@sphereon/oid4vci-client 0.2.0 → 0.4.1-next.285

package/dist/CredentialRequestClientBuilder.d.ts

@@ -0,0 +1,34 @@
+import { AccessTokenResponse, CredentialIssuerMetadata, CredentialOfferRequestWithBaseUrl, EndpointMetadata, OID4VCICredentialFormat, OpenId4VCIVersion, UniformCredentialOfferRequest } from '@sphereon/oid4vci-common';
+import { CredentialFormat } from '@sphereon/ssi-types';
+import { CredentialRequestClient } from './CredentialRequestClient';
+export declare class CredentialRequestClientBuilder {
+    credentialEndpoint?: string;
+    credentialTypes: string[];
+    format?: CredentialFormat | OID4VCICredentialFormat;
+    token?: string;
+    version?: OpenId4VCIVersion;
+    static fromURI({ uri, metadata }: {
+        uri: string;
+        metadata?: EndpointMetadata;
+    }): Promise<CredentialRequestClientBuilder>;
+    static fromCredentialOfferRequest(opts: {
+        request: UniformCredentialOfferRequest;
+        scheme?: string;
+        baseUrl?: string;
+        version?: OpenId4VCIVersion;
+        metadata?: EndpointMetadata;
+    }): CredentialRequestClientBuilder;
+    static fromCredentialOffer({ credentialOffer, metadata, }: {
+        credentialOffer: CredentialOfferRequestWithBaseUrl;
+        metadata?: EndpointMetadata;
+    }): CredentialRequestClientBuilder;
+    withCredentialEndpointFromMetadata(metadata: CredentialIssuerMetadata): CredentialRequestClientBuilder;
+    withCredentialEndpoint(credentialEndpoint: string): CredentialRequestClientBuilder;
+    withCredentialType(credentialTypes: string | string[]): CredentialRequestClientBuilder;
+    withFormat(format: CredentialFormat | OID4VCICredentialFormat): CredentialRequestClientBuilder;
+    withToken(accessToken: string): CredentialRequestClientBuilder;
+    withTokenFromResponse(response: AccessTokenResponse): CredentialRequestClientBuilder;
+    withVersion(version: OpenId4VCIVersion): CredentialRequestClientBuilder;
+    build(): CredentialRequestClient;
+}
+//# sourceMappingURL=CredentialRequestClientBuilder.d.ts.map

package/dist/CredentialRequestClientBuilder.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"CredentialRequestClientBuilder.d.ts","sourceRoot":"","sources":["../lib/CredentialRequestClientBuilder.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,mBAAmB,EACnB,wBAAwB,EAExB,iCAAiC,EAEjC,gBAAgB,EAEhB,uBAAuB,EACvB,iBAAiB,EACjB,6BAA6B,EAC9B,MAAM,0BAA0B,CAAC;AAClC,OAAO,EAAE,gBAAgB,EAAE,MAAM,qBAAqB,CAAC;AAGvD,OAAO,EAAE,uBAAuB,EAAE,MAAM,2BAA2B,CAAC;AAEpE,qBAAa,8BAA8B;IACzC,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAC5B,eAAe,EAAE,MAAM,EAAE,CAAM;IAC/B,MAAM,CAAC,EAAE,gBAAgB,GAAG,uBAAuB,CAAC;IACpD,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,OAAO,CAAC,EAAE,iBAAiB,CAAC;WAER,OAAO,CAAC,EAAE,GAAG,EAAE,QAAQ,EAAE,EAAE;QAAE,GAAG,EAAE,MAAM,CAAC;QAAC,QAAQ,CAAC,EAAE,gBAAgB,CAAA;KAAE,GAAG,OAAO,CAAC,8BAA8B,CAAC;WAKvH,0BAA0B,CAAC,IAAI,EAAE;QAC7C,OAAO,EAAE,6BAA6B,CAAC;QACvC,MAAM,CAAC,EAAE,MAAM,CAAC;QAChB,OAAO,CAAC,EAAE,MAAM,CAAC;QACjB,OAAO,CAAC,EAAE,iBAAiB,CAAC;QAC5B,QAAQ,CAAC,EAAE,gBAAgB,CAAC;KAC7B,GAAG,8BAA8B;WAmBpB,mBAAmB,CAAC,EAChC,eAAe,EACf,QAAQ,GACT,EAAE;QACD,eAAe,EAAE,iCAAiC,CAAC;QACnD,QAAQ,CAAC,EAAE,gBAAgB,CAAC;KAC7B,GAAG,8BAA8B;IAQ3B,kCAAkC,CAAC,QAAQ,EAAE,wBAAwB,GAAG,8BAA8B;IAKtG,sBAAsB,CAAC,kBAAkB,EAAE,MAAM,GAAG,8BAA8B;IAKlF,kBAAkB,CAAC,eAAe,EAAE,MAAM,GAAG,MAAM,EAAE,GAAG,8BAA8B;IAKtF,UAAU,CAAC,MAAM,EAAE,gBAAgB,GAAG,uBAAuB,GAAG,8BAA8B;IAK9F,SAAS,CAAC,WAAW,EAAE,MAAM,GAAG,8BAA8B;IAK9D,qBAAqB,CAAC,QAAQ,EAAE,mBAAmB,GAAG,8BAA8B;IAKpF,WAAW,CAAC,OAAO,EAAE,iBAAiB,GAAG,8BAA8B;IAKvE,KAAK,IAAI,uBAAuB;CAMxC"}

