@sphereon/oid4vci-client 0.2.0 → 0.4.1-unstable.247

package/dist/AccessTokenClient.d.ts

@@ -0,0 +1,30 @@
+import { AccessTokenRequest, AccessTokenRequestOpts, AccessTokenResponse, AuthorizationServerOpts, EndpointMetadata, IssuerOpts, OpenIDResponse } from '@sphereon/oid4vci-common';
+export declare class AccessTokenClient {
+    acquireAccessToken({ credentialOffer, asOpts, pin, codeVerifier, code, redirectUri, metadata, }: AccessTokenRequestOpts): Promise<OpenIDResponse<AccessTokenResponse>>;
+    acquireAccessTokenUsingRequest({ accessTokenRequest, isPinRequired, metadata, asOpts, issuerOpts, }: {
+        accessTokenRequest: AccessTokenRequest;
+        isPinRequired?: boolean;
+        metadata?: EndpointMetadata;
+        asOpts?: AuthorizationServerOpts;
+        issuerOpts?: IssuerOpts;
+    }): Promise<OpenIDResponse<AccessTokenResponse>>;
+    createAccessTokenRequest({ credentialOffer, asOpts, pin, codeVerifier, code, redirectUri, }: AccessTokenRequestOpts): Promise<AccessTokenRequest>;
+    private assertPreAuthorizedGrantType;
+    private assertAuthorizationGrantType;
+    private isPinRequiredValue;
+    private assertNumericPin;
+    private assertNonEmptyPreAuthorizedCode;
+    private assertNonEmptyCodeVerifier;
+    private assertNonEmptyCode;
+    private assertNonEmptyRedirectUri;
+    private validate;
+    private sendAuthCode;
+    static determineTokenURL({ asOpts, issuerOpts, metadata, }: {
+        asOpts?: AuthorizationServerOpts;
+        issuerOpts?: IssuerOpts;
+        metadata?: EndpointMetadata;
+    }): string;
+    private static creatTokenURLFromURL;
+    private throwNotSupportedFlow;
+}
+//# sourceMappingURL=AccessTokenClient.d.ts.map

package/dist/AccessTokenClient.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"AccessTokenClient.d.ts","sourceRoot":"","sources":["../lib/AccessTokenClient.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,kBAAkB,EAClB,sBAAsB,EACtB,mBAAmB,EACnB,uBAAuB,EAIvB,gBAAgB,EAKhB,UAAU,EACV,cAAc,EAGf,MAAM,0BAA0B,CAAC;AASlC,qBAAa,iBAAiB;IACf,kBAAkB,CAAC,EAC9B,eAAe,EACf,MAAM,EACN,GAAG,EACH,YAAY,EACZ,IAAI,EACJ,WAAW,EACX,QAAQ,GACT,EAAE,sBAAsB,GAAG,OAAO,CAAC,cAAc,CAAC,mBAAmB,CAAC,CAAC;IAwB3D,8BAA8B,CAAC,EAC1C,kBAAkB,EAClB,aAAa,EACb,QAAQ,EACR,MAAM,EACN,UAAU,GACX,EAAE;QACD,kBAAkB,EAAE,kBAAkB,CAAC;QACvC,aAAa,CAAC,EAAE,OAAO,CAAC;QACxB,QAAQ,CAAC,EAAE,gBAAgB,CAAC;QAC5B,MAAM,CAAC,EAAE,uBAAuB,CAAC;QACjC,UAAU,CAAC,EAAE,UAAU,CAAC;KACzB,GAAG,OAAO,CAAC,cAAc,CAAC,mBAAmB,CAAC,CAAC;IAcnC,wBAAwB,CAAC,EACpC,eAAe,EACf,MAAM,EACN,GAAG,EACH,YAAY,EACZ,IAAI,EACJ,WAAW,GACZ,EAAE,sBAAsB,GAAG,OAAO,CAAC,kBAAkB,CAAC;IAoCvD,OAAO,CAAC,4BAA4B;IAMpC,OAAO,CAAC,4BAA4B;IAMpC,OAAO,CAAC,kBAAkB;IAyB1B,OAAO,CAAC,gBAAgB;IAYxB,OAAO,CAAC,+BAA+B;IAOvC,OAAO,CAAC,0BAA0B;IAOlC,OAAO,CAAC,kBAAkB;IAO1B,OAAO,CAAC,yBAAyB;IAOjC,OAAO,CAAC,QAAQ;YAeF,YAAY;WAIZ,iBAAiB,CAAC,EAC9B,MAAM,EACN,UAAU,EACV,QAAQ,GACT,EAAE;QACD,MAAM,CAAC,EAAE,uBAAuB,CAAC;QACjC,UAAU,CAAC,EAAE,UAAU,CAAC;QACxB,QAAQ,CAAC,EAAE,gBAAgB,CAAC;KAC7B,GAAG,MAAM;IAuBV,OAAO,CAAC,MAAM,CAAC,oBAAoB;IAUnC,OAAO,CAAC,qBAAqB;CAI9B"}

package/dist/AccessTokenClient.js

@@ -0,0 +1,226 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AccessTokenClient = void 0;
+const oid4vci_common_1 = require("@sphereon/oid4vci-common");
+const ssi_types_1 = require("@sphereon/ssi-types");
+const debug_1 = __importDefault(require("debug"));
+const MetadataClient_1 = require("./MetadataClient");
+const functions_1 = require("./functions");
+const debug = (0, debug_1.default)('sphereon:openid4vci:token');
+class AccessTokenClient {
+    acquireAccessToken({ credentialOffer, asOpts, pin, codeVerifier, code, redirectUri, metadata, }) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const { request } = credentialOffer;
+            const isPinRequired = this.isPinRequiredValue(request);
