@sphereon/oid4vci-client 0.2.0 → 0.4.1-next.285

package/dist/OpenID4VCIClient.js

@@ -0,0 +1,403 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.OpenID4VCIClient = void 0;
+const oid4vci_common_1 = require("@sphereon/oid4vci-common");
+const IssuerMetadataUtils_1 = require("@sphereon/oid4vci-common/dist/functions/IssuerMetadataUtils");
+const debug_1 = __importDefault(require("debug"));
+const AccessTokenClient_1 = require("./AccessTokenClient");
+const CredentialOfferClient_1 = require("./CredentialOfferClient");
+const CredentialRequestClientBuilder_1 = require("./CredentialRequestClientBuilder");
+const MetadataClient_1 = require("./MetadataClient");
+const ProofOfPossessionBuilder_1 = require("./ProofOfPossessionBuilder");
+const functions_1 = require("./functions");
+const debug = (0, debug_1.default)('sphereon:oid4vci');
+class OpenID4VCIClient {
+    constructor(credentialOffer, flowType, kid, alg, clientId) {
+        if (!credentialOffer.supportedFlows.includes(flowType)) {
+            throw Error(`Flows ${flowType} is not supported by issuer ${credentialOffer.credential_offer_uri}`);
+        }
+        this._flowType = flowType;
+        this._credentialOffer = credentialOffer;
+        this._kid = kid;
+        this._alg = alg;
+        this._clientId = clientId;
+    }
+    static fromURI({ uri, flowType, kid, alg, retrieveServerMetadata, clientId, resolveOfferUri, }) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const client = new OpenID4VCIClient(yield CredentialOfferClient_1.CredentialOfferClient.fromURI(uri, { resolve: resolveOfferUri }), flowType, kid, alg, clientId);
+            if (retrieveServerMetadata === undefined || retrieveServerMetadata) {
+                yield client.retrieveServerMetadata();
+            }
+            return client;
+        });
+    }
+    retrieveServerMetadata() {
+        return __awaiter(this, void 0, void 0, function* () {
+            this.assertIssuerData();
+            if (!this._endpointMetadata) {
+                this._endpointMetadata = yield MetadataClient_1.MetadataClient.retrieveAllMetadataFromCredentialOffer(this.credentialOffer);
+            }
+            return this.endpointMetadata;
+        });
+    }
+    createAuthorizationRequestUrl({ clientId, codeChallengeMethod, codeChallenge, authorizationDetails, redirectUri, scope, }) {
+        var _a;
+        // Scope and authorization_details can be used in the same authorization request
+        // https://datatracker.ietf.org/doc/html/draft-ietf-oauth-rar-23#name-relationship-to-scope-param
+        if (!scope && !authorizationDetails) {
+            throw Error('Please provide a scope or authorization_details');
+        }
+        // todo: handling this because of the support for v1_0-08
+        if (this._endpointMetadata && this._endpointMetadata.issuerMetadata && 'authorization_endpoint' in this._endpointMetadata.issuerMetadata) {
+            this._endpointMetadata.authorization_endpoint = this._endpointMetadata.issuerMetadata.authorization_endpoint;
+        }
+        if (!((_a = this._endpointMetadata) === null || _a === void 0 ? void 0 : _a.authorization_endpoint)) {
+            throw Error('Server metadata does not contain authorization endpoint');
+        }
+        // add 'openid' scope if not present
+        if (scope && !scope.includes('openid')) {
+            scope = `openid ${scope}`;
+        }
+        //fixme: handle this for v11
+        const queryObj = {
+            response_type: oid4vci_common_1.ResponseType.AUTH_CODE,
+            client_id: clientId,
+            code_challenge_method: codeChallengeMethod,
+            code_challenge: codeChallenge,
+            authorization_details: JSON.stringify(this.handleAuthorizationDetails(authorizationDetails)),
+            redirect_uri: redirectUri,
+            scope: scope,
+        };
+        return (0, functions_1.convertJsonToURI)(queryObj, {
+            baseUrl: this._endpointMetadata.authorization_endpoint,
+            uriTypeProperties: ['redirect_uri', 'scope', 'authorization_details'],
+            version: this.version(),
+        });
+    }
+    acquirePushedAuthorizationRequestURI({ clientId, codeChallengeMethod, codeChallenge, authorizationDetails, redirectUri, scope, }) {
+        var _a;
+        return __awaiter(this, void 0, void 0, function* () {
+            // Scope and authorization_details can be used in the same authorization request
+            // https://datatracker.ietf.org/doc/html/draft-ietf-oauth-rar-23#name-relationship-to-scope-param
+            if (!scope && !authorizationDetails) {
+                throw Error('Please provide a scope or authorization_details');
+            }
+            // Authorization servers supporting PAR SHOULD include the URL of their pushed authorization request endpoint in their authorization server metadata document
+            // Note that the presence of pushed_authorization_request_endpoint is sufficient for a client to determine that it may use the PAR flow.
+            // What happens if it doesn't ???
+            // let parEndpoint: string
+            if (!((_a = this._endpointMetadata) === null || _a === void 0 ? void 0 : _a.issuerMetadata) ||
+                !('pushed_authorization_request_endpoint' in this._endpointMetadata.issuerMetadata) ||
+                typeof this._endpointMetadata.issuerMetadata.pushed_authorization_request_endpoint !== 'string') {
+                throw Error('Server metadata does not contain pushed authorization request endpoint');