package/dist/CredentialRequestClientBuilder.js

@@ -0,0 +1,87 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.CredentialRequestClientBuilder = void 0;
+const oid4vci_common_1 = require("@sphereon/oid4vci-common");
+const CredentialOfferClient_1 = require("./CredentialOfferClient");
+const CredentialRequestClient_1 = require("./CredentialRequestClient");
+class CredentialRequestClientBuilder {
+    constructor() {
+        this.credentialTypes = [];
+    }
+    static fromURI({ uri, metadata }) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const offer = yield CredentialOfferClient_1.CredentialOfferClient.fromURI(uri);
+            return CredentialRequestClientBuilder.fromCredentialOfferRequest(Object.assign(Object.assign({ request: offer }, offer), { metadata, version: offer.version }));
+        });
+    }
+    static fromCredentialOfferRequest(opts) {
+        var _a, _b, _c, _d;
+        const { request, metadata } = opts;
+        const version = (_b = (_a = opts.version) !== null && _a !== void 0 ? _a : request.version) !== null && _b !== void 0 ? _b : (0, oid4vci_common_1.determineSpecVersionFromOffer)(request.original_credential_offer);
+        const builder = new CredentialRequestClientBuilder();
+        const issuer = (_c = (0, oid4vci_common_1.getIssuerFromCredentialOfferPayload)(request.credential_offer)) !== null && _c !== void 0 ? _c : metadata === null || metadata === void 0 ? void 0 : metadata.issuer;
+        builder.withVersion(version);
+        builder.withCredentialEndpoint((_d = metadata === null || metadata === void 0 ? void 0 : metadata.credential_endpoint) !== null && _d !== void 0 ? _d : (issuer.endsWith('/') ? `${issuer}credential` : `${issuer}/credential`));
+        if (version <= oid4vci_common_1.OpenId4VCIVersion.VER_1_0_08) {
+            //todo: This basically sets all types available during initiation. Probably the user only wants a subset. So do we want to do this?
+            builder.withCredentialType(request.original_credential_offer.credential_type);
+        }
+        else {
+            // todo: look whether this is correct
+            builder.withCredentialType(request.credential_offer.credentials.flatMap((c) => (typeof c === 'string' ? c : c.types)));
+        }
+        return builder;
+    }
+    static fromCredentialOffer({ credentialOffer, metadata, }) {
+        return CredentialRequestClientBuilder.fromCredentialOfferRequest({
+            request: credentialOffer,
+            metadata,
+            version: credentialOffer.version,
+        });
+    }
+    withCredentialEndpointFromMetadata(metadata) {
+        this.credentialEndpoint = metadata.credential_endpoint;
+        return this;
+    }
+    withCredentialEndpoint(credentialEndpoint) {
+        this.credentialEndpoint = credentialEndpoint;
+        return this;
+    }
+    withCredentialType(credentialTypes) {
+        this.credentialTypes = Array.isArray(credentialTypes) ? credentialTypes : [credentialTypes];
+        return this;
+    }
+    withFormat(format) {
+        this.format = format;
+        return this;
+    }
+    withToken(accessToken) {
+        this.token = accessToken;
+        return this;
+    }
+    withTokenFromResponse(response) {
+        this.token = response.access_token;
+        return this;
+    }
+    withVersion(version) {
+        this.version = version;
+        return this;
+    }
+    build() {
+        if (!this.version) {
+            this.withVersion(oid4vci_common_1.OpenId4VCIVersion.VER_1_0_11);
+        }
+        return new CredentialRequestClient_1.CredentialRequestClient(this);
+    }
+}
+exports.CredentialRequestClientBuilder = CredentialRequestClientBuilder;
+//# sourceMappingURL=CredentialRequestClientBuilder.js.map

