateDPoPClientOpts;
|
|
756
|
-
}): Promise<CredentialResponse & {
|
|
757
|
-
access_token: string;
|
|
758
|
-
}>;
|
|
759
|
-
acquireCredentials(args: {
|
|
465
|
+
acquireCredentials({ credentialIdentifier, credentialConfigurationId, credentialTypes, context, proofCallbacks, format, kid, jwk, alg, jti, deferredCredentialAwait, deferredCredentialIntervalInMS, createDPoPOpts }: {
|
|
760
466
|
credentialIdentifier?: string;
|
|
467
|
+
credentialConfigurationId?: string;
|
|
761
468
|
credentialTypes?: string | string[];
|
|
762
469
|
context?: string[];
|
|
763
470
|
proofCallbacks: ProofOfPossessionCallbacks;
|
|
764
|
-
format
|
|
471
|
+
format: CredentialFormat | OID4VCICredentialFormat;
|
|
765
472
|
kid?: string;
|
|
766
473
|
jwk?: JWK;
|
|
767
474
|
alg?: Alg | string;
|
|
768
475
|
jti?: string;
|
|
769
476
|
deferredCredentialAwait?: boolean;
|
|
770
477
|
deferredCredentialIntervalInMS?: number;
|
|
771
|
-
experimentalHolderIssuanceSupported?: boolean;
|
|
772
478
|
createDPoPOpts?: CreateDPoPClientOpts;
|
|
773
|
-
}): Promise<
|
|
479
|
+
}): Promise<CredentialResponseV1_0_15 & {
|
|
480
|
+
params?: DPoPResponseParams;
|
|
774
481
|
access_token: string;
|
|
775
482
|
}>;
|
|
776
|
-
private acquireCredentialsImpl;
|
|
777
483
|
exportState(): Promise<string>;
|
|
778
|
-
getCredentialsSupported(format?: (OID4VCICredentialFormat | string) | (OID4VCICredentialFormat | string)[]): Record<string,
|
|
484
|
+
getCredentialsSupported(restrictToInitiationTypes?: boolean, format?: (OID4VCICredentialFormat | string) | (OID4VCICredentialFormat | string)[]): Record<string, CredentialConfigurationSupportedV1_0_15>;
|
|
779
485
|
sendNotification(credentialRequestOpts: Partial<CredentialRequestOpts>, request: NotificationRequest, accessToken?: string): Promise<NotificationResponseResult>;
|
|
486
|
+
getCredentialOfferConfigurationIds(): string[];
|
|
780
487
|
issuerSupportedFlowTypes(): AuthzFlowType[];
|
|
781
488
|
isFlowTypeSupported(flowType: AuthzFlowType): boolean;
|
|
782
|
-
hasAuthorizationURL(): boolean;
|
|
783
489
|
get authorizationURL(): string | undefined;
|
|
490
|
+
hasAuthorizationURL(): boolean;
|
|
784
491
|
get credentialOffer(): CredentialOfferRequestWithBaseUrl | undefined;
|
|
785
492
|
version(): OpenId4VCIVersion;
|
|
786
|
-
get endpointMetadata():
|
|
493
|
+
get endpointMetadata(): EndpointMetadataResultV1_0_15;
|
|
787
494
|
get kid(): string;
|
|
788
495
|
get alg(): string;
|
|
789
496
|
set clientId(value: string | undefined);
|
|
@@ -791,15 +498,17 @@ declare class OpenID4VCIClientV1_0_13 {
|
|
|
791
498
|
hasAccessTokenResponse(): boolean;
|
|
792
499
|
get accessTokenResponse(): AccessTokenResponse;
|
|
793
500
|
get dpopResponseParams(): DPoPResponseParams | undefined;
|
|
501
|
+
get state(): OpenID4VCIClientStateV1_0_15;
|
|
794
502
|
getIssuer(): string;
|
|
795
503
|
getAccessTokenEndpoint(): string;
|
|
796
504
|
getCredentialEndpoint(): string;
|
|
505
|
+
getNonceEndpoint(): string | undefined;
|
|
506
|
+
hasNonceEndpoint(): boolean;
|
|
507
|
+
getAuthorizationChallengeEndpoint(): string | undefined;
|
|
508
|
+
hasAuthorizationChallengeEndpoint(): boolean;
|
|
797
509
|
hasDeferredCredentialEndpoint(): boolean;
|
|
798
|
-
getDeferredCredentialEndpoint(): string;
|
|
799
|
-
|
|
800
|
-
* Too bad we need a method like this, but EBSI is not exposing metadata
|
|
801
|
-
*/
|
|
802
|
-
isEBSI(): boolean;
|
|
510
|
+
getDeferredCredentialEndpoint(): string | undefined;
|
|
511
|
+
isEBSI(): any;
|
|
803
512
|
private assertIssuerData;
|
|
804
513
|
private assertServerMetadata;
|
|
805
514
|
private assertAccessToken;
|
|
@@ -807,12 +516,12 @@ declare class OpenID4VCIClientV1_0_13 {
|
|
|
807
516
|
private getAuthorizationCode;
|
|
808
517
|
}
|
|
809
518
|
|
|
810
|
-
type OpenID4VCIClientState =
|
|
811
|
-
type EndpointMetadataResult =
|
|
519
|
+
type OpenID4VCIClientState = OpenID4VCIClientStateV1_0_15;
|
|
520
|
+
type EndpointMetadataResult = EndpointMetadataResultV1_0_15;
|
|
812
521
|
declare class OpenID4VCIClient {
|
|
813
522
|
private readonly _state;
|
|
814
523
|
private constructor();
|
|
815
|
-
static fromCredentialIssuer({ kid, alg, retrieveServerMetadata, clientId, credentialIssuer, pkce, authorizationRequest, createAuthorizationRequestURL, endpointMetadata