+            }
+            const parEndpoint = this._endpointMetadata.issuerMetadata.pushed_authorization_request_endpoint;
+            // add 'openid' scope if not present
+            if (scope && !scope.includes('openid')) {
+                scope = `openid ${scope}`;
+            }
+            //fixme: handle this for v11
+            const queryObj = {
+                response_type: oid4vci_common_1.ResponseType.AUTH_CODE,
+                client_id: clientId,
+                code_challenge_method: codeChallengeMethod,
+                code_challenge: codeChallenge,
+                authorization_details: JSON.stringify(this.handleAuthorizationDetails(authorizationDetails)),
+                redirect_uri: redirectUri,
+                scope: scope,
+            };
+            return yield (0, functions_1.formPost)(parEndpoint, JSON.stringify(queryObj));
+        });
+    }
+    handleAuthorizationDetails(authorizationDetails) {
+        if (authorizationDetails) {
+            if (Array.isArray(authorizationDetails)) {
+                return authorizationDetails.map((value) => this.handleLocations(Object.assign({}, value)));
+            }
+            else {
+                return this.handleLocations(Object.assign({}, authorizationDetails));
+            }
+        }
+        return authorizationDetails;
+    }
+    handleLocations(authorizationDetails) {
+        var _a;
+        if (authorizationDetails && (((_a = this.endpointMetadata.issuerMetadata) === null || _a === void 0 ? void 0 : _a.authorization_server) || this.endpointMetadata.authorization_endpoint)) {
+            if (authorizationDetails.locations) {
+                if (Array.isArray(authorizationDetails.locations)) {
+                    authorizationDetails.locations.push(this.endpointMetadata.issuer);
+                }
+                else {
+                    authorizationDetails.locations = [authorizationDetails.locations, this.endpointMetadata.issuer];
+                }
+            }
+            else {
+                authorizationDetails.locations = this.endpointMetadata.issuer;
+            }
+        }
+        return authorizationDetails;
+    }
+    acquireAccessToken(opts) {
+        var _a, _b;
+        return __awaiter(this, void 0, void 0, function* () {
+            const { pin, clientId, codeVerifier, code, redirectUri } = opts !== null && opts !== void 0 ? opts : {};
+            this.assertIssuerData();
+            if (clientId) {
+                this._clientId = clientId;
+            }
+            if (!this._accessTokenResponse) {
+                const accessTokenClient = new AccessTokenClient_1.AccessTokenClient();
+                const response = yield accessTokenClient.acquireAccessToken({
+                    credentialOffer: this.credentialOffer,
+                    metadata: this.endpointMetadata,
+                    pin,
+                    codeVerifier,
+                    code,
+                    redirectUri,
+                    asOpts: { clientId },
+                });
+                if (response.errorBody) {
+                    debug(`Access token error:\r\n${response.errorBody}`);
+                    throw Error(`Retrieving an access token from ${(_a = this._endpointMetadata) === null || _a === void 0 ? void 0 : _a.token_endpoint} for issuer ${this.getIssuer()} failed with status: ${response.origResponse.status}`);
+                }
+                else if (!response.successBody) {
+                    debug(`Access token error. No success body`);
+                    throw Error(`Retrieving an access token from ${(_b = this._endpointMetadata) === null || _b === void 0 ? void 0 : _b.token_endpoint} for issuer ${this.getIssuer()} failed as there was no success response body`);
+                }
+                this._accessTokenResponse = response.successBody;
+            }
+            return this.accessTokenResponse;
+        });
+    }
+    acquireCredentials({ credentialTypes, proofCallbacks, format, kid, alg, jti, }) {
+        var _a, _b, _c;
+        return __awaiter(this, void 0, void 0, function* () {
+            if (alg) {
+                this._alg = alg;
+            }
+            if (kid) {
+                this._kid = kid;
+            }
+            const requestBuilder = CredentialRequestClientBuilder_1.CredentialRequestClientBuilder.fromCredentialOffer({
+                credentialOffer: this.credentialOffer,
+                metadata: this.endpointMetadata,
+            });
+            requestBuilder.withTokenFromResponse(this.accessTokenResponse);
+            if ((_a = this.endpointMetadata) === null || _a === void 0 ? void 0 : _a.issuerMetadata) {
+                const metadata = this.endpointMetadata.issuerMetadata;
+                const types = Array.isArray(credentialTypes) ? credentialTypes : [credentialTypes];
+                if (metadata.credentials_supported && Array.isArray(metadata.credentials_supported)) {
+                    for (const type of types) {
+                        let typeSupported = false;
+                        for (const credentialSupported of metadata.credentials_supported) {
+                            if (!credentialSupported.types || credentialSupported.types.length === 0) {
+                                throw Error('types is required in the credentials supported');
+                            }
+                            if (credentialSupported.types.indexOf(type) != -1) {