package/dist/CredentialRequestClientBuilder.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"CredentialRequestClientBuilder.js","sourceRoot":"","sources":["../lib/CredentialRequestClientBuilder.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,6DAWkC;AAGlC,mEAAgE;AAChE,uEAAoE;AAEpE,MAAa,8BAA8B;IAA3C;QAEE,oBAAe,GAAa,EAAE,CAAC;IA0FjC,CAAC;IArFQ,MAAM,CAAO,OAAO,CAAC,EAAE,GAAG,EAAE,QAAQ,EAAgD;;YACzF,MAAM,KAAK,GAAG,MAAM,6CAAqB,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;YACvD,OAAO,8BAA8B,CAAC,0BAA0B,+BAAG,OAAO,EAAE,KAAK,IAAK,KAAK,KAAE,QAAQ,EAAE,OAAO,EAAE,KAAK,CAAC,OAAO,IAAG,CAAC;QACnI,CAAC;KAAA;IAEM,MAAM,CAAC,0BAA0B,CAAC,IAMxC;;QACC,MAAM,EAAE,OAAO,EAAE,QAAQ,EAAE,GAAG,IAAI,CAAC;QACnC,MAAM,OAAO,GAAG,MAAA,MAAA,IAAI,CAAC,OAAO,mCAAI,OAAO,CAAC,OAAO,mCAAI,IAAA,8CAA6B,EAAC,OAAO,CAAC,yBAAyB,CAAC,CAAC;QACpH,MAAM,OAAO,GAAG,IAAI,8BAA8B,EAAE,CAAC;QACrD,MAAM,MAAM,GAAG,MAAA,IAAA,oDAAmC,EAAC,OAAO,CAAC,gBAAgB,CAAC,mCAAK,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,MAAiB,CAAC;QAC7G,OAAO,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC;QAC7B,OAAO,CAAC,sBAAsB,CAAC,MAAA,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,mBAAmB,mCAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,MAAM,YAAY,CAAC,CAAC,CAAC,GAAG,MAAM,aAAa,CAAC,CAAC,CAAC;QAEzI,IAAI,OAAO,IAAI,kCAAiB,CAAC,UAAU,EAAE;YAC3C,mIAAmI;YACnI,OAAO,CAAC,kBAAkB,CAAE,OAAO,CAAC,yBAA2D,CAAC,eAAe,CAAC,CAAC;SAClH;aAAM;YACL,qCAAqC;YACrC,OAAO,CAAC,kBAAkB,CAAC,OAAO,CAAC,gBAAgB,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,OAAO,CAAC,KAAK,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;SACxH;QAED,OAAO,OAAO,CAAC;IACjB,CAAC;IAEM,MAAM,CAAC,mBAAmB,CAAC,EAChC,eAAe,EACf,QAAQ,GAIT;QACC,OAAO,8BAA8B,CAAC,0BAA0B,CAAC;YAC/D,OAAO,EAAE,eAAe;YACxB,QAAQ;YACR,OAAO,EAAE,eAAe,CAAC,OAAO;SACjC,CAAC,CAAC;IACL,CAAC;IAEM,kCAAkC,CAAC,QAAkC;QAC1E,IAAI,CAAC,kBAAkB,GAAG,QAAQ,CAAC,mBAAmB,CAAC;QACvD,OAAO,IAAI,CAAC;IACd,CAAC;IAEM,sBAAsB,CAAC,kBAA0B;QACtD,IAAI,CAAC,kBAAkB,GAAG,kBAAkB,CAAC;QAC7C,OAAO,IAAI,CAAC;IACd,CAAC;IAEM,kBAAkB,CAAC,eAAkC;QAC1D,IAAI,CAAC,eAAe,GAAG,KAAK,CAAC,OAAO,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC,eAAe,CAAC,CAAC;QAC5F,OAAO,IAAI,CAAC;IACd,CAAC;IAEM,UAAU,CAAC,MAAkD;QAClE,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;QACrB,OAAO,IAAI,CAAC;IACd,CAAC;IAEM,SAAS,CAAC,WAAmB;QAClC,IAAI,CAAC,KAAK,GAAG,WAAW,CAAC;QACzB,OAAO,IAAI,CAAC;IACd,CAAC;IAEM,qBAAqB,CAAC,QAA6B;QACxD,IAAI,CAAC,KAAK,GAAG,QAAQ,CAAC,YAAY,CAAC;QACnC,OAAO,IAAI,CAAC;IACd,CAAC;IAEM,WAAW,CAAC,OAA0B;QAC3C,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;QACvB,OAAO,IAAI,CAAC;IACd,CAAC;IAEM,KAAK;QACV,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE;YACjB,IAAI,CAAC,WAAW,CAAC,kCAAiB,CAAC,UAAU,CAAC,CAAC;SAChD;QACD,OAAO,IAAI,iDAAuB,CAAC,IAAI,CAAC,CAAC;IAC3C,CAAC;CACF;AA5FD,wEA4FC"}

package/dist/{main/lib/MetadataClient.d.ts → MetadataClient.d.ts}

@@ -1,38 +1,39 @@
-import { EndpointMetadata, IssuanceInitiationRequestPayload, IssuanceInitiationWithBaseUrl, OID4VCIServerMetadata, WellKnownEndpoints } from './types';
-export declare class MetadataClient {
-    static async: any;
-    /**
-     * Retrieve metadata using the Initiation obtained from a previous step
-     *
-     * @param initiation
-     */
-    static retrieveAllMetadataFromInitiation(initiation: IssuanceInitiationWithBaseUrl): Promise<EndpointMetadata>;
-    /**
-     * Retrieve the metada using the initiation request obtained from a previous step
-     * @param initiationRequest
-     */
-    static retrieveAllMetadataFromInitiationRequest(initiationRequest: IssuanceInitiationRequestPayload): Promise<EndpointMetadata>;
-    /**
-     * Retrieve all metadata from an issuer
-     * @param issuer The issuer URL
-     */
-    static retrieveAllMetadata(issuer: string, opts?: {
-        errorOnNotFound: boolean;
-    }): Promise<EndpointMetadata | undefined>;
-    /**
-     * Retrieve only the OID4VCI metadata for the issuer. So no OIDC/OAuth2 metadata
-     *
-     * @param issuerHost The issuer hostname
-     */
-    static retrieveOID4VCIServerMetadata(issuerHost: string): Promise<OID4VCIServerMetadata | undefined>;
-    /**
-     * Allows to retrieve information from a well-known location
-     *
-     * @param host The host
-     * @param endpointType The endpoint type, currently supports OID4VCI, OIDC and OAuth2 endpoint types
-     * @param opts Options, like for instance whether an error should be thrown in case the endpoint doesn't exist
-     */
-    static retrieveWellknown<T>(host: string, endpointType: WellKnownEndpoints, opts?: {
-        errorOnNotFound?: boolean;
-    }): Promise<T | undefined>;
-}
+import { CredentialIssuerMetadata, CredentialOfferPayload, CredentialOfferRequestWithBaseUrl, EndpointMetadata, OpenIDResponse, WellKnownEndpoints } from '@sphereon/oid4vci-common';
+export declare class MetadataClient {
+    /**
+     * Retrieve metadata using the Initiation obtained from a previous step
+     *
+     * @param credentialOffer
+     */
+    static retrieveAllMetadataFromCredentialOffer(credentialOffer: CredentialOfferRequestWithBaseUrl): Promise<EndpointMetadata>;
+    /**
+     * Retrieve the metada using the initiation request obtained from a previous step
+     * @param request
+     */
+    static retrieveAllMetadataFromCredentialOfferRequest(request: CredentialOfferPayload): Promise<EndpointMetadata>;
+    /**
+     * Retrieve all metadata from an issuer
+     * @param issuer The issuer URL
+     * @param opts
+     */
+    static retrieveAllMetadata(issuer: string, opts?: {
+        errorOnNotFound: boolean;
+    }): Promise<EndpointMetadata>;
+    /**
+     * Retrieve only the OID4VCI metadata for the issuer. So no OIDC/OAuth2 metadata
+     *
+     * @param issuerHost The issuer hostname
+     */
+    static retrieveOpenID4VCIServerMetadata(issuerHost: string): Promise<OpenIDResponse<CredentialIssuerMetadata> | undefined>;
+    /**
+     * Allows to retrieve information from a well-known location
+     *
+     * @param host The host
+     * @param endpointType The endpoint type, currently supports OID4VCI, OIDC and OAuth2 endpoint types
+     * @param opts Options, like for instance whether an error should be thrown in case the endpoint doesn't exist
+     */
+    static retrieveWellknown<T>(host: string, endpointType: WellKnownEndpoints, opts?: {
+        errorOnNotFound?: boolean;
+    }): Promise<OpenIDResponse<T>>;
+}
+//# sourceMappingURL=MetadataClient.d.ts.map