|
|
524
|
+
static fromCredentialIssuer({ kid, alg, retrieveServerMetadata, clientId, credentialIssuer, pkce, authorizationRequest, createAuthorizationRequestURL, endpointMetadata }: {
|
|
816
525
|
credentialIssuer: string;
|
|
817
526
|
kid?: string;
|
|
818
527
|
alg?: Alg | string;
|
|
@@ -826,7 +535,7 @@ declare class OpenID4VCIClient {
|
|
|
826
535
|
static fromState({ state }: {
|
|
827
536
|
state: OpenID4VCIClientState | string;
|
|
828
537
|
}): Promise<OpenID4VCIClient>;
|
|
829
|
-
static fromURI({ uri, kid, alg, retrieveServerMetadata, clientId, pkce, createAuthorizationRequestURL, authorizationRequest, resolveOfferUri, endpointMetadata
|
|
538
|
+
static fromURI({ uri, kid, alg, retrieveServerMetadata, clientId, pkce, createAuthorizationRequestURL, authorizationRequest, resolveOfferUri, endpointMetadata }: {
|
|
830
539
|
uri: string;
|
|
831
540
|
kid?: string;
|
|
832
541
|
alg?: Alg | string;
|
|
@@ -858,11 +567,11 @@ declare class OpenID4VCIClient {
|
|
|
858
567
|
}): Promise<AccessTokenResponse & {
|
|
859
568
|
params?: DPoPResponseParams;
|
|
860
569
|
}>;
|
|
861
|
-
acquireCredentials({ credentialTypes, context, proofCallbacks, format, kid, jwk, alg, jti, deferredCredentialAwait, deferredCredentialIntervalInMS, createDPoPOpts
|
|
570
|
+
acquireCredentials({ credentialTypes, context, proofCallbacks, format, kid, jwk, alg, jti, deferredCredentialAwait, deferredCredentialIntervalInMS, createDPoPOpts }: {
|
|
862
571
|
credentialTypes: string | string[];
|
|
863
572
|
context?: string[];
|
|
864
573
|
proofCallbacks: ProofOfPossessionCallbacks;
|
|
865
|
-
format
|
|
574
|
+
format: CredentialFormat | OID4VCICredentialFormat;
|
|
866
575
|
kid?: string;
|
|
867
576
|
jwk?: JWK;
|
|
868
577
|
alg?: Alg | string;
|
|
@@ -871,14 +580,13 @@ declare class OpenID4VCIClient {
|
|
|
871
580
|
deferredCredentialIntervalInMS?: number;
|
|
872
581
|
experimentalHolderIssuanceSupported?: boolean;
|
|
873
582
|
createDPoPOpts?: CreateDPoPClientOpts;
|
|
874
|
-
}): Promise<
|
|
583
|
+
}): Promise<CredentialResponseV1_0_15 & {
|
|
875
584
|
params?: DPoPResponseParams;
|
|
876
585
|
access_token: string;
|
|
877
586
|
}>;
|
|
878
587
|
exportState(): Promise<string>;
|
|
879
|
-
getCredentialsSupported(
|
|
588
|
+
getCredentialsSupported(format?: (OID4VCICredentialFormat | string) | (OID4VCICredentialFormat | string)[]): Record<string, CredentialConfigurationSupportedV1_0_15> | Array<CredentialConfigurationSupported>;
|
|
880
589
|
sendNotification(credentialRequestOpts: Partial<CredentialRequestOpts>, request: NotificationRequest, accessToken?: string): Promise<NotificationResponseResult>;
|
|
881
|
-
getCredentialOfferTypes(): string[][] | undefined;
|
|
882
590
|
issuerSupportedFlowTypes(): AuthzFlowType[];
|
|
883
591
|
isFlowTypeSupported(flowType: AuthzFlowType): boolean;
|
|
884
592
|
get authorizationURL(): string | undefined;
|
|
@@ -909,8 +617,11 @@ declare class OpenID4VCIClient {
|
|
|
909
617
|
private assertAccessToken;
|
|
910
618
|
private syncAuthorizationRequestOpts;
|
|
911
619
|
private getAuthorizationCode;
|
|
620
|
+
private hasNonceEndpoint;
|
|
621
|
+
private acquireNonceViaV15Delegate;
|
|
622
|
+
private shouldRetryWithFreshNonce;
|
|
912
623
|
}
|
|
913
624
|
|
|
914
625
|
declare const LOG: ISimpleLogger<string>;
|
|
915
626
|
|
|
916
|
-
export { AccessTokenClient,
|
|
627
|
+
export { AccessTokenClient, type CreateCredentialRequestOpts, CredentialOfferClient, CredentialOfferClientV1_0_15, CredentialRequestClient, CredentialRequestClientBuilder, CredentialRequestClientBuilderV1_0_15, type CredentialRequestOpts, type EndpointMetadataResult, LOG, MetadataClient, MetadataClientV1_0_15, OpenID4VCIClient, type OpenID4VCIClientState, type OpenID4VCIClientStateV1_0_15, OpenID4VCIClientV1_0_15, ProofOfPossessionBuilder, acquireAuthorizationChallengeAuthCode, acquireAuthorizationChallengeAuthCodeUsingRequest, buildProof, constructBaseResponse, createAuthorizationChallengeRequest, createAuthorizationRequestUrl, createJwtBearerClientAssertion, createSignedAuthRequestWhenNeeded, generateMissingPKCEOpts, handleCredentialOfferUri, isUriEncoded, retrieveWellknown, sendAuthorizationChallengeRequest, sendNotification };
|