+                                typeSupported = true;
+                            }
+                        }
+                        if (!typeSupported) {
+                            throw Error(`Not all credential types ${JSON.stringify(credentialTypes)} are supported by issuer ${this.getIssuer()}`);
+                        }
+                    }
+                }
+                else if (metadata.credentials_supported && !Array.isArray(metadata.credentials_supported)) {
+                    const credentialsSupported = metadata.credentials_supported;
+                    if (types.some((type) => !metadata.credentials_supported || !credentialsSupported[type])) {
+                        throw Error(`Not all credential types ${JSON.stringify(credentialTypes)} are supported by issuer ${this.getIssuer()}`);
+                    }
+                }
+                // todo: Format check? We might end up with some disjoint type / format combinations supported by the server
+            }
+            const credentialRequestClient = requestBuilder.build();
+            const proofBuilder = ProofOfPossessionBuilder_1.ProofOfPossessionBuilder.fromAccessTokenResponse({
+                accessTokenResponse: this.accessTokenResponse,
+                callbacks: proofCallbacks,
+                version: this.version(),
+            })
+                .withIssuer(this.getIssuer())
+                .withAlg(this.alg)
+                .withKid(this.kid);
+            if (this.clientId) {
+                proofBuilder.withClientId(this.clientId);
+            }
+            if (jti) {
+                proofBuilder.withJti(jti);
+            }
+            const response = yield credentialRequestClient.acquireCredentialsUsingProof({
+                proofInput: proofBuilder,
+                credentialTypes: credentialTypes,
+                format,
+            });
+            if (response.errorBody) {
+                debug(`Credential request error:\r\n${response.errorBody}`);
+                throw Error(`Retrieving a credential from ${(_b = this._endpointMetadata) === null || _b === void 0 ? void 0 : _b.credential_endpoint} for issuer ${this.getIssuer()} failed with status: ${response.origResponse.status}`);
+            }
+            else if (!response.successBody) {
+                debug(`Credential request error. No success body`);
+                throw Error(`Retrieving a credential from ${(_c = this._endpointMetadata) === null || _c === void 0 ? void 0 : _c.credential_endpoint} for issuer ${this.getIssuer()} failed as there was no success response body`);
+            }
+            return response.successBody;
+        });
+    }
+    getCredentialsSupported(restrictToInitiationTypes, supportedType) {
+        return (0, IssuerMetadataUtils_1.getSupportedCredentials)({
+            issuerMetadata: this.endpointMetadata.issuerMetadata,
+            version: this.version(),
+            supportedType,
+            credentialTypes: restrictToInitiationTypes ? this.getCredentialTypes() : undefined,
+        });
+        /*//FIXME: delegate to getCredentialsSupported from IssuerMetadataUtils
+        let credentialsSupported = this.endpointMetadata?.issuerMetadata?.credentials_supported
+    
+        if (this.version() === OpenId4VCIVersion.VER_1_0_08 || typeof credentialsSupported === 'object') {
+          const issuerMetadata = this.endpointMetadata.issuerMetadata as IssuerMetadataV1_0_08
+          const v8CredentialsSupported = issuerMetadata.credentials_supported
+          credentialsSupported = []
+          credentialsSupported = Object.entries(v8CredentialsSupported).map((key, value) => )
+    
+        }
+    
+    
+        if (!credentialsSupported) {
+          return []
+        } else if (!restrictToInitiationTypes) {
+          return credentialsSupported
+        }
+    
+    
+    
+        /!**
+         * the following (not array part is a legacy code from version 1_0-08 which jff implementors used)
+         *!/
+        if (!Array.isArray(credentialsSupported)) {
+          const credentialsSupportedV8: CredentialSupportedV1_0_08 = credentialsSupported as CredentialSupportedV1_0_08;
+          const initiationTypes = supportedType ? [supportedType] : this.getCredentialTypes();
+          const supported: IssuerCredentialSubject = {};
+          for (const [key, value] of Object.entries(credentialsSupportedV8)) {
+            if (initiationTypes.includes(key)) {
+              supported[key] = value;
+            }
+          }
+          // todo: fix this later. we're returning CredentialSupportedV1_0_08 as a list of CredentialSupported (for v09 onward)
+          return supported as unknown as CredentialSupported[];
+        }
+        const initiationTypes = supportedType ? [supportedType] : this.getCredentialTypes()
+        const credentialSupportedOverlap: CredentialSupported[] = []
+        for (const supported of credentialsSupported) {
+          const supportedTypeOverlap: string[] = []
+          for (const type of supported.types) {
+            initiationTypes.includes(type)
+            supportedTypeOverlap.push(type)
+          }
+          if (supportedTypeOverlap.length > 0) {
+            credentialSupportedOverlap.push({
+              ...supported,
+              types: supportedTypeOverlap
+            })
+          }
+        }
+        return credentialSupportedOverlap as CredentialSupported[]*/
+    }
+    getCredentialMetadata(type) {