package/dist/MetadataClient.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"MetadataClient.d.ts","sourceRoot":"","sources":["../lib/MetadataClient.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,wBAAwB,EACxB,sBAAsB,EACtB,iCAAiC,EACjC,gBAAgB,EAIhB,cAAc,EACd,kBAAkB,EACnB,MAAM,0BAA0B,CAAC;AAOlC,qBAAa,cAAc;IACzB;;;;OAIG;WACiB,sCAAsC,CAAC,eAAe,EAAE,iCAAiC,GAAG,OAAO,CAAC,gBAAgB,CAAC;IAIzI;;;OAGG;WACiB,6CAA6C,CAAC,OAAO,EAAE,sBAAsB,GAAG,OAAO,CAAC,gBAAgB,CAAC;IAO7H;;;;OAIG;WACiB,mBAAmB,CAAC,MAAM,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE;QAAE,eAAe,EAAE,OAAO,CAAA;KAAE,GAAG,OAAO,CAAC,gBAAgB,CAAC;IAwEvH;;;;OAIG;WACiB,gCAAgC,CAAC,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,cAAc,CAAC,wBAAwB,CAAC,GAAG,SAAS,CAAC;IAKvI;;;;;;OAMG;WACiB,iBAAiB,CAAC,CAAC,EACrC,IAAI,EAAE,MAAM,EACZ,YAAY,EAAE,kBAAkB,EAChC,IAAI,CAAC,EAAE;QAAE,eAAe,CAAC,EAAE,OAAO,CAAA;KAAE,GACnC,OAAO,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC;CAU9B"}

