@sphereon/oid4vci-client 0.2.0 → 0.4.1-next.285

package/lib/__tests__/CredentialRequestClientBuilder.spec.ts

@@ -0,0 +1,121 @@
+import { KeyObject } from 'crypto';
+
+import {
+  Alg,
+  CredentialIssuerMetadata,
+  Jwt,
+  JWTPayload,
+  OpenId4VCIVersion,
+  ProofOfPossession,
+  UniformCredentialRequest,
+} from '@sphereon/oid4vci-common';
+import * as jose from 'jose';
+
+import { CredentialRequestClientBuilder, ProofOfPossessionBuilder } from '..';
+
+import { IDENTIPROOF_ISSUER_URL, IDENTIPROOF_OID4VCI_METADATA, INITIATION_TEST_URI, WALT_ISSUER_URL, WALT_OID4VCI_METADATA } from './MetadataMocks';
+
+const partialJWT = 'eyJhbGciOiJFUzI1NiJ9.eyJpc3MiOiJkaWQ6ZXhhbXBsZTplYmZlYjFmN';
+
+const jwt: Jwt = {
+  header: { alg: Alg.ES256, kid: 'did:example:ebfeb1f712ebc6f1c276e12ec21/keys/1', typ: 'jwt' },
+  payload: { iss: 'sphereon:wallet', nonce: 'tZignsnFbp', jti: 'tZignsnFbp223', aud: IDENTIPROOF_ISSUER_URL },
+};
+
+const kid = 'did:example:ebfeb1f712ebc6f1c276e12ec21/keys/1';
+
+let keypair: KeyPair;
+
+beforeAll(async () => {
+  const { privateKey, publicKey } = await jose.generateKeyPair('ES256');
+  keypair = { publicKey: publicKey as KeyObject, privateKey: privateKey as KeyObject };
+});
+
+async function proofOfPossessionCallbackFunction(args: Jwt, kid?: string): Promise<string> {
+  if (!args.payload.aud) {
+    throw Error('aud required');
+  } else if (!kid) {
+    throw Error('kid required');
+  }
+  return await new jose.SignJWT({ ...args.payload })
+    .setProtectedHeader({ alg: 'ES256' })
+    .setIssuedAt()
+    .setIssuer(kid)
+    .setAudience(args.payload.aud)
+    .setExpirationTime('2h')
+    .sign(keypair.privateKey);
+}
+
+interface KeyPair {
+  publicKey: KeyObject;
+  privateKey: KeyObject;
+}
+
+async function proofOfPossessionVerifierCallbackFunction(args: { jwt: string; kid?: string }): Promise<Jwt> {
+  const result = await jose.jwtVerify(args.jwt, keypair.publicKey);
+  return { header: result.protectedHeader, payload: result.payload as unknown as JWTPayload };
+}
+
+describe('Credential Request Client Builder', () => {
+  it('should build correctly provided with correct params', async function () {
+    const credReqClient = (await CredentialRequestClientBuilder.fromURI({ uri: INITIATION_TEST_URI }))
+      .withCredentialEndpoint('https://oidc4vci.demo.spruceid.com/credential')
+      .withFormat('jwt_vc')
+      .withCredentialType('credentialType')
+      .withToken('token')
+      .build();
+    expect(credReqClient.credentialRequestOpts.credentialEndpoint).toBe('https://oidc4vci.demo.spruceid.com/credential');
+    expect(credReqClient.credentialRequestOpts.format).toBe('jwt_vc');
+    expect(credReqClient.credentialRequestOpts.credentialTypes).toStrictEqual(['credentialType']);
+    expect(credReqClient.credentialRequestOpts.token).toBe('token');
+  });
+
+  it('should build credential request correctly', async () => {
+    const credReqClient = (await CredentialRequestClientBuilder.fromURI({ uri: INITIATION_TEST_URI }))
+      .withCredentialEndpoint('https://oidc4vci.demo.spruceid.com/credential')
+      .withFormat('jwt_vc')
+      .withCredentialType('https://imsglobal.github.io/openbadges-specification/ob_v3p0.html#OpenBadgeCredential')
+      .build();
+    const proof: ProofOfPossession = await ProofOfPossessionBuilder.fromJwt({
+      jwt,
+      callbacks: {
+        signCallback: proofOfPossessionCallbackFunction,