+        return this.getCredentialsSupported(false, type);
+    }
+    // todo https://sphereon.atlassian.net/browse/VDX-184
+    getCredentialTypes() {
+        if (this.credentialOffer.version < oid4vci_common_1.OpenId4VCIVersion.VER_1_0_11) {
+            return typeof this.credentialOffer.original_credential_offer.credential_type === 'string'
+                ? [this.credentialOffer.original_credential_offer.credential_type]
+                : this.credentialOffer.original_credential_offer.credential_type;
+        }
+        else {
+            // FIXME: this for sure isn't correct. It would also include VerifiableCredential. The whole call to this getCredentialsTypes should be changed to begin with
+            return this.credentialOffer.credential_offer.credentials.flatMap((c) => (typeof c === 'string' ? c : c.types));
+        }
+    }
+    get flowType() {
+        return this._flowType;
+    }
+    issuerSupportedFlowTypes() {
+        return this.credentialOffer.supportedFlows;
+    }
+    get credentialOffer() {
+        return this._credentialOffer;
+    }
+    version() {
+        return this.credentialOffer.version;
+    }
+    get endpointMetadata() {
+        this.assertServerMetadata();
+        // eslint-disable-next-line @typescript-eslint/no-non-null-assertion
+        return this._endpointMetadata;
+    }
+    get kid() {
+        this.assertIssuerData();
+        if (!this._kid) {
+            throw new Error('No value for kid is supplied');
+        }
+        return this._kid;
+    }
+    get alg() {
+        this.assertIssuerData();
+        if (!this._alg) {
+            throw new Error('No value for alg is supplied');
+        }
+        return this._alg;
+    }
+    get clientId() {
+        /*if (!this._clientId) {
+          throw Error('No client id present');
+        }*/
+        return this._clientId;
+    }
+    get accessTokenResponse() {
+        this.assertAccessToken();
+        // eslint-disable-next-line @typescript-eslint/no-non-null-assertion
+        return this._accessTokenResponse;
+    }
+    getIssuer() {
+        this.assertIssuerData();
+        return this._endpointMetadata ? this.endpointMetadata.issuer : this.getIssuer();
+    }
+    getAccessTokenEndpoint() {
+        this.assertIssuerData();
+        return this.endpointMetadata
+            ? this.endpointMetadata.token_endpoint
+            : AccessTokenClient_1.AccessTokenClient.determineTokenURL({ issuerOpts: { issuer: this.getIssuer() } });
+    }
+    getCredentialEndpoint() {
+        this.assertIssuerData();
+        return this.endpointMetadata ? this.endpointMetadata.credential_endpoint : `${this.getIssuer()}/credential`;
+    }
+    assertIssuerData() {
+        if (!this._credentialOffer) {
+            throw Error(`No issuance initiation or credential offer present`);
+        }
+    }
+    assertServerMetadata() {
+        if (!this._endpointMetadata) {
+            throw Error('No server metadata');
+        }
+    }
+    assertAccessToken() {
+        if (!this._accessTokenResponse) {
+            throw Error(`No access token present`);
+        }
+    }
+}
+exports.OpenID4VCIClient = OpenID4VCIClient;
+//# sourceMappingURL=OpenID4VCIClient.js.map

package/dist/OpenID4VCIClient.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"OpenID4VCIClient.js","sourceRoot":"","sources":["../lib/OpenID4VCIClient.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,6DAiBkC;AAClC,qGAAsG;AAGtG,kDAA0B;AAE1B,2DAAwD;AACxD,mEAAgE;AAChE,qFAAkF;AAClF,qDAAkD;AAClD,yEAAsE;AACtE,2CAAyD;AAEzD,MAAM,KAAK,GAAG,IAAA,eAAK,EAAC,kBAAkB,CAAC,CAAC;AAmBxC,MAAa,gBAAgB;IAS3B,YACE,eAAkD,EAClD,QAAuB,EACvB,GAAY,EACZ,GAAkB,EAClB,QAAiB;QAEjB,IAAI,CAAC,eAAe,CAAC,cAAc,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE;YACtD,MAAM,KAAK,CAAC,SAAS,QAAQ,+BAA+B,eAAe,CAAC,oBAAoB,EAAE,CAAC,CAAC;SACrG;QACD,IAAI,CAAC,SAAS,GAAG,QAAQ,CAAC;QAC1B,IAAI,CAAC,gBAAgB,GAAG,eAAe,CAAC;QACxC,IAAI,CAAC,IAAI,GAAG,GAAG,CAAC;QAChB,IAAI,CAAC,IAAI,GAAG,GAAG,CAAC;QAChB,IAAI,CAAC,SAAS,GAAG,QAAQ,CAAC;IAC5B,CAAC;IAEM,MAAM,CAAO,OAAO,CAAC,EAC1B,GAAG,EACH,QAAQ,EACR,GAAG,EACH,GAAG,EACH,sBAAsB,EACtB,QAAQ,EACR,eAAe,GAShB;;YACC,MAAM,MAAM,GAAG,IAAI,gBAAgB,CAAC,MAAM,6CAAqB,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,OAAO,EAAE,eAAe,EAAE,CAAC,EAAE,QAAQ,EAAE,GAAG,EAAE,GAAG,EAAE,QAAQ,CAAC,CAAC;YAE1I,IAAI,sBAAsB,KAAK,SAAS,IAAI,sBAAsB,EAAE;gBAClE,MAAM,MAAM,CAAC,sBAAsB,EAAE,CAAC;aACvC;YACD,OAAO,MAAM,CAAC;QAChB,CAAC;KAAA;IAEY,sBAAsB;;YACjC,IAAI,CAAC,gBAAgB,EAAE,CAAC;YACxB,IAAI,CAAC,IAAI,CAAC,iBAAiB,EAAE;gBAC3B,IAAI,CAAC,iBAAiB,GAAG,MAAM,+BAAc,CAAC,sCAAsC,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;aAC5G;YACD,OAAO,IAAI,CAAC,gBAAgB,CAAC;QAC/B,CAAC;KAAA;IAEM,6BAA6B,CAAC,EACnC,QAAQ,EACR,mBAAmB,EACnB,aAAa,EACb,oBAAoB,EACpB,WAAW,EACX,KAAK,GACW;;QAChB,gFAAgF;QAChF,iGAAiG;QACjG,IAAI,CAAC,KAAK,IAAI,CAAC,oBAAoB,EAAE;YACnC,MAAM,KAAK,CAAC,iDAAiD,CAAC,CAAC;SAChE;QACD,yDAAyD;QACzD,IAAI,IAAI,CAAC,iBAAiB,IAAI,IAAI,CAAC,iBAAiB,CAAC,cAAc,IAAI,wBAAwB,IAAI,IAAI,CAAC,iBAAiB,CAAC,cAAc,EAAE;YACxI,IAAI,CAAC,iBAAiB,CAAC,sBAAsB,GAAG,IAAI,CAAC,iBAAiB,CAAC,cAAc,CAAC,sBAAgC,CAAC;SACxH;QACD,IAAI,CAAC,CAAA,MAAA,IAAI,CAAC,iBAAiB,0CAAE,sBAAsB,CAAA,EAAE;YACnD,MAAM,KAAK,CAAC,yDAAyD,CAAC,CAAC;SACxE;QAED,oCAAoC;QACpC,IAAI,KAAK,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE;YACtC,KAAK,GAAG,UAAU,KAAK,EAAE,CAAC;SAC3B;QAED,4BAA4B;QAC5B,MAAM,QAAQ,GAAG;YACf,aAAa,EAAE,6BAAY,CAAC,SAAS;YACrC,SAAS,EAAE,QAAQ;YACnB,qBAAqB,EAAE,mBAAmB;YAC1C,cAAc,EAAE,aAAa;YAC7B,qBAAqB,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