package/dist/MetadataClient.js

@@ -0,0 +1,148 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.MetadataClient = void 0;
+const oid4vci_common_1 = require("@sphereon/oid4vci-common");
+const debug_1 = __importDefault(require("debug"));
+const functions_1 = require("./functions");
+const debug = (0, debug_1.default)('sphereon:oid4vci:metadata');
+class MetadataClient {
+    /**
+     * Retrieve metadata using the Initiation obtained from a previous step
+     *
+     * @param credentialOffer
+     */
+    static retrieveAllMetadataFromCredentialOffer(credentialOffer) {
+        return __awaiter(this, void 0, void 0, function* () {
+            return MetadataClient.retrieveAllMetadataFromCredentialOfferRequest(credentialOffer.credential_offer);
+        });
+    }
+    /**
+     * Retrieve the metada using the initiation request obtained from a previous step
+     * @param request
+     */
+    static retrieveAllMetadataFromCredentialOfferRequest(request) {
+        return __awaiter(this, void 0, void 0, function* () {
+            if ((0, oid4vci_common_1.getIssuerFromCredentialOfferPayload)(request)) {
+                return MetadataClient.retrieveAllMetadata((0, oid4vci_common_1.getIssuerFromCredentialOfferPayload)(request));
+            }
+            throw new Error("can't retrieve metadata from CredentialOfferRequest. No issuer field is present");
+        });
+    }
+    /**
+     * Retrieve all metadata from an issuer
+     * @param issuer The issuer URL
+     * @param opts
+     */
+    static retrieveAllMetadata(issuer, opts) {
+        var _a;
+        return __awaiter(this, void 0, void 0, function* () {
+            let token_endpoint;
+            let credential_endpoint;
+            const response = yield MetadataClient.retrieveOpenID4VCIServerMetadata(issuer);
+            let issuerMetadata = response === null || response === void 0 ? void 0 : response.successBody;
+            if (issuerMetadata) {
+                debug(`Issuer ${issuer} OID4VCI well-known server metadata\r\n${issuerMetadata}`);
+                credential_endpoint = issuerMetadata.credential_endpoint;
+                token_endpoint = issuerMetadata.token_endpoint;
+                if (!token_endpoint && issuerMetadata.authorization_server) {
+                    debug(`Issuer ${issuer} OID4VCI metadata has separate authorization_server ${issuerMetadata.authorization_server} that contains the token endpoint`);
+                    // Crossword uses this to separate the AS metadata. We fail when not found, since we now have no way of getting the token endpoint
+                    const response = yield this.retrieveWellknown(issuerMetadata.authorization_server, oid4vci_common_1.WellKnownEndpoints.OAUTH_AS, {
+                        errorOnNotFound: true,
+                    });
+                    token_endpoint = (_a = response.successBody) === null || _a === void 0 ? void 0 : _a.token_endpoint;
+                }
+            }
+            else {
+                // No specific OID4VCI endpoint. Either can be an OAuth2 AS or an OpenID IDP. Let's start with OIDC first
+                let response = yield MetadataClient.retrieveWellknown(issuer, oid4vci_common_1.WellKnownEndpoints.OPENID_CONFIGURATION, {
+                    errorOnNotFound: false,
+                });
+                let asConfig = response.successBody;
+                if (asConfig) {
+                    debug(`Issuer ${issuer} has OpenID Connect Server metadata in well-known location`);
+                }
+                else {
+                    // Now oAuth2
+                    response = yield MetadataClient.retrieveWellknown(issuer, oid4vci_common_1.WellKnownEndpoints.OAUTH_AS, { errorOnNotFound: false });
+                    asConfig = response.successBody;
+                }
+                if (asConfig) {
+                    debug(`Issuer ${issuer} has oAuth2 Server metadata in well-known location`);
+                    issuerMetadata = asConfig;
+                    credential_endpoint = issuerMetadata.credential_endpoint;
+                    token_endpoint = issuerMetadata.token_endpoint;
+                }
+            }
+            if (!token_endpoint) {
+                debug(`Issuer ${issuer} does not have a token_endpoint listed in well-known locations!`);
+                if (opts === null || opts === void 0 ? void 0 : opts.errorOnNotFound) {
+                    throw new Error(`Could not deduce the token endpoint for ${issuer}`);
+                }
+                else {
+                    token_endpoint = `${issuer}${issuer.endsWith('/') ? '' : '/'}token`;
+                }
+            }
+            if (!credential_endpoint) {
+                debug(`Issuer ${issuer} does not have a credential_endpoint listed in well-known locations!`);
+                if (opts === null || opts === void 0 ? void 0 : opts.errorOnNotFound) {
+                    throw new Error(`Could not deduce the credential endpoint for ${issuer}`);
+                }
+                else {
+                    credential_endpoint = `${issuer}${issuer.endsWith('/') ? '' : '/'}credential`;
+                }
+            }
+            debug(`Issuer ${issuer} token endpoint ${token_endpoint}, credential endpoint ${credential_endpoint}`);
+            return {
+                issuer,
+                token_endpoint,
+                credential_endpoint,
+                issuerMetadata,
+            };
+        });
+    }
+    /**
+     * Retrieve only the OID4VCI metadata for the issuer. So no OIDC/OAuth2 metadata
+     *
+     * @param issuerHost The issuer hostname
+     */
+    static retrieveOpenID4VCIServerMetadata(issuerHost) {
+        return __awaiter(this, void 0, void 0, function* () {
+            // Since the server metadata endpoint is optional we are not going to throw an error.
+            return MetadataClient.retrieveWellknown(issuerHost, oid4vci_common_1.WellKnownEndpoints.OPENID4VCI_ISSUER, { errorOnNotFound: false });
+        });
+    }
+    /**
+     * Allows to retrieve information from a well-known location
+     *
+     * @param host The host
+     * @param endpointType The endpoint type, currently supports OID4VCI, OIDC and OAuth2 endpoint types
+     * @param opts Options, like for instance whether an error should be thrown in case the endpoint doesn't exist
+     */
+    static retrieveWellknown(host, endpointType, opts) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const result = yield (0, functions_1.getJson)(`${host.endsWith('/') ? host.slice(0, -1) : host}${endpointType}`, {
+                exceptionOnHttpErrorStatus: opts === null || opts === void 0 ? void 0 : opts.errorOnNotFound,
+            });
+            if (result.origResponse.status === 404) {
+                // We only get here when error on not found is false
+                debug(`host ${host} with endpoint type ${endpointType} was not found (404)`);
+            }
+            return result;
+        });
+    }
+}
+exports.MetadataClient = MetadataClient;
+//# sourceMappingURL=MetadataClient.js.map