+        verifyCallback: proofOfPossessionVerifierCallbackFunction,
+      },
+      version: OpenId4VCIVersion.VER_1_0_08,
+    })
+      .withClientId('sphereon:wallet')
+      .withKid(kid)
+      .build();
+    await proofOfPossessionVerifierCallbackFunction({ ...proof, kid });
+    const credentialRequest: UniformCredentialRequest = await credReqClient.createCredentialRequest({
+      proofInput: proof,
+      version: OpenId4VCIVersion.VER_1_0_08,
+    });
+    expect(credentialRequest.proof?.jwt).toContain(partialJWT);
+    expect('types' in credentialRequest).toBe(true);
+    if ('types' in credentialRequest) {
+      expect(credentialRequest.types).toStrictEqual(['https://imsglobal.github.io/openbadges-specification/ob_v3p0.html#OpenBadgeCredential']);
+    }
+  });
+
+  it('should build correctly from metadata', async () => {
+    const credReqClient = (
+      await CredentialRequestClientBuilder.fromURI({
+        uri: INITIATION_TEST_URI,
+        metadata: WALT_OID4VCI_METADATA,
+      })
+    )
+      .withFormat('jwt_vc')
+      .build();
+    expect(credReqClient.credentialRequestOpts.credentialEndpoint).toBe(`${WALT_ISSUER_URL}/credential`);
+  });
+
+  it('should build correctly with endpoint from metadata', async () => {
+    const credReqClient = (await CredentialRequestClientBuilder.fromURI({ uri: INITIATION_TEST_URI }))
+      .withFormat('jwt_vc')
+      .withCredentialEndpointFromMetadata(IDENTIPROOF_OID4VCI_METADATA as unknown as CredentialIssuerMetadata)
+      .build();
+    expect(credReqClient.credentialRequestOpts.credentialEndpoint).toBe(`${IDENTIPROOF_ISSUER_URL}/credential`);
+  });
+});

package/lib/__tests__/HttpUtils.spec.ts

@@ -0,0 +1,37 @@
+import { isValidURL } from '../functions';
+
+describe('httputils.isValidURL', () => {
+  it('Should return true for http://localhost', () => {
+    expect(isValidURL('http://localhost:4000/some/random/path')).toBeTruthy();
+  });
+  it('Should return false when no scheme is used', () => {
+    expect(isValidURL('sphereon.com/some/random/path')).toBeFalsy();
+  });
+  it('Should return false when a different scheme than http(s) is used', () => {
+    expect(isValidURL('ftp://sphereon.com/some/random/path')).toBeFalsy();
+  });
+  it('Should return false for invalid scheme http:xxx', () => {
+    expect(isValidURL('http:localhost:4000/some/random/path')).toBeFalsy();
+  });
+  it('Should return false for non-localhost hostname with no domain', () => {
+    expect(isValidURL('https://mydomain/some/random/path')).toBeFalsy();
+  });
+  it('Should return true for https://sphereon.com', () => {
+    expect(isValidURL('https://sphereon.com/some/random/path')).toBeTruthy();
+  });
+  it('Should return true for https://sphereon.com:400', () => {
+    expect(isValidURL('https://sphereon.com:400/some/random/path')).toBeTruthy();
+  });
+  it('Should return true when no path is supplied', () => {
+    expect(isValidURL('https://sphereon.com')).toBeTruthy();
+  });
+  it('Should return true for https://sphereon.com:400/some/random/path?query=param', () => {
+    expect(isValidURL('https://sphereon.com:400/some/random/path?query=param')).toBeTruthy();
+  });
+  it('Should return true for https://sphereon.com:400/some/random/path#fragment', () => {
+    expect(isValidURL('https://sphereon.com:400/some/random/path#fragment')).toBeTruthy();
+  });
+  it('Should return true for https://sphereon.com:400/some/random/path?query=param#fragment', () => {