,0BAA0B,CAAC,oBAAoB,CAAC,CAAC;YAC5F,YAAY,EAAE,WAAW;YACzB,KAAK,EAAE,KAAK;SACkB,CAAC;QAEjC,OAAO,IAAA,4BAAgB,EAAC,QAAQ,EAAE;YAChC,OAAO,EAAE,IAAI,CAAC,iBAAiB,CAAC,sBAAsB;YACtD,iBAAiB,EAAE,CAAC,cAAc,EAAE,OAAO,EAAE,uBAAuB,CAAC;YACrE,OAAO,EAAE,IAAI,CAAC,OAAO,EAAE;SACxB,CAAC,CAAC;IACL,CAAC;IAEY,oCAAoC,CAAC,EAChD,QAAQ,EACR,mBAAmB,EACnB,aAAa,EACb,oBAAoB,EACpB,WAAW,EACX,KAAK,GACW;;;YAChB,gFAAgF;YAChF,iGAAiG;YACjG,IAAI,CAAC,KAAK,IAAI,CAAC,oBAAoB,EAAE;gBACnC,MAAM,KAAK,CAAC,iDAAiD,CAAC,CAAC;aAChE;YAED,6JAA6J;YAC7J,wIAAwI;YACxI,iCAAiC;YACjC,0BAA0B;YAC1B,IACE,CAAC,CAAA,MAAA,IAAI,CAAC,iBAAiB,0CAAE,cAAc,CAAA;gBACvC,CAAC,CAAC,uCAAuC,IAAI,IAAI,CAAC,iBAAiB,CAAC,cAAc,CAAC;gBACnF,OAAO,IAAI,CAAC,iBAAiB,CAAC,cAAc,CAAC,qCAAqC,KAAK,QAAQ,EAC/F;gBACA,MAAM,KAAK,CAAC,wEAAwE,CAAC,CAAC;aACvF;YACD,MAAM,WAAW,GAAW,IAAI,CAAC,iBAAiB,CAAC,cAAc,CAAC,qCAAqC,CAAC;YAExG,oCAAoC;YACpC,IAAI,KAAK,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE;gBACtC,KAAK,GAAG,UAAU,KAAK,EAAE,CAAC;aAC3B;YAED,4BAA4B;YAC5B,MAAM,QAAQ,GAAgC;gBAC5C,aAAa,EAAE,6BAAY,CAAC,SAAS;gBACrC,SAAS,EAAE,QAAQ;gBACnB,qBAAqB,EAAE,mBAAmB;gBAC1C,cAAc,EAAE,aAAa;gBAC7B,qBAAqB,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,0BAA0B,CAAC,oBAAoB,CAAC,CAAC;gBAC5F,YAAY,EAAE,WAAW;gBACzB,KAAK,EAAE,KAAK;aACb,CAAC;YACF,OAAO,MAAM,IAAA,oBAAQ,EAAC,WAAW,EAAE,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC,CAAC;;KAC9D;IAEM,0BAA0B,CAAC,oBAAkD;QAClF,IAAI,oBAAoB,EAAE;YACxB,IAAI,KAAK,CAAC,OAAO,CAAC,oBAAoB,CAAC,EAAE;gBACvC,OAAO,oBAAoB,CAAC,GAAG,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,IAAI,CAAC,eAAe,mBAAM,KAAK,EAAG,CAAC,CAAC;aAChF;iBAAM;gBACL,OAAO,IAAI,CAAC,eAAe,mBAAM,oBAAoB,EAAG,CAAC;aAC1D;SACF;QACD,OAAO,oBAAoB,CAAC;IAC9B,CAAC;IAEO,eAAe,CAAC,oBAAiC;;QACvD,IAAI,oBAAoB,IAAI,CAAC,CAAA,MAAA,IAAI,CAAC,gBAAgB,CAAC,cAAc,0CAAE,oBAAoB,KAAI,IAAI,CAAC,gBAAgB,CAAC,sBAAsB,CAAC,EAAE;YACxI,IAAI,oBAAoB,CAAC,SAAS,EAAE;gBAClC,IAAI,KAAK,CAAC,OAAO,CAAC,oBAAoB,CAAC,SAAS,CAAC,EAAE;oBAChD,oBAAoB,CAAC,SAAsB,CAAC,IAAI,CAAC,IAAI,CAAC,gBAAgB,CAAC,MAAM,CAAC,CAAC;iBACjF;qBAAM;oBACL,oBAAoB,CAAC,SAAS,GAAG,CAAC,oBAAoB,CAAC,SAAmB,EAAE,IAAI,CAAC,gBAAgB,CAAC,MAAM,CAAC,CAAC;iBAC3G;aACF;iBAAM;gBACL,oBAAoB,CAAC,SAAS,GAAG,IAAI,CAAC,gBAAgB,CAAC,MAAM,CAAC;aAC/D;SACF;QACD,OAAO,oBAAoB,CAAC;IAC9B,CAAC;IAEY,kBAAkB,CAAC,IAM/B;;;YACC,MAAM,EAAE,GAAG,EAAE,QAAQ,EAAE,YAAY,EAAE,IAAI,EAAE,WAAW,EAAE,GAAG,IAAI,aAAJ,IAAI,cAAJ,IAAI,GAAI,EAAE,CAAC;YACtE,IAAI,CAAC,gBAAgB,EAAE,CAAC;YACxB,IAAI,QAAQ,EAAE;gBACZ,IAAI,CAAC,SAAS,GAAG,QAAQ,CAAC;aAC3B;YACD,IAAI,CAAC,IAAI,CAAC,oBAAoB,EAAE;gBAC9B,MAAM,iBAAiB,GAAG,IAAI,qCAAiB,EAAE,CAAC;gBAElD,MAAM,QAAQ,GAAG,MAAM,iBAAiB,CAAC,kBAAkB,CAAC;oBAC1D,eAAe,EAAE,IAAI,CAAC,eAAe;oBACrC,QAAQ,EAAE,IAAI,CAAC,gBAAgB;oBAC/B,GAAG;oBACH,YAAY;oBACZ,IAAI;oBACJ,WAAW;oBACX,MAAM,EAAE,EAAE,QAAQ,EAAE;iBACrB,CAAC,CAAC;gBAEH,IAAI,QAAQ,CAAC,SAAS,EAAE;oBACtB,KAAK,CAAC,0BAA0B,QAAQ,CAAC,SAAS,EAAE,CAAC,CAAC;oBACtD,MAAM,KAAK,CACT,mCAAmC,MAAA,IAAI,CAAC,iBAAiB,0CAAE,cAAc,eAAe,IAAI,CAAC,SAAS,EAAE,wBACtG,QAAQ,CAAC,YAAY,CAAC,MACxB,EAAE,CACH,CAAC;iBACH;qBAAM,IAAI,CAAC,QAAQ,CAAC,WAAW,EAAE;oBAChC,KAAK,CAAC,qCAAqC,CAAC,CAAC;oBAC7C,MAAM,KAAK,CACT,mCACE,MAAA,IAAI,CAAC,iBAAiB,0CAAE,cAC1B,eAAe,IAAI,CAAC,SAAS,EAAE,+CAA+C,CAC/E,CAAC;iBACH;gBACD,IAAI,CAAC,oBAAoB,GAAG,QAAQ,CAAC,WAAW,CAAC;aAClD;YAED,OAAO,IAAI,CAAC,mBAAmB,CAAC;;KACjC;IAEY,kBAAkB,CAAC,EAC9B,eAAe,EACf,cAAc,EACd,MAAM,EACN,GAAG,EACH,GAAG,EACH,GAAG,GAQJ;;;YACC,IAAI,GAAG,EAAE;gBACP,IAAI,CAAC,IAAI,GAAG,GAAG,CAAC;aACjB;YACD,IAAI,GAAG,EAAE;gBACP,IAAI,CAAC,IAAI,GAAG,GAAG,CAAC;aACjB;YAED,MAAM,cAAc,GAAG,+DAA8B,CAAC,mBAAmB,CAAC;gBACxE,eAAe,EAAE,IAAI,CAAC,eAAe;gBACrC,QAAQ,EAAE,IAAI,CAAC,gBAAgB;aAChC,CAAC,CAAC;YACH,cAAc,CAAC,qBAAqB,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;YAC/D,IAAI,MAAA,IAAI,CAAC,gBAAgB,0CAAE,cAAc,EAAE;gBACzC,MAAM,QAAQ,GAAG,IAAI,CAAC,gBAAgB,CAAC,cAAc,CAAC;gBACtD,MAAM,KAAK,GAAG,KAAK,CAAC,OAAO,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC,eAAe,CAAC,CAAC;gBACnF,IAAI,QAAQ,CAAC,qBAAqB,IAAI,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,qBAAqB,CAAC,EAAE;oBACnF,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE;wBACxB,IAAI,aAAa,GAAG,KAAK,CAAC;wBAC1B,KAAK,MAAM,mBAAmB,IAAI,QAAQ,CAAC,qBAAqB,EAAE;4BAChE,IAAI,CAAC,mBAAmB,CAAC,KAAK,IAAI,mBAAmB,CAAC,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE;gCACxE,MAAM,KAAK,CAAC,gDAAgD,CAAC,CAAC;6BAC/D;4BACD,IAAI,mBAAmB,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,EAAE;gCACjD,aAAa,GAAG,IAAI,CAAC;6BACtB;yBACF;wBACD,IAAI,CAAC,aAAa,EAAE;4BAClB,MAAM,KAAK,CAAC,4BAA4B,IAAI,CAAC,SAAS,CAAC,eAAe,CAAC,4BAA4B,IAAI,CAAC,SAAS,EAAE,EAAE,CAAC,CAAC;yBACxH;qBACF;iBACF;qBAAM,IAAI,QAAQ,CAAC,qBAAqB,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,qBAAqB,CAAC,EAAE;oBAC3F,MAAM,oBAAoB,GAAG,QAAQ,CAAC,qBAAuD,CAAC;oBAC9F,IAAI,KAAK,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,QAAQ,CAAC,qBAAqB,IAAI,CAAC,oBAAoB,CAAC,IAAI,CAAC,CAAC,EAAE;wBACxF,MAAM,KAAK,CAAC,4BAA4B,IAAI,CAAC,SAAS,CAAC,eAAe,CAAC,4BAA4B,IAAI,CAAC,SAAS,EAAE,EAAE,CAAC,CAAC;qBACxH;iBACF;gBACD,4GAA4G;aAC7G;YACD,MAAM,uBAAuB,GAAG,cAAc,CAAC,KAAK,EAAE,CAAC;YACvD,MAAM,YAAY,GAAG,mDAAwB,CAAC,uBAAuB,CAAC;gBACpE,mBAAmB,EAAE,IAAI,CAAC,mBAAmB;gBAC7C,SAAS,EAAE,cAAc;gBACzB,OAAO,EAAE,IAAI,CAAC,OAAO,EAAE;aACxB,CAAC;iBACC,UAAU,CAAC,IAAI,CAAC,SAAS,EAAE,CAAC;iBAC5B,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC;iBACjB,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;YAErB,IAAI,IAAI,CAAC,QAAQ,EAAE;gBACjB,YAAY,CAAC,YAAY,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;aAC1C;YACD,IAAI,GAAG,EAAE;gBACP,YAAY,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;aAC3B;