package/dist/MetadataClient.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"MetadataClient.js","sourceRoot":"","sources":["../lib/MetadataClient.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,6DAUkC;AAClC,kDAA0B;AAE1B,2CAAsC;AAEtC,MAAM,KAAK,GAAG,IAAA,eAAK,EAAC,2BAA2B,CAAC,CAAC;AAEjD,MAAa,cAAc;IACzB;;;;OAIG;IACI,MAAM,CAAO,sCAAsC,CAAC,eAAkD;;YAC3G,OAAO,cAAc,CAAC,6CAA6C,CAAC,eAAe,CAAC,gBAAgB,CAAC,CAAC;QACxG,CAAC;KAAA;IAED;;;OAGG;IACI,MAAM,CAAO,6CAA6C,CAAC,OAA+B;;YAC/F,IAAI,IAAA,oDAAmC,EAAC,OAAO,CAAC,EAAE;gBAChD,OAAO,cAAc,CAAC,mBAAmB,CAAC,IAAA,oDAAmC,EAAC,OAAO,CAAW,CAAC,CAAC;aACnG;YACD,MAAM,IAAI,KAAK,CAAC,iFAAiF,CAAC,CAAC;QACrG,CAAC;KAAA;IAED;;;;OAIG;IACI,MAAM,CAAO,mBAAmB,CAAC,MAAc,EAAE,IAAmC;;;YACzF,IAAI,cAAc,CAAC;YACnB,IAAI,mBAAmB,CAAC;YACxB,MAAM,QAAQ,GAAG,MAAM,cAAc,CAAC,gCAAgC,CAAC,MAAM,CAAC,CAAC;YAC/E,IAAI,cAAc,GAAG,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,WAAW,CAAC;YAC3C,IAAI,cAAc,EAAE;gBAClB,KAAK,CAAC,UAAU,MAAM,0CAA0C,cAAc,EAAE,CAAC,CAAC;gBAClF,mBAAmB,GAAG,cAAc,CAAC,mBAAmB,CAAC;gBACzD,cAAc,GAAG,cAAc,CAAC,cAAc,CAAC;gBAC/C,IAAI,CAAC,cAAc,IAAI,cAAc,CAAC,oBAAoB,EAAE;oBAC1D,KAAK,CACH,UAAU,MAAM,uDAAuD,cAAc,CAAC,oBAAoB,mCAAmC,CAC9I,CAAC;oBACF,kIAAkI;oBAClI,MAAM,QAAQ,GAAqC,MAAM,IAAI,CAAC,iBAAiB,CAC7E,cAAc,CAAC,oBAAoB,EACnC,mCAAkB,CAAC,QAAQ,EAC3B;wBACE,eAAe,EAAE,IAAI;qBACtB,CACF,CAAC;oBACF,cAAc,GAAG,MAAA,QAAQ,CAAC,WAAW,0CAAE,cAAc,CAAC;iBACvD;aACF;iBAAM;gBACL,yGAAyG;gBACzG,IAAI,QAAQ,GAAgD,MAAM,cAAc,CAAC,iBAAiB,CAChG,MAAM,EACN,mCAAkB,CAAC,oBAAoB,EACvC;oBACE,eAAe,EAAE,KAAK;iBACvB,CACF,CAAC;gBACF,IAAI,QAAQ,GAAG,QAAQ,CAAC,WAAW,CAAC;gBACpC,IAAI,QAAQ,EAAE;oBACZ,KAAK,CAAC,UAAU,MAAM,4DAA4D,CAAC,CAAC;iBACrF;qBAAM;oBACL,aAAa;oBACb,QAAQ,GAAG,MAAM,cAAc,CAAC,iBAAiB,CAAC,MAAM,EAAE,mCAAkB,CAAC,QAAQ,EAAE,EAAE,eAAe,EAAE,KAAK,EAAE,CAAC,CAAC;oBACnH,QAAQ,GAAG,QAAQ,CAAC,WAAW,CAAC;iBACjC;gBACD,IAAI,QAAQ,EAAE;oBACZ,KAAK,CAAC,UAAU,MAAM,oDAAoD,CAAC,CAAC;oBAC5E,cAAc,GAAG,QAAQ,CAAC;oBAC1B,mBAAmB,GAAG,cAAc,CAAC,mBAAmB,CAAC;oBACzD,cAAc,GAAG,cAAc,CAAC,cAAc,CAAC;iBAChD;aACF;YACD,IAAI,CAAC,cAAc,EAAE;gBACnB,KAAK,CAAC,UAAU,MAAM,iEAAiE,CAAC,CAAC;gBACzF,IAAI,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,eAAe,EAAE;oBACzB,MAAM,IAAI,KAAK,CAAC,2CAA2C,MAAM,EAAE,CAAC,CAAC;iBACtE;qBAAM;oBACL,cAAc,GAAG,GAAG,MAAM,GAAG,MAAM,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG,OAAO,CAAC;iBACrE;aACF;YACD,IAAI,CAAC,mBAAmB,EAAE;gBACxB,KAAK,CAAC,UAAU,MAAM,sEAAsE,CAAC,CAAC;gBAC9F,IAAI,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,eAAe,EAAE;oBACzB,MAAM,IAAI,KAAK,CAAC,gDAAgD,MAAM,EAAE,CAAC,CAAC;iBAC3E;qBAAM;oBACL,mBAAmB,GAAG,GAAG,MAAM,GAAG,MAAM,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG,YAAY,CAAC;iBAC/E;aACF;YACD,KAAK,CAAC,UAAU,MAAM,mBAAmB,cAAc,yBAAyB,mBAAmB,EAAE,CAAC,CAAC;YACvG,OAAO;gBACL,MAAM;gBACN,cAAc;gBACd,mBAAmB;gBACnB,cAAc;aACf,CAAC;;KACH;IAED;;;;OAIG;IACI,MAAM,CAAO,gCAAgC,CAAC,UAAkB;;YACrE,qFAAqF;YACrF,OAAO,cAAc,CAAC,iBAAiB,CAAC,UAAU,EAAE,mCAAkB,CAAC,iBAAiB,EAAE,EAAE,eAAe,EAAE,KAAK,EAAE,CAAC,CAAC;QACxH,CAAC;KAAA;IAED;;;;;;OAMG;IACI,MAAM,CAAO,iBAAiB,CACnC,IAAY,EACZ,YAAgC,EAChC,IAAoC;;YAEpC,MAAM,MAAM,GAAsB,MAAM,IAAA,mBAAO,EAAC,GAAG,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,GAAG,YAAY,EAAE,EAAE;gBACjH,0BAA0B,EAAE,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,eAAe;aAClD,CAAC,CAAC;YACH,IAAI,MAAM,CAAC,YAAY,CAAC,MAAM,KAAK,GAAG,EAAE;gBACtC,oDAAoD;gBACpD,KAAK,CAAC,QAAQ,IAAI,uBAAuB,YAAY,sBAAsB,CAAC,CAAC;aAC9E;YACD,OAAO,MAAM,CAAC;QAChB,CAAC;KAAA;CACF;AAjID,wCAiIC"}