+    expect(isValidURL('https://sphereon.com:400/some/random/path?query=param#fragment')).toBeTruthy();
+  });
+});

package/lib/__tests__/IT.spec.ts

@@ -0,0 +1,173 @@
+import {
+  AccessTokenResponse,
+  Alg,
+  AuthzFlowType,
+  CredentialOfferRequestWithBaseUrl,
+  Jwt,
+  OpenId4VCIVersion,
+  ProofOfPossession,
+} from '@sphereon/oid4vci-common';
+// eslint-disable-next-line @typescript-eslint/ban-ts-comment
+// @ts-ignore
+import nock from 'nock';
+
+import { AccessTokenClient, CredentialRequestClientBuilder, OpenID4VCIClient, ProofOfPossessionBuilder } from '..';
+import { CredentialOfferClient } from '../CredentialOfferClient';
+
+import { IDENTIPROOF_AS_METADATA, IDENTIPROOF_AS_URL, IDENTIPROOF_ISSUER_URL, IDENTIPROOF_OID4VCI_METADATA } from './MetadataMocks';
+
+export const UNIT_TEST_TIMEOUT = 30000;
+
+const ISSUER_URL = 'https://issuer.research.identiproof.io';
+const jwt = {
+  header: { alg: Alg.ES256, kid: 'did:example:ebfeb1f712ebc6f1c276e12ec21/keys/1', typ: 'jwt' },
+  payload: { iss: 'test-clientId', nonce: 'tZignsnFbp', jti: 'tZignsnFbp223', aud: ISSUER_URL },
+};
+
+describe('OID4VCI-Client should', () => {
+  // eslint-disable-next-line @typescript-eslint/no-unused-vars
+  async function proofOfPossessionCallbackFunction(_args: Jwt, _kid?: string): Promise<string> {
+    return 'ey.val.ue';
+  }
+  beforeEach(() => {
+    nock.cleanAll();
+  });
+  afterEach(() => {
+    nock.cleanAll();
+  });
+
+  // Access token mocks
+  const mockedAccessTokenResponse: AccessTokenResponse = {
+    access_token: 'ey6546.546654.64565',
+    authorization_pending: false,
+    c_nonce: 'c_nonce2022101300',
+    c_nonce_expires_in: 2025101300,
+    interval: 2025101300,
+    token_type: 'Bearer',
+  };
+  const mockedVC =
+    'eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJ2YyI6eyJAY29udGV4dCI6WyJodHRwczovL3d3dy53My5vcmcvMjAxOC9jcmVkZW50aWFscy92MSIsImh0dHBzOi8vd3d3LnczLm9yZy8yMDE4L2NyZWRlbnRpYWxzL2V4YW1wbGVzL3YxIl0sImlkIjoiaHR0cDovL2V4YW1wbGUuZWR1L2NyZWRlbnRpYWxzLzM3MzIiLCJ0eXBlIjpbIlZlcmlmaWFibGVDcmVkZW50aWFsIiwiVW5pdmVyc2l0eURlZ3JlZUNyZWRlbnRpYWwiXSwiaXNzdWVyIjoiaHR0cHM6Ly9leGFtcGxlLmVkdS9pc3N1ZXJzLzU2NTA0OSIsImlzc3VhbmNlRGF0ZSI6IjIwMTAtMDEtMDFUMDA6MDA6MDBaIiwiY3JlZGVudGlhbFN1YmplY3QiOnsiaWQiOiJkaWQ6ZXhhbXBsZTplYmZlYjFmNzEyZWJjNmYxYzI3NmUxMmVjMjEiLCJkZWdyZWUiOnsidHlwZSI6IkJhY2hlbG9yRGVncmVlIiwibmFtZSI6IkJhY2hlbG9yIG9mIFNjaWVuY2UgYW5kIEFydHMifX19LCJpc3MiOiJodHRwczovL2V4YW1wbGUuZWR1L2lzc3VlcnMvNTY1MDQ5IiwibmJmIjoxMjYyMzA0MDAwLCJqdGkiOiJodHRwOi8vZXhhbXBsZS5lZHUvY3JlZGVudGlhbHMvMzczMiIsInN1YiI6ImRpZDpleGFtcGxlOmViZmViMWY3MTJlYmM2ZjFjMjc2ZTEyZWMyMSJ9.z5vgMTK1nfizNCg5N-niCOL3WUIAL7nXy-nGhDZYO_-PNGeE-0djCpWAMH8fD8eWSID5PfkPBYkx_dfLJnQ7NA';
+  const INITIATE_QR =
+    'openid-initiate-issuance://?issuer=https%3A%2F%2Fissuer.research.identiproof.io&credential_type=OpenBadgeCredentialUrl&pre-authorized_code=4jLs9xZHEfqcoow0kHE7d1a8hUk6Sy-5bVSV2MqBUGUgiFFQi-ImL62T-FmLIo8hKA1UdMPH0lM1xAgcFkJfxIw9L-lI3mVs0hRT8YVwsEM1ma6N3wzuCdwtMU4bcwKp&user_pin_required=true';
+  const OFFER_QR =
+    'openid-credential-offer://credential_offer=%7B%22credential_issuer%22:%22https://credential-issuer.example.com%22,%22credentials%22:%5B%7B%22format%22:%22jwt_vc_json%22,%22types%22:%5B%22VerifiableCredential%22,%22UniversityDegreeCredential%22%5D%7D%5D,%22issuer_state%22:%22eyJhbGciOiJSU0Et...FYUaBy%22%7D';
+
+  function succeedWithAFullFlowWithClientSetup() {