YACD,MAAM,QAAQ,GAAG,MAAM,uBAAuB,CAAC,4BAA4B,CAAC;gBAC1E,UAAU,EAAE,YAAY;gBACxB,eAAe,EAAE,eAAe;gBAChC,MAAM;aACP,CAAC,CAAC;YACH,IAAI,QAAQ,CAAC,SAAS,EAAE;gBACtB,KAAK,CAAC,gCAAgC,QAAQ,CAAC,SAAS,EAAE,CAAC,CAAC;gBAC5D,MAAM,KAAK,CACT,gCAAgC,MAAA,IAAI,CAAC,iBAAiB,0CAAE,mBAAmB,eAAe,IAAI,CAAC,SAAS,EAAE,wBACxG,QAAQ,CAAC,YAAY,CAAC,MACxB,EAAE,CACH,CAAC;aACH;iBAAM,IAAI,CAAC,QAAQ,CAAC,WAAW,EAAE;gBAChC,KAAK,CAAC,2CAA2C,CAAC,CAAC;gBACnD,MAAM,KAAK,CACT,gCACE,MAAA,IAAI,CAAC,iBAAiB,0CAAE,mBAC1B,eAAe,IAAI,CAAC,SAAS,EAAE,+CAA+C,CAC/E,CAAC;aACH;YACD,OAAO,QAAQ,CAAC,WAAW,CAAC;;KAC7B;IAED,uBAAuB,CAAC,yBAAkC,EAAE,aAAsB;QAChF,OAAO,IAAA,6CAAuB,EAAC;YAC7B,cAAc,EAAE,IAAI,CAAC,gBAAgB,CAAC,cAAc;YACpD,OAAO,EAAE,IAAI,CAAC,OAAO,EAAE;YACvB,aAAa;YACb,eAAe,EAAE,yBAAyB,CAAC,CAAC,CAAC,IAAI,CAAC,kBAAkB,EAAE,CAAC,CAAC,CAAC,SAAS;SACnF,CAAC,CAAC;QACH;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;oEAkD4D;IAC9D,CAAC;IAED,qBAAqB,CAAC,IAAY;QAChC,OAAO,IAAI,CAAC,uBAAuB,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC;IACnD,CAAC;IAED,qDAAqD;IACrD,kBAAkB;QAChB,IAAI,IAAI,CAAC,eAAe,CAAC,OAAO,GAAG,kCAAiB,CAAC,UAAU,EAAE;YAC/D,OAAO,OAAQ,IAAI,CAAC,eAAe,CAAC,yBAA2D,CAAC,eAAe,KAAK,QAAQ;gBAC1H,CAAC,CAAC,CAAE,IAAI,CAAC,eAAe,CAAC,yBAA2D,CAAC,eAAyB,CAAC;gBAC/G,CAAC,CAAG,IAAI,CAAC,eAAe,CAAC,yBAA2D,CAAC,eAA4B,CAAC;SACrH;aAAM;YACL,6JAA6J;YAC7J,OAAO,IAAI,CAAC,eAAe,CAAC,gBAAgB,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,OAAO,CAAC,KAAK,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC;SAChH;IACH,CAAC;IAED,IAAI,QAAQ;QACV,OAAO,IAAI,CAAC,SAAS,CAAC;IACxB,CAAC;IAED,wBAAwB;QACtB,OAAO,IAAI,CAAC,eAAe,CAAC,cAAc,CAAC;IAC7C,CAAC;IAED,IAAI,eAAe;QACjB,OAAO,IAAI,CAAC,gBAAgB,CAAC;IAC/B,CAAC;IAEM,OAAO;QACZ,OAAO,IAAI,CAAC,eAAe,CAAC,OAAO,CAAC;IACtC,CAAC;IAED,IAAW,gBAAgB;QACzB,IAAI,CAAC,oBAAoB,EAAE,CAAC;QAC5B,oEAAoE;QACpE,OAAO,IAAI,CAAC,iBAAkB,CAAC;IACjC,CAAC;IAED,IAAI,GAAG;QACL,IAAI,CAAC,gBAAgB,EAAE,CAAC;QACxB,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE;YACd,MAAM,IAAI,KAAK,CAAC,8BAA8B,CAAC,CAAC;SACjD;QACD,OAAO,IAAI,CAAC,IAAI,CAAC;IACnB,CAAC;IAED,IAAI,GAAG;QACL,IAAI,CAAC,gBAAgB,EAAE,CAAC;QACxB,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE;YACd,MAAM,IAAI,KAAK,CAAC,8BAA8B,CAAC,CAAC;SACjD;QACD,OAAO,IAAI,CAAC,IAAI,CAAC;IACnB,CAAC;IAED,IAAI,QAAQ;QACV;;WAEG;QACH,OAAO,IAAI,CAAC,SAAS,CAAC;IACxB,CAAC;IAED,IAAI,mBAAmB;QACrB,IAAI,CAAC,iBAAiB,EAAE,CAAC;QACzB,oEAAoE;QACpE,OAAO,IAAI,CAAC,oBAAqB,CAAC;IACpC,CAAC;IAEM,SAAS;QACd,IAAI,CAAC,gBAAgB,EAAE,CAAC;QACxB,OAAO,IAAI,CAAC,iBAAiB,CAAC,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,EAAE,CAAC;IAClF,CAAC;IAEM,sBAAsB;QAC3B,IAAI,CAAC,gBAAgB,EAAE,CAAC;QACxB,OAAO,IAAI,CAAC,gBAAgB;YAC1B,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC,cAAc;YACtC,CAAC,CAAC,qCAAiB,CAAC,iBAAiB,CAAC,EAAE,UAAU,EAAE,EAAE,MAAM,EAAE,IAAI,CAAC,SAAS,EAAE,EAAE,EAAE,CAAC,CAAC;IACxF,CAAC;IAEM,qBAAqB;QAC1B,IAAI,CAAC,gBAAgB,EAAE,CAAC;QACxB,OAAO,IAAI,CAAC,gBAAgB,CAAC,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC,mBAAmB,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,SAAS,EAAE,aAAa,CAAC;IAC9G,CAAC;IAEO,gBAAgB;QACtB,IAAI,CAAC,IAAI,CAAC,gBAAgB,EAAE;YAC1B,MAAM,KAAK,CAAC,oDAAoD,CAAC,CAAC;SACnE;IACH,CAAC;IAEO,oBAAoB;QAC1B,IAAI,CAAC,IAAI,CAAC,iBAAiB,EAAE;YAC3B,MAAM,KAAK,CAAC,oBAAoB,CAAC,CAAC;SACnC;IACH,CAAC;IAEO,iBAAiB;QACvB,IAAI,CAAC,IAAI,CAAC,oBAAoB,EAAE;YAC9B,MAAM,KAAK,CAAC,yBAAyB,CAAC,CAAC;SACxC;IACH,CAAC;CACF;AAzdD,4CAydC"}

package/dist/ProofOfPossessionBuilder.d.ts

@@ -0,0 +1,38 @@
+import { AccessTokenResponse, Alg, EndpointMetadata, Jwt, OpenId4VCIVersion, ProofOfPossession, ProofOfPossessionCallbacks, Typ } from '@sphereon/oid4vci-common';
+export declare class ProofOfPossessionBuilder {
+    private readonly proof?;
+    private readonly callbacks?;
+    private version;
+    private kid?;
+    private clientId?;
+    private issuer?;
+    private jwt?;
+    private alg?;
+    private jti?;
+    private cNonce?;
+    private typ?;
+    private constructor();
+    static fromJwt({ jwt, callbacks, version, }: {
+        jwt: Jwt;
+        callbacks: ProofOfPossessionCallbacks;
+        version: OpenId4VCIVersion;
+    }): ProofOfPossessionBuilder;
+    static fromAccessTokenResponse({ accessTokenResponse, callbacks, version, }: {
+        accessTokenResponse: AccessTokenResponse;
+        callbacks: ProofOfPossessionCallbacks;
+        version: OpenId4VCIVersion;
+    }): ProofOfPossessionBuilder;
+    static fromProof(proof: ProofOfPossession, version: OpenId4VCIVersion): ProofOfPossessionBuilder;
+    withClientId(clientId: string): ProofOfPossessionBuilder;
+    withKid(kid: string): ProofOfPossessionBuilder;
+    withIssuer(issuer: string): ProofOfPossessionBuilder;
+    withAlg(alg: Alg | string): ProofOfPossessionBuilder;
+    withJti(jti: string): ProofOfPossessionBuilder;
+    withTyp(typ: Typ): ProofOfPossessionBuilder;
+    withAccessTokenNonce(cNonce: string): ProofOfPossessionBuilder;
+    withAccessTokenResponse(accessToken: AccessTokenResponse): ProofOfPossessionBuilder;
+    withEndpointMetadata(endpointMetadata: EndpointMetadata): ProofOfPossessionBuilder;
+    withJwt(jwt: Jwt): ProofOfPossessionBuilder;
+    build(): Promise<ProofOfPossession>;
+}
+//# sourceMappingURL=ProofOfPossessionBuilder.d.ts.map