+            const issuerOpts = {
+                issuer: (0, oid4vci_common_1.getIssuerFromCredentialOfferPayload)(request) ? (0, oid4vci_common_1.getIssuerFromCredentialOfferPayload)(request) : metadata === null || metadata === void 0 ? void 0 : metadata.issuer,
+            };
+            return yield this.acquireAccessTokenUsingRequest({
+                accessTokenRequest: yield this.createAccessTokenRequest({
+                    credentialOffer,
+                    asOpts,
+                    codeVerifier,
+                    code,
+                    redirectUri,
+                    pin,
+                }),
+                isPinRequired,
+                metadata,
+                asOpts,
+                issuerOpts,
+            });
+        });
+    }
+    acquireAccessTokenUsingRequest({ accessTokenRequest, isPinRequired, metadata, asOpts, issuerOpts, }) {
+        return __awaiter(this, void 0, void 0, function* () {
+            this.validate(accessTokenRequest, isPinRequired);
+            const requestTokenURL = AccessTokenClient.determineTokenURL({
+                asOpts,
+                issuerOpts,
+                metadata: metadata
+                    ? metadata
+                    : (issuerOpts === null || issuerOpts === void 0 ? void 0 : issuerOpts.fetchMetadata)
+                        ? yield MetadataClient_1.MetadataClient.retrieveAllMetadata(issuerOpts.issuer, { errorOnNotFound: false })
+                        : undefined,
+            });
+            return this.sendAuthCode(requestTokenURL, accessTokenRequest);
+        });
+    }
+    createAccessTokenRequest({ credentialOffer, asOpts, pin, codeVerifier, code, redirectUri, }) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const credentialOfferRequest = credentialOffer.request;
+            const request = {};
+            if (asOpts === null || asOpts === void 0 ? void 0 : asOpts.clientId) {
+                request.client_id = asOpts.clientId;
+            }
+            this.assertNumericPin(this.isPinRequiredValue(credentialOfferRequest), pin);
+            request.user_pin = pin;
+            if (credentialOfferRequest[oid4vci_common_1.PRE_AUTH_CODE_LITERAL]) {
+                if (codeVerifier) {
+                    throw new Error('Cannot pass a code_verifier when flow type is pre-authorized');
+                }
+                request.grant_type = oid4vci_common_1.GrantTypes.PRE_AUTHORIZED_CODE;
+                //todo: handle this for v11
+                request[oid4vci_common_1.PRE_AUTH_CODE_LITERAL] = credentialOfferRequest[oid4vci_common_1.PRE_AUTH_CODE_LITERAL];
+            }
+            if ('op_state' in credentialOfferRequest || 'issuer_state' in credentialOfferRequest) {
+                this.throwNotSupportedFlow();
+                request.grant_type = oid4vci_common_1.GrantTypes.AUTHORIZATION_CODE;
+            }
+            if (codeVerifier) {
+                request.code_verifier = codeVerifier;
+                request.code = code;
+                request.redirect_uri = redirectUri;
+                request.grant_type = oid4vci_common_1.GrantTypes.AUTHORIZATION_CODE;
+            }
+            //todo: handle this for v11
+            if (request.grant_type === oid4vci_common_1.GrantTypes.AUTHORIZATION_CODE && credentialOfferRequest[oid4vci_common_1.PRE_AUTH_CODE_LITERAL]) {
+                throw Error('A pre_authorized_code flow cannot have an op_state in the initiation request');
+            }
+            return request;
+        });
+    }
+    assertPreAuthorizedGrantType(grantType) {
+        if (oid4vci_common_1.GrantTypes.PRE_AUTHORIZED_CODE !== grantType) {
+            throw new Error("grant type must be 'urn:ietf:params:oauth:grant-type:pre-authorized_code'");
+        }