+    nock(IDENTIPROOF_ISSUER_URL).get('/.well-known/openid-credential-issuer').reply(200, JSON.stringify(IDENTIPROOF_OID4VCI_METADATA));
+    nock(IDENTIPROOF_AS_URL).get('/.well-known/oauth-authorization-server').reply(200, JSON.stringify(IDENTIPROOF_AS_METADATA));
+    nock(IDENTIPROOF_AS_URL)
+      .post(/oauth2\/token.*/)
+      .reply(200, JSON.stringify(mockedAccessTokenResponse));
+    nock(ISSUER_URL)
+      .post(/credential/)
+      .reply(200, {
+        format: 'jwt-vc',
+        credential: mockedVC,
+      });
+  }
+
+  it('succeed with a full flow with the client using OpenID4VCI version 9', async () => {
+    succeedWithAFullFlowWithClientSetup();
+    const client = await OpenID4VCIClient.fromURI({
+      uri: INITIATE_QR,
+      flowType: AuthzFlowType.PRE_AUTHORIZED_CODE_FLOW,
+      kid: 'did:example:ebfeb1f712ebc6f1c276e12ec21/keys/1',
+      alg: Alg.ES256,
+      clientId: 'test-clientId',
+    });
+    await assertionOfsucceedWithAFullFlowWithClient(client);
+  });
+
+  test.skip('succeed with a full flow wit the client using OpenID4VCI version 11', async () => {
+    succeedWithAFullFlowWithClientSetup();
+    const client = await OpenID4VCIClient.fromURI({
+      uri: OFFER_QR,
+      flowType: AuthzFlowType.PRE_AUTHORIZED_CODE_FLOW,
+      kid: 'did:example:ebfeb1f712ebc6f1c276e12ec21/keys/1',
+      alg: Alg.ES256,
+      clientId: 'test-clientId',
+    });
+    await assertionOfsucceedWithAFullFlowWithClient(client);
+  });
+
+  async function assertionOfsucceedWithAFullFlowWithClient(client: OpenID4VCIClient) {
+    expect(client.flowType).toEqual(AuthzFlowType.PRE_AUTHORIZED_CODE_FLOW);
+    expect(client.credentialOffer).toBeDefined();
+    expect(client.endpointMetadata).toBeDefined();
+    expect(client.getIssuer()).toEqual('https://issuer.research.identiproof.io');
+    expect(client.getCredentialEndpoint()).toEqual('https://issuer.research.identiproof.io/credential');
+    expect(client.getAccessTokenEndpoint()).toEqual('https://auth.research.identiproof.io/oauth2/token');
+
+    const accessToken = await client.acquireAccessToken({ pin: '1234' });
+    expect(accessToken).toEqual(mockedAccessTokenResponse);
+
+    const credentialResponse = await client.acquireCredentials({
+      credentialTypes: 'OpenBadgeCredential',
+      format: 'jwt_vc_json-ld',
+      proofCallbacks: {
+        signCallback: proofOfPossessionCallbackFunction,
+      },
+    });
+    expect(credentialResponse.credential).toEqual(mockedVC);
+  }
+
+  it(
+    'succeed with a full flow without the client',
+    async () => {
+      /* Convert the URI into an object */
+      const credentialOffer: CredentialOfferRequestWithBaseUrl = await CredentialOfferClient.fromURI(INITIATE_QR);
+
+      expect(credentialOffer.baseUrl).toEqual('openid-initiate-issuance://');
+      expect(credentialOffer.original_credential_offer).toEqual({
+        credential_type: ['OpenBadgeCredentialUrl'],
+        issuer: ISSUER_URL,
+        'pre-authorized_code':
+          '4jLs9xZHEfqcoow0kHE7d1a8hUk6Sy-5bVSV2MqBUGUgiFFQi-ImL62T-FmLIo8hKA1UdMPH0lM1xAgcFkJfxIw9L-lI3mVs0hRT8YVwsEM1ma6N3wzuCdwtMU4bcwKp',
+        user_pin_required: 'true',
+      });
+
+      nock(ISSUER_URL)
+        .post(/token.*/)
+        .reply(200, JSON.stringify(mockedAccessTokenResponse));
+
+      /* The actual access token calls */
+      const accessTokenClient: AccessTokenClient = new AccessTokenClient();