package/dist/ProofOfPossessionBuilder.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"ProofOfPossessionBuilder.d.ts","sourceRoot":"","sources":["../lib/ProofOfPossessionBuilder.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,mBAAmB,EACnB,GAAG,EACH,gBAAgB,EAChB,GAAG,EAEH,iBAAiB,EAEjB,iBAAiB,EACjB,0BAA0B,EAC1B,GAAG,EACJ,MAAM,0BAA0B,CAAC;AAIlC,qBAAa,wBAAwB;IACnC,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAoB;IAC3C,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAC,CAA6B;IAExD,OAAO,CAAC,OAAO,CAAoB;IAEnC,OAAO,CAAC,GAAG,CAAC,CAAS;IACrB,OAAO,CAAC,QAAQ,CAAC,CAAS;IAC1B,OAAO,CAAC,MAAM,CAAC,CAAS;IACxB,OAAO,CAAC,GAAG,CAAC,CAAM;IAClB,OAAO,CAAC,GAAG,CAAC,CAAS;IACrB,OAAO,CAAC,GAAG,CAAC,CAAS;IACrB,OAAO,CAAC,MAAM,CAAC,CAAS;IACxB,OAAO,CAAC,GAAG,CAAC,CAAM;IAElB,OAAO;IAwBP,MAAM,CAAC,OAAO,CAAC,EACb,GAAG,EACH,SAAS,EACT,OAAO,GACR,EAAE;QACD,GAAG,EAAE,GAAG,CAAC;QACT,SAAS,EAAE,0BAA0B,CAAC;QACtC,OAAO,EAAE,iBAAiB,CAAC;KAC5B,GAAG,wBAAwB;IAI5B,MAAM,CAAC,uBAAuB,CAAC,EAC7B,mBAAmB,EACnB,SAAS,EACT,OAAO,GACR,EAAE;QACD,mBAAmB,EAAE,mBAAmB,CAAC;QACzC,SAAS,EAAE,0BAA0B,CAAC;QACtC,OAAO,EAAE,iBAAiB,CAAC;KAC5B,GAAG,wBAAwB;IAI5B,MAAM,CAAC,SAAS,CAAC,KAAK,EAAE,iBAAiB,EAAE,OAAO,EAAE,iBAAiB,GAAG,wBAAwB;IAIhG,YAAY,CAAC,QAAQ,EAAE,MAAM,GAAG,wBAAwB;IAKxD,OAAO,CAAC,GAAG,EAAE,MAAM,GAAG,wBAAwB;IAK9C,UAAU,CAAC,MAAM,EAAE,MAAM,GAAG,wBAAwB;IAKpD,OAAO,CAAC,GAAG,EAAE,GAAG,GAAG,MAAM,GAAG,wBAAwB;IAKpD,OAAO,CAAC,GAAG,EAAE,MAAM,GAAG,wBAAwB;IAK9C,OAAO,CAAC,GAAG,EAAE,GAAG,GAAG,wBAAwB;IAK3C,oBAAoB,CAAC,MAAM,EAAE,MAAM,GAAG,wBAAwB;IAK9D,uBAAuB,CAAC,WAAW,EAAE,mBAAmB,GAAG,wBAAwB;IAOnF,oBAAoB,CAAC,gBAAgB,EAAE,gBAAgB,GAAG,wBAAwB;IAKlF,OAAO,CAAC,GAAG,EAAE,GAAG,GAAG,wBAAwB;IA+B9B,KAAK,IAAI,OAAO,CAAC,iBAAiB,CAAC;CAoBjD"}

package/dist/ProofOfPossessionBuilder.js

@@ -0,0 +1,129 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.ProofOfPossessionBuilder = void 0;
+const oid4vci_common_1 = require("@sphereon/oid4vci-common");
+const functions_1 = require("./functions");
+class ProofOfPossessionBuilder {
+    constructor({ proof, callbacks, jwt, accessTokenResponse, version, }) {
+        this.proof = proof;
+        this.callbacks = callbacks;
+        if (jwt) {
+            this.withJwt(jwt);
+        }
+        if (accessTokenResponse) {
+            this.withAccessTokenResponse(accessTokenResponse);
+        }
+        this.version = version;
+    }
+    static fromJwt({ jwt, callbacks, version, }) {
+        return new ProofOfPossessionBuilder({ callbacks, jwt, version });
+    }
+    static fromAccessTokenResponse({ accessTokenResponse, callbacks, version, }) {
+        return new ProofOfPossessionBuilder({ callbacks, accessTokenResponse, version });
+    }
+    static fromProof(proof, version) {
+        return new ProofOfPossessionBuilder({ proof, version });
+    }
+    withClientId(clientId) {
+        this.clientId = clientId;
+        return this;
+    }
+    withKid(kid) {
+        this.kid = kid;
+        return this;
+    }
+    withIssuer(issuer) {
+        this.issuer = issuer;
+        return this;
+    }
+    withAlg(alg) {
+        this.alg = alg;
+        return this;
+    }
+    withJti(jti) {
+        this.jti = jti;
+        return this;
+    }
+    withTyp(typ) {
+        this.typ = typ;
+        return this;
+    }
+    withAccessTokenNonce(cNonce) {
+        this.cNonce = cNonce;
+        return this;
+    }
+    withAccessTokenResponse(accessToken) {
+        if (accessToken.c_nonce) {
+            this.withAccessTokenNonce(accessToken.c_nonce);
+        }
+        return this;
+    }
+    withEndpointMetadata(endpointMetadata) {
+        this.withIssuer(endpointMetadata.issuer);
+        return this;
+    }
+    withJwt(jwt) {
+        if (!jwt) {
+            throw new Error(oid4vci_common_1.NO_JWT_PROVIDED);
+        }
+        this.jwt = jwt;
+        if (!jwt.header) {
+            throw Error(`No JWT header present`);
+        }
+        else if (!jwt.payload) {
+            throw Error(`No JWT payload present`);
+        }
+        if (jwt.header.kid) {
+            this.withKid(jwt.header.kid);
+        }
+        if (jwt.header.typ) {
+            this.withTyp(jwt.header.typ);
+        }
+        if (this.version >= oid4vci_common_1.OpenId4VCIVersion.VER_1_0_11) {
+            this.withTyp('openid4vci-proof+jwt');
+        }
+        this.withAlg(jwt.header.alg);
+        if (jwt.payload) {
+            if (jwt.payload.iss)
+                this.withClientId(jwt.payload.iss);
+            if (jwt.payload.aud)
+                this.withIssuer(jwt.payload.aud);
+            if (jwt.payload.jti)
+                this.withJti(jwt.payload.jti);
+            if (jwt.payload.nonce)
+                this.withAccessTokenNonce(jwt.payload.nonce);
+        }
+        return this;
+    }
+    build() {
+        var _a;
+        return __awaiter(this, void 0, void 0, function* () {
+            if (this.proof) {
+                return Promise.resolve(this.proof);
+            }
+            else if (this.callbacks) {
+                return yield (0, functions_1.createProofOfPossession)(this.callbacks, {
+                    typ: (_a = this.typ) !== null && _a !== void 0 ? _a : (this.version < oid4vci_common_1.OpenId4VCIVersion.VER_1_0_11 ? 'jwt' : 'openid4vci-proof+jwt'),
+                    kid: this.kid,
+                    jti: this.jti,
+                    alg: this.alg,
+                    issuer: this.issuer,
+                    clientId: this.clientId,
+                    nonce: this.cNonce,
+                }, this.jwt);
+            }
+            throw new Error(oid4vci_common_1.PROOF_CANT_BE_CONSTRUCTED);
+        });
+    }
+}
+exports.ProofOfPossessionBuilder = ProofOfPossessionBuilder;
+//# sourceMappingURL=ProofOfPossessionBuilder.js.map