package/dist/OpenID4VCIClient.d.ts

@@ -0,0 +1,75 @@
+import { AccessTokenResponse, Alg, AuthzFlowType, CodeChallengeMethod, CredentialOfferRequestWithBaseUrl, CredentialResponse, CredentialSupported, EndpointMetadata, OID4VCICredentialFormat, OpenId4VCIVersion, OpenIDResponse, ProofOfPossessionCallbacks, PushedAuthorizationResponse } from '@sphereon/oid4vci-common';
+import { CredentialFormat } from '@sphereon/ssi-types';
+interface AuthDetails {
+    type: 'openid_credential' | string;
+    locations?: string | string[];
+    format: CredentialFormat | CredentialFormat[];
+    [s: string]: unknown;
+}
+interface AuthRequestOpts {
+    clientId: string;
+    codeChallenge: string;
+    codeChallengeMethod: CodeChallengeMethod;
+    authorizationDetails?: AuthDetails | AuthDetails[];
+    redirectUri: string;
+    scope?: string;
+}
+export declare class OpenID4VCIClient {
+    private readonly _flowType;
+    private readonly _credentialOffer;
+    private _clientId?;
+    private _kid;
+    private _alg;
+    private _endpointMetadata;
+    private _accessTokenResponse;
+    private constructor();
+    static fromURI({ uri, flowType, kid, alg, retrieveServerMetadata, clientId, resolveOfferUri, }: {
+        uri: string;
+        flowType: AuthzFlowType;
+        kid?: string;
+        alg?: Alg | string;
+        retrieveServerMetadata?: boolean;
+        resolveOfferUri?: boolean;
+        clientId?: string;
+    }): Promise<OpenID4VCIClient>;
+    retrieveServerMetadata(): Promise<EndpointMetadata>;
+    createAuthorizationRequestUrl({ clientId, codeChallengeMethod, codeChallenge, authorizationDetails, redirectUri, scope, }: AuthRequestOpts): string;
+    acquirePushedAuthorizationRequestURI({ clientId, codeChallengeMethod, codeChallenge, authorizationDetails, redirectUri, scope, }: AuthRequestOpts): Promise<OpenIDResponse<PushedAuthorizationResponse>>;
+    handleAuthorizationDetails(authorizationDetails?: AuthDetails | AuthDetails[]): AuthDetails | AuthDetails[] | undefined;
+    private handleLocations;
+    acquireAccessToken(opts?: {
+        pin?: string;
+        clientId?: string;
+        codeVerifier?: string;
+        code?: string;
+        redirectUri?: string;
+    }): Promise<AccessTokenResponse>;
+    acquireCredentials({ credentialTypes, proofCallbacks, format, kid, alg, jti, }: {
+        credentialTypes: string | string[];
+        proofCallbacks: ProofOfPossessionCallbacks;
+        format?: CredentialFormat | OID4VCICredentialFormat;
+        kid?: string;
+        alg?: Alg | string;
+        jti?: string;
+    }): Promise<CredentialResponse>;
+    getCredentialsSupported(restrictToInitiationTypes: boolean, supportedType?: string): CredentialSupported[];
+    getCredentialMetadata(type: string): CredentialSupported[];
+    getCredentialTypes(): string[];
+    get flowType(): AuthzFlowType;
+    issuerSupportedFlowTypes(): AuthzFlowType[];
+    get credentialOffer(): CredentialOfferRequestWithBaseUrl;
+    version(): OpenId4VCIVersion;
+    get endpointMetadata(): EndpointMetadata;
+    get kid(): string;
+    get alg(): string;
+    get clientId(): string | undefined;
+    get accessTokenResponse(): AccessTokenResponse;
+    getIssuer(): string;
+    getAccessTokenEndpoint(): string;
+    getCredentialEndpoint(): string;
+    private assertIssuerData;
+    private assertServerMetadata;
+    private assertAccessToken;
+}
+export {};
+//# sourceMappingURL=OpenID4VCIClient.d.ts.map