+      const accessTokenResponse = await accessTokenClient.acquireAccessToken({ credentialOffer: credentialOffer, pin: '1234' });
+      expect(accessTokenResponse.successBody).toEqual(mockedAccessTokenResponse);
+      // Get the credential
+      nock(ISSUER_URL)
+        .post(/credential/)
+        .reply(200, {
+          format: 'jwt-vc',
+          credential: mockedVC,
+        });
+      const credReqClient = CredentialRequestClientBuilder.fromCredentialOffer({ credentialOffer: credentialOffer })
+        .withFormat('jwt_vc')
+
+        .withTokenFromResponse(accessTokenResponse.successBody!)
+        .build();
+
+      //TS2322: Type '(args: ProofOfPossessionCallbackArgs) => Promise<string>'
+      // is not assignable to type 'ProofOfPossessionCallback'.
+      // Types of parameters 'args' and 'args' are incompatible.
+      // Property 'kid' is missing in type '{ header: unknown; payload: unknown; }' but required in type 'ProofOfPossessionCallbackArgs'.
+      const proof: ProofOfPossession = await ProofOfPossessionBuilder.fromJwt({
+        jwt,
+        callbacks: {
+          signCallback: proofOfPossessionCallbackFunction,
+        },
+        version: OpenId4VCIVersion.VER_1_0_11,
+      })
+        .withEndpointMetadata({
+          issuer: 'https://issuer.research.identiproof.io',
+          credential_endpoint: 'https://issuer.research.identiproof.io/credential',
+          token_endpoint: 'https://issuer.research.identiproof.io/token',
+        })
+        .withKid('did:example:ebfeb1f712ebc6f1c276e12ec21/keys/1')
+        .build();
+      const credResponse = await credReqClient.acquireCredentialsUsingProof({ proofInput: proof });
+      expect(credResponse.successBody?.credential).toEqual(mockedVC);
+    },
+    UNIT_TEST_TIMEOUT
+  );
+});

package/lib/__tests__/IssuanceInitiation.spec.ts

@@ -0,0 +1,48 @@
+import { CredentialOfferClient } from '../CredentialOfferClient';
+
+import { INITIATION_TEST, INITIATION_TEST_HTTPS_URI, INITIATION_TEST_URI } from './MetadataMocks';
+
+describe('Issuance Initiation', () => {
+  it('Should return Issuance Initiation Request with base URL from https URI', async () => {
+    expect(await CredentialOfferClient.fromURI(INITIATION_TEST_HTTPS_URI)).toEqual({
+      baseUrl: 'https://server.example.com',
+      credential_offer: {
+        credential_issuer: 'https://server.example.com',
+        credentials: ['https://did.example.org/healthCard', 'https://did.example.org/driverLicense'],
+        grants: {
+          authorization_code: {
+            issuer_state: 'eyJhbGciOiJSU0Et...FYUaBy',
+          },
+        },
+      },
+      issuerState: 'eyJhbGciOiJSU0Et...FYUaBy',
+      original_credential_offer: {
+        credential_type: ['https://did.example.org/healthCard', 'https://did.example.org/driverLicense'],
+        issuer: 'https://server.example.com',
+        op_state: 'eyJhbGciOiJSU0Et...FYUaBy',
+      },
+      scheme: 'https',
+      supportedFlows: ['Authorization Code Flow'],
+      userPinRequired: false,
+      version: 1008,
+    });
+  });
+
+  it('Should return Issuance Initiation Request with base URL from openid-initiate-issuance URI', async () => {
+    expect(await CredentialOfferClient.fromURI(INITIATION_TEST_URI)).toEqual(INITIATION_TEST);
+  });
+
+  it('Should return Issuance Initiation URI from request', async () => {
+    expect(CredentialOfferClient.toURI(INITIATION_TEST)).toEqual(INITIATION_TEST_URI);
+  });
+