+    }
+    assertAuthorizationGrantType(grantType) {
+        if (oid4vci_common_1.GrantTypes.AUTHORIZATION_CODE !== grantType) {
+            throw new Error("grant type must be 'authorization_code'");
+        }
+    }
+    isPinRequiredValue(requestPayload) {
+        let isPinRequired = false;
+        if (!requestPayload) {
+            throw new Error(oid4vci_common_1.TokenErrorResponse.invalid_request);
+        }
+        const issuer = (0, oid4vci_common_1.getIssuerFromCredentialOfferPayload)(requestPayload);
+        if ((0, oid4vci_common_1.isCredentialOfferV1_0_09)(requestPayload)) {
+            requestPayload = requestPayload;
+            if (typeof requestPayload.user_pin_required === 'string') {
+                isPinRequired = requestPayload.user_pin_required.toLowerCase() === 'true';
+            }
+            else if (typeof requestPayload.user_pin_required === 'boolean') {
+                isPinRequired = requestPayload.user_pin_required;
+            }
+        }
+        else if ((0, oid4vci_common_1.isCredentialOfferV1_0_11)(requestPayload)) {
+            requestPayload = requestPayload;
+            // eslint-disable-next-line @typescript-eslint/no-non-null-assertion
+            if ('grants' in requestPayload && 'urn:ietf:params:oauth:grant-type:pre-authorized_code' in requestPayload.grants) {
+                // eslint-disable-next-line @typescript-eslint/no-non-null-assertion
+                isPinRequired = requestPayload.grants['urn:ietf:params:oauth:grant-type:pre-authorized_code'].user_pin_required;
+            }
+        }
+        debug(`Pin required for issuer ${issuer}: ${isPinRequired}`);
+        return isPinRequired;
+    }
+    assertNumericPin(isPinRequired, pin) {
+        if (isPinRequired) {
+            if (!pin || !/^\d{1,8}$/.test(pin)) {
+                debug(`Pin is not 1 to 8 digits long`);
+                throw new Error('A valid pin consisting of maximal 8 numeric characters must be present.');
+            }
+        }
+        else if (pin) {
+            debug(`Pin set, whilst not required`);
+            throw new Error('Cannot set a pin, when the pin is not required.');
+        }
+    }
+    assertNonEmptyPreAuthorizedCode(accessTokenRequest) {
+        if (!accessTokenRequest[oid4vci_common_1.PRE_AUTH_CODE_LITERAL]) {
+            debug(`No pre-authorized code present, whilst it is required`);
+            throw new Error('Pre-authorization must be proven by presenting the pre-authorized code. Code must be present.');
+        }
+    }
+    assertNonEmptyCodeVerifier(accessTokenRequest) {
+        if (!accessTokenRequest.code_verifier) {
+            debug('No code_verifier present, whilst it is required');
+            throw new Error('Authorization flow requires the code_verifier to be present');
+        }
+    }
+    assertNonEmptyCode(accessTokenRequest) {
+        if (!accessTokenRequest.code) {
+            debug('No code present, whilst it is required');
+            throw new Error('Authorization flow requires the code to be present');
+        }
+    }
+    assertNonEmptyRedirectUri(accessTokenRequest) {
+        if (!accessTokenRequest.redirect_uri) {
+            debug('No redirect_uri present, whilst it is required');
+            throw new Error('Authorization flow requires the redirect_uri to be present');
+        }
+    }
+    validate(accessTokenRequest, isPinRequired) {
+        if (accessTokenRequest.grant_type === oid4vci_common_1.GrantTypes.PRE_AUTHORIZED_CODE) {
+            this.assertPreAuthorizedGrantType(accessTokenRequest.grant_type);
+            this.assertNonEmptyPreAuthorizedCode(accessTokenRequest);
+            this.assertNumericPin(isPinRequired, accessTokenRequest.user_pin);
+        }