package/dist/ProofOfPossessionBuilder.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"ProofOfPossessionBuilder.js","sourceRoot":"","sources":["../lib/ProofOfPossessionBuilder.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,6DAWkC;AAElC,2CAAsD;AAEtD,MAAa,wBAAwB;IAenC,YAAoB,EAClB,KAAK,EACL,SAAS,EACT,GAAG,EACH,mBAAmB,EACnB,OAAO,GAOR;QACC,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC;QACnB,IAAI,CAAC,SAAS,GAAG,SAAS,CAAC;QAC3B,IAAI,GAAG,EAAE;YACP,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;SACnB;QACD,IAAI,mBAAmB,EAAE;YACvB,IAAI,CAAC,uBAAuB,CAAC,mBAAmB,CAAC,CAAC;SACnD;QACD,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;IACzB,CAAC;IAED,MAAM,CAAC,OAAO,CAAC,EACb,GAAG,EACH,SAAS,EACT,OAAO,GAKR;QACC,OAAO,IAAI,wBAAwB,CAAC,EAAE,SAAS,EAAE,GAAG,EAAE,OAAO,EAAE,CAAC,CAAC;IACnE,CAAC;IAED,MAAM,CAAC,uBAAuB,CAAC,EAC7B,mBAAmB,EACnB,SAAS,EACT,OAAO,GAKR;QACC,OAAO,IAAI,wBAAwB,CAAC,EAAE,SAAS,EAAE,mBAAmB,EAAE,OAAO,EAAE,CAAC,CAAC;IACnF,CAAC;IAED,MAAM,CAAC,SAAS,CAAC,KAAwB,EAAE,OAA0B;QACnE,OAAO,IAAI,wBAAwB,CAAC,EAAE,KAAK,EAAE,OAAO,EAAE,CAAC,CAAC;IAC1D,CAAC;IAED,YAAY,CAAC,QAAgB;QAC3B,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAC;QACzB,OAAO,IAAI,CAAC;IACd,CAAC;IAED,OAAO,CAAC,GAAW;QACjB,IAAI,CAAC,GAAG,GAAG,GAAG,CAAC;QACf,OAAO,IAAI,CAAC;IACd,CAAC;IAED,UAAU,CAAC,MAAc;QACvB,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;QACrB,OAAO,IAAI,CAAC;IACd,CAAC;IAED,OAAO,CAAC,GAAiB;QACvB,IAAI,CAAC,GAAG,GAAG,GAAG,CAAC;QACf,OAAO,IAAI,CAAC;IACd,CAAC;IAED,OAAO,CAAC,GAAW;QACjB,IAAI,CAAC,GAAG,GAAG,GAAG,CAAC;QACf,OAAO,IAAI,CAAC;IACd,CAAC;IAED,OAAO,CAAC,GAAQ;QACd,IAAI,CAAC,GAAG,GAAG,GAAG,CAAC;QACf,OAAO,IAAI,CAAC;IACd,CAAC;IAED,oBAAoB,CAAC,MAAc;QACjC,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;QACrB,OAAO,IAAI,CAAC;IACd,CAAC;IAED,uBAAuB,CAAC,WAAgC;QACtD,IAAI,WAAW,CAAC,OAAO,EAAE;YACvB,IAAI,CAAC,oBAAoB,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC;SAChD;QACD,OAAO,IAAI,CAAC;IACd,CAAC;IAED,oBAAoB,CAAC,gBAAkC;QACrD,IAAI,CAAC,UAAU,CAAC,gBAAgB,CAAC,MAAM,CAAC,CAAC;QACzC,OAAO,IAAI,CAAC;IACd,CAAC;IAED,OAAO,CAAC,GAAQ;QACd,IAAI,CAAC,GAAG,EAAE;YACR,MAAM,IAAI,KAAK,CAAC,gCAAe,CAAC,CAAC;SAClC;QACD,IAAI,CAAC,GAAG,GAAG,GAAG,CAAC;QACf,IAAI,CAAC,GAAG,CAAC,MAAM,EAAE;YACf,MAAM,KAAK,CAAC,uBAAuB,CAAC,CAAC;SACtC;aAAM,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE;YACvB,MAAM,KAAK,CAAC,wBAAwB,CAAC,CAAC;SACvC;QAED,IAAI,GAAG,CAAC,MAAM,CAAC,GAAG,EAAE;YAClB,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;SAC9B;QACD,IAAI,GAAG,CAAC,MAAM,CAAC,GAAG,EAAE;YAClB,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,GAAU,CAAC,CAAC;SACrC;QACD,IAAI,IAAI,CAAC,OAAO,IAAI,kCAAiB,CAAC,UAAU,EAAE;YAChD,IAAI,CAAC,OAAO,CAAC,sBAAsB,CAAC,CAAC;SACtC;QACD,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QAE7B,IAAI,GAAG,CAAC,OAAO,EAAE;YACf,IAAI,GAAG,CAAC,OAAO,CAAC,GAAG;gBAAE,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;YACxD,IAAI,GAAG,CAAC,OAAO,CAAC,GAAG;gBAAE,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;YACtD,IAAI,GAAG,CAAC,OAAO,CAAC,GAAG;gBAAE,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;YACnD,IAAI,GAAG,CAAC,OAAO,CAAC,KAAK;gBAAE,IAAI,CAAC,oBAAoB,CAAC,GAAG,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;SACrE;QACD,OAAO,IAAI,CAAC;IACd,CAAC;IAEY,KAAK;;;YAChB,IAAI,IAAI,CAAC,KAAK,EAAE;gBACd,OAAO,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;aACpC;iBAAM,IAAI,IAAI,CAAC,SAAS,EAAE;gBACzB,OAAO,MAAM,IAAA,mCAAuB,EAClC,IAAI,CAAC,SAAS,EACd;oBACE,GAAG,EAAE,MAAA,IAAI,CAAC,GAAG,mCAAI,CAAC,IAAI,CAAC,OAAO,GAAG,kCAAiB,CAAC,UAAU,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,sBAAsB,CAAC;oBAC/F,GAAG,EAAE,IAAI,CAAC,GAAG;oBACb,GAAG,EAAE,IAAI,CAAC,GAAG;oBACb,GAAG,EAAE,IAAI,CAAC,GAAG;oBACb,MAAM,EAAE,IAAI,CAAC,MAAM;oBACnB,QAAQ,EAAE,IAAI,CAAC,QAAQ;oBACvB,KAAK,EAAE,IAAI,CAAC,MAAM;iBACnB,EACD,IAAI,CAAC,GAAG,CACT,CAAC;aACH;YACD,MAAM,IAAI,KAAK,CAAC,0CAAyB,CAAC,CAAC;;KAC5C;CACF;AArKD,4DAqKC"}

package/dist/functions/ProofUtil.d.ts

@@ -0,0 +1,29 @@
+import { Jwt, ProofOfPossession, ProofOfPossessionCallbacks, Typ } from '@sphereon/oid4vci-common';
+/**
+ *
+ *  - proofOfPossessionCallback: JWTSignerCallback
+ *    Mandatory if you want to create (sign) ProofOfPossession
+ *  - proofOfPossessionVerifierCallback?: JWTVerifyCallback
+ *    If exists, verifies the ProofOfPossession
+ *  - proofOfPossessionCallbackArgs: ProofOfPossessionCallbackArgs
+ *    arguments needed for signing ProofOfPossession
+ * @param callbacks:
+ *    - proofOfPossessionCallback: JWTSignerCallback
+ *      Mandatory to create (sign) ProofOfPossession
+ *    - proofOfPossessionVerifierCallback?: JWTVerifyCallback
+ *      If exists, verifies the ProofOfPossession
+ * @param jwtProps
+ * @param existingJwt
+ *  - Optional, clientId of the party requesting the credential
+ */
+export declare const createProofOfPossession: (callbacks: ProofOfPossessionCallbacks, jwtProps?: JwtProps, existingJwt?: Jwt) => Promise<ProofOfPossession>;
+export interface JwtProps {
+    typ?: Typ;
+    kid?: string;
+    issuer?: string;
+    clientId?: string;
+    alg?: string;
+    jti?: string;
+    nonce?: string;
+}
+//# sourceMappingURL=ProofUtil.d.ts.map

package/dist/functions/ProofUtil.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"ProofUtil.d.ts","sourceRoot":"","sources":["../../lib/functions/ProofUtil.ts"],"names":[],"mappings":"AAAA,OAAO,EAA6B,GAAG,EAAyB,iBAAiB,EAAE,0BAA0B,EAAE,GAAG,EAAE,MAAM,0BAA0B,CAAC;AAKrJ;;;;;;;;;;;;;;;;GAgBG;AACH,eAAO,MAAM,uBAAuB,cACvB,0BAA0B,aAC1B,QAAQ,gBACL,GAAG,KAChB,QAAQ,iBAAiB,CA0B3B,CAAC;AAQF,MAAM,WAAW,QAAQ;IACvB,GAAG,CAAC,EAAE,GAAG,CAAC;IACV,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB"}