+  it('Should return URI from Issuance Initiation Request', async () => {
+    const issuanceInitiationClient = await CredentialOfferClient.fromURI(INITIATION_TEST_HTTPS_URI);
+    expect(CredentialOfferClient.toURI(issuanceInitiationClient)).toEqual(INITIATION_TEST_HTTPS_URI);
+  });
+
+  it('Should throw error on invalid URI', async () => {
+    const issuanceInitiationURI = INITIATION_TEST_HTTPS_URI.replace('?', '');
+    await expect(async () => CredentialOfferClient.fromURI(issuanceInitiationURI)).rejects.toThrowError('Invalid Credential Offer Request');
+  });
+});

package/lib/__tests__/JsonURIConversions.spec.ts

@@ -0,0 +1,146 @@
+import { convertJsonToURI, convertURIToJsonObject, OpenId4VCIVersion } from '@sphereon/oid4vci-common';
+
+describe('JSON To URI v8', () => {
+  it('should parse an object into open-id-URI with a single credential_type', () => {
+    expect(
+      convertJsonToURI(
+        {
+          issuer: 'https://server.example.com',
+          credential_type: 'https://did.example.org/healthCard',
+          op_state: 'eyJhbGciOiJSU0Et...FYUaBy',
+        },
+        {
+          uriTypeProperties: ['issuer', 'credential_type'],
+          version: OpenId4VCIVersion.VER_1_0_08,
+        }
+      )
+    ).toEqual(
+      'issuer=https%3A%2F%2Fserver%2Eexample%2Ecom&credential_type=https%3A%2F%2Fdid%2Eexample%2Eorg%2FhealthCard&op_state=eyJhbGciOiJSU0Et...FYUaBy'
+    );
+  });
+  it('should parse an object into open-id-URI with an array of credential_type', () => {
+    expect(
+      convertJsonToURI(
+        {
+          issuer: 'https://server.example.com',
+          credential_type: ['https://did.example.org/healthCard', 'https://did.example.org/driverLicense'],
+          op_state: 'eyJhbGciOiJSU0Et...FYUaBy',
+        },
+        {
+          arrayTypeProperties: ['credential_type'],
+          uriTypeProperties: ['issuer', 'credential_type'],
+          version: OpenId4VCIVersion.VER_1_0_08,
+        }
+      )
+    ).toEqual(
+      'issuer=https%3A%2F%2Fserver%2Eexample%2Ecom&credential_type=https%3A%2F%2Fdid%2Eexample%2Eorg%2FhealthCard&credential_type=https%3A%2F%2Fdid%2Eexample%2Eorg%2FdriverLicense&op_state=eyJhbGciOiJSU0Et...FYUaBy'
+    );
+  });
+  it('should parse an object into open-id-URI with an array of credential_type and json string', () => {
+    expect(
+      convertJsonToURI(
+        JSON.stringify({
+          issuer: 'https://server.example.com',
+          credential_type: ['https://did.example.org/healthCard', 'https://did.example.org/driverLicense'],
+          op_state: 'eyJhbGciOiJSU0Et...FYUaBy',
+        }),
+        {
+          arrayTypeProperties: ['credential_type'],
+          uriTypeProperties: ['issuer', 'credential_type'],
+          version: OpenId4VCIVersion.VER_1_0_08,
+        }
+      )
+    ).toEqual(
+      'issuer=https%3A%2F%2Fserver%2Eexample%2Ecom&credential_type=https%3A%2F%2Fdid%2Eexample%2Eorg%2FhealthCard&credential_type=https%3A%2F%2Fdid%2Eexample%2Eorg%2FdriverLicense&op_state=eyJhbGciOiJSU0Et...FYUaBy'
+    );
+  });
+});
+
+describe('JSON To URI v9', () => {
+  it('should parse an object into open-id-URI with a single credential_type', () => {
+    expect(
+      convertJsonToURI(
+        {
+          issuer: 'https://server.example.com',
+          credential_type: 'https://did.example.org/healthCard',
+          op_state: 'eyJhbGciOiJSU0Et...FYUaBy',
+        },
+        {