+        else if (accessTokenRequest.grant_type === oid4vci_common_1.GrantTypes.AUTHORIZATION_CODE) {
+            this.assertAuthorizationGrantType(accessTokenRequest.grant_type);
+            this.assertNonEmptyCodeVerifier(accessTokenRequest);
+            this.assertNonEmptyCode(accessTokenRequest);
+            this.assertNonEmptyRedirectUri(accessTokenRequest);
+        }
+        else {
+            this.throwNotSupportedFlow;
+        }
+    }
+    sendAuthCode(requestTokenURL, accessTokenRequest) {
+        return __awaiter(this, void 0, void 0, function* () {
+            return yield (0, functions_1.formPost)(requestTokenURL, (0, functions_1.convertJsonToURI)(accessTokenRequest));
+        });
+    }
+    static determineTokenURL({ asOpts, issuerOpts, metadata, }) {
+        if (!asOpts && !(metadata === null || metadata === void 0 ? void 0 : metadata.token_endpoint) && !issuerOpts) {
+            throw new Error('Cannot determine token URL if no issuer, metadata and no Authorization Server values are present');
+        }
+        let url;
+        if (asOpts && asOpts.as) {
+            url = this.creatTokenURLFromURL(asOpts.as, asOpts === null || asOpts === void 0 ? void 0 : asOpts.allowInsecureEndpoints, asOpts.tokenEndpoint);
+        }
+        else if (metadata === null || metadata === void 0 ? void 0 : metadata.token_endpoint) {
+            url = metadata.token_endpoint;
+        }
+        else {
+            if (!issuerOpts) {
+                throw Error('Either authorization server options, a token endpoint or issuer options are required at this point');
+            }
+            url = this.creatTokenURLFromURL(issuerOpts.issuer, asOpts === null || asOpts === void 0 ? void 0 : asOpts.allowInsecureEndpoints, issuerOpts.tokenEndpoint);
+        }
+        if (!url || !ssi_types_1.ObjectUtils.isString(url)) {
+            throw new Error('No authorization server token URL present. Cannot acquire access token');
+        }
+        debug(`Token endpoint determined to be ${url}`);
+        return url;
+    }
+    static creatTokenURLFromURL(url, allowInsecureEndpoints, tokenEndpoint) {
+        if (allowInsecureEndpoints !== true && url.startsWith('http://')) {
+            throw Error(`Unprotected token endpoints are not allowed ${url}`);
+        }
+        const hostname = url.replace(/https?:\/\//, '').replace(/\/$/, '');
+        const endpoint = tokenEndpoint ? (tokenEndpoint.startsWith('/') ? tokenEndpoint : tokenEndpoint.substring(1)) : '/token';
+        // We always require https
+        return `https://${hostname}${endpoint}`;
+    }
+    throwNotSupportedFlow() {
+        debug(`Only pre-authorized flow supported.`);
+        throw new Error('Only pre-authorized-code flow is supported');
+    }
+}
+exports.AccessTokenClient = AccessTokenClient;
+//# sourceMappingURL=AccessTokenClient.js.map

package/dist/AccessTokenClient.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"AccessTokenClient.js","sourceRoot":"","sources":["../lib/AccessTokenClient.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,6DAiBkC;AAClC,mDAAkD;AAClD,kDAA0B;AAE1B,qDAAkD;AAClD,2CAAyD;AAEzD,MAAM,KAAK,GAAG,IAAA,eAAK,EAAC,2BAA2B,CAAC,CAAC;AAEjD,MAAa,iBAAiB;IACf,kBAAkB,CAAC,EAC9B,eAAe,EACf,MAAM,EACN,GAAG,EACH,YAAY,EACZ,IAAI,EACJ,WAAW,EACX,QAAQ,GACe;;YACvB,MAAM,EAAE,OAAO,EAAE,GAAG,eAAe,CAAC;YAEpC,MAAM,aAAa,GAAG,IAAI,CAAC,kBAAkB,CAAC,OAAO,CAAC,CAAC;YACvD,MAAM,UAAU,GAAG;gBACjB,MAAM,EAAE,IAAA,oDAAmC,EAAC,OAAO,CAAC,CAAC,CAAC,CAAE,IAAA,oDAAmC,EAAC,OAAO,CAAY,CAAC,CAAC,CAAE,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,MAAiB;aAC/I,CAAC;YAEF,OAAO,MAAM,IAAI,CAAC,8BAA8B,CAAC;gBAC/C,kBAAkB,EAAE,MAAM,IAAI,CAAC,wBAAwB,CAAC;oBACtD,eAAe;oBACf,MAAM;oBACN,YAAY;oBACZ,IAAI;oBACJ,WAAW;oBACX,GAAG;iBACJ,CAAC;gBACF,aAAa;gBACb,QAAQ;gBACR,MAAM;gBACN,UAAU;aACX,CAAC,CAAC;QACL