package/dist/OpenID4VCIClient.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"OpenID4VCIClient.d.ts","sourceRoot":"","sources":["../lib/OpenID4VCIClient.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,mBAAmB,EACnB,GAAG,EAEH,aAAa,EACb,mBAAmB,EAEnB,iCAAiC,EACjC,kBAAkB,EAClB,mBAAmB,EACnB,gBAAgB,EAChB,uBAAuB,EACvB,iBAAiB,EACjB,cAAc,EACd,0BAA0B,EAC1B,2BAA2B,EAE5B,MAAM,0BAA0B,CAAC;AAGlC,OAAO,EAAE,gBAAgB,EAAE,MAAM,qBAAqB,CAAC;AAYvD,UAAU,WAAW;IACnB,IAAI,EAAE,mBAAmB,GAAG,MAAM,CAAC;IACnC,SAAS,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;IAC9B,MAAM,EAAE,gBAAgB,GAAG,gBAAgB,EAAE,CAAC;IAE9C,CAAC,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC;CACtB;AAED,UAAU,eAAe;IACvB,QAAQ,EAAE,MAAM,CAAC;IACjB,aAAa,EAAE,MAAM,CAAC;IACtB,mBAAmB,EAAE,mBAAmB,CAAC;IACzC,oBAAoB,CAAC,EAAE,WAAW,GAAG,WAAW,EAAE,CAAC;IACnD,WAAW,EAAE,MAAM,CAAC;IACpB,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED,qBAAa,gBAAgB;IAC3B,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAgB;IAC1C,OAAO,CAAC,QAAQ,CAAC,gBAAgB,CAAoC;IACrE,OAAO,CAAC,SAAS,CAAC,CAAS;IAC3B,OAAO,CAAC,IAAI,CAAqB;IACjC,OAAO,CAAC,IAAI,CAA2B;IACvC,OAAO,CAAC,iBAAiB,CAA+B;IACxD,OAAO,CAAC,oBAAoB,CAAkC;IAE9D,OAAO;WAiBa,OAAO,CAAC,EAC1B,GAAG,EACH,QAAQ,EACR,GAAG,EACH,GAAG,EACH,sBAAsB,EACtB,QAAQ,EACR,eAAe,GAChB,EAAE;QACD,GAAG,EAAE,MAAM,CAAC;QACZ,QAAQ,EAAE,aAAa,CAAC;QACxB,GAAG,CAAC,EAAE,MAAM,CAAC;QACb,GAAG,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC;QACnB,sBAAsB,CAAC,EAAE,OAAO,CAAC;QACjC,eAAe,CAAC,EAAE,OAAO,CAAC;QAC1B,QAAQ,CAAC,EAAE,MAAM,CAAC;KACnB,GAAG,OAAO,CAAC,gBAAgB,CAAC;IAShB,sBAAsB,IAAI,OAAO,CAAC,gBAAgB,CAAC;IAQzD,6BAA6B,CAAC,EACnC,QAAQ,EACR,mBAAmB,EACnB,aAAa,EACb,oBAAoB,EACpB,WAAW,EACX,KAAK,GACN,EAAE,eAAe,GAAG,MAAM;IAqCd,oCAAoC,CAAC,EAChD,QAAQ,EACR,mBAAmB,EACnB,aAAa,EACb,oBAAoB,EACpB,WAAW,EACX,KAAK,GACN,EAAE,eAAe,GAAG,OAAO,CAAC,cAAc,CAAC,2BAA2B,CAAC,CAAC;IAsClE,0BAA0B,CAAC,oBAAoB,CAAC,EAAE,WAAW,GAAG,WAAW,EAAE,GAAG,WAAW,GAAG,WAAW,EAAE,GAAG,SAAS;IAW9H,OAAO,CAAC,eAAe;IAeV,kBAAkB,CAAC,IAAI,CAAC,EAAE;QACrC,GAAG,CAAC,EAAE,MAAM,CAAC;QACb,QAAQ,CAAC,EAAE,MAAM,CAAC;QAClB,YAAY,CAAC,EAAE,MAAM,CAAC;QACtB,IAAI,CAAC,EAAE,MAAM,CAAC;QACd,WAAW,CAAC,EAAE,MAAM,CAAC;KACtB,GAAG,OAAO,CAAC,mBAAmB,CAAC;IAwCnB,kBAAkB,CAAC,EAC9B,eAAe,EACf,cAAc,EACd,MAAM,EACN,GAAG,EACH,GAAG,EACH,GAAG,GACJ,EAAE;QACD,eAAe,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;QACnC,cAAc,EAAE,0BAA0B,CAAC;QAC3C,MAAM,CAAC,EAAE,gBAAgB,GAAG,uBAAuB,CAAC;QACpD,GAAG,CAAC,EAAE,MAAM,CAAC;QACb,GAAG,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC;QACnB,GAAG,CAAC,EAAE,MAAM,CAAC;KACd,GAAG,OAAO,CAAC,kBAAkB,CAAC;IA8E/B,uBAAuB,CAAC,yBAAyB,EAAE,OAAO,EAAE,aAAa,CAAC,EAAE,MAAM,GAAG,mBAAmB,EAAE;IA4D1G,qBAAqB,CAAC,IAAI,EAAE,MAAM,GAAG,mBAAmB,EAAE;IAK1D,kBAAkB,IAAI,MAAM,EAAE;IAW9B,IAAI,QAAQ,IAAI,aAAa,CAE5B;IAED,wBAAwB,IAAI,aAAa,EAAE;IAI3C,IAAI,eAAe,IAAI,iCAAiC,CAEvD;IAEM,OAAO,IAAI,iBAAiB;IAInC,IAAW,gBAAgB,IAAI,gBAAgB,CAI9C;IAED,IAAI,GAAG,IAAI,MAAM,CAMhB;IAED,IAAI,GAAG,IAAI,MAAM,CAMhB;IAED,IAAI,QAAQ,IAAI,MAAM,GAAG,SAAS,CAKjC;IAED,IAAI,mBAAmB,IAAI,mBAAmB,CAI7C;IAEM,SAAS,IAAI,MAAM;IAKnB,sBAAsB,IAAI,MAAM;IAOhC,qBAAqB,IAAI,MAAM;IAKtC,OAAO,CAAC,gBAAgB;IAMxB,OAAO,CAAC,oBAAoB;IAM5B,OAAO,CAAC,iBAAiB;CAK1B"}