+          uriTypeProperties: ['issuer', 'credential_type'],
+          version: OpenId4VCIVersion.VER_1_0_09,
+        }
+      )
+    ).toEqual(
+      '%7B%22issuer%22%3A%22https%3A%2F%2Fserver.example.com%22%2C%22credential_type%22%3A%22https%3A%2F%2Fdid.example.org%2FhealthCard%22%2C%22op_state%22%3A%22eyJhbGciOiJSU0Et...FYUaBy%22%7D'
+    );
+  });
+  it('should parse an object into open-id-URI with an array of credential_type', () => {
+    expect(
+      convertJsonToURI(
+        {
+          issuer: 'https://server.example.com',
+          credential_type: ['https://did.example.org/healthCard', 'https://did.example.org/driverLicense'],
+          op_state: 'eyJhbGciOiJSU0Et...FYUaBy',
+        },
+        {
+          arrayTypeProperties: ['credential_type'],
+          uriTypeProperties: ['issuer', 'credential_type'],
+          version: OpenId4VCIVersion.VER_1_0_09,
+        }
+      )
+    ).toEqual(
+      '%7B%22issuer%22%3A%22https%3A%2F%2Fserver.example.com%22%2C%22credential_type%22%3A%5B%22https%3A%2F%2Fdid.example.org%2FhealthCard%22%2C%22https%3A%2F%2Fdid.example.org%2FdriverLicense%22%5D%2C%22op_state%22%3A%22eyJhbGciOiJSU0Et...FYUaBy%22%7D'
+    );
+  });
+  it('should parse an object into open-id-URI with an array of credential_type and json string', () => {
+    expect(
+      convertJsonToURI(
+        JSON.stringify({
+          issuer: 'https://server.example.com',
+          credential_type: ['https://did.example.org/healthCard', 'https://did.example.org/driverLicense'],
+          op_state: 'eyJhbGciOiJSU0Et...FYUaBy',
+        }),
+        {
+          arrayTypeProperties: ['credential_type'],
+          uriTypeProperties: ['issuer', 'credential_type'],
+          version: OpenId4VCIVersion.VER_1_0_09,
+        }
+      )
+    ).toEqual(
+      '%7B%22issuer%22%3A%22https%3A%2F%2Fserver.example.com%22%2C%22credential_type%22%3A%5B%22https%3A%2F%2Fdid.example.org%2FhealthCard%22%2C%22https%3A%2F%2Fdid.example.org%2FdriverLicense%22%5D%2C%22op_state%22%3A%22eyJhbGciOiJSU0Et...FYUaBy%22%7D'
+    );
+  });
+});
+
+describe('URI To Json Object', () => {
+  it('should parse open-id-URI as json object with a single credential_type', () => {
+    expect(
+      convertURIToJsonObject(
+        'issuer=https%3A%2F%2Fserver%2Eexample%2Ecom&credential_type=https%3A%2F%2Fdid%2Eexample%2Eorg%2FhealthCard&op_state=eyJhbGciOiJSU0Et...FYUaBy',
+        {
+          arrayTypeProperties: ['credential_type'],
+          requiredProperties: ['issuer', 'credential_type'],
+        }
+      )
+    ).toEqual({
+      issuer: 'https://server.example.com',
+      credential_type: ['https://did.example.org/healthCard'],
+      op_state: 'eyJhbGciOiJSU0Et...FYUaBy',
+    });
+  });
+  it('should parse open-id-URI as json object with an array of credential_type', () => {
+    expect(
+      convertURIToJsonObject(
+        'issuer=https%3A%2F%2Fserver%2Eexample%2Ecom&credential_type=https%3A%2F%2Fdid%2Eexample%2Eorg%2FhealthCard&credential_type=https%3A%2F%2Fdid%2Eexample%2Eorg%2FdriverLicense&op_state=eyJhbGciOiJSU0Et...FYUaBy',
+        {
+          arrayTypeProperties: ['credential_type'],
+          requiredProperties: ['issuer', 'credential_type'],
+        }
+      )
+    ).toEqual({
+      issuer: 'https://server.example.com',
+      credential_type: ['https://did.example.org/healthCard', 'https://did.example.org/driverLicense'],
+      op_state: 'eyJhbGciOiJSU0Et...FYUaBy',
+    });
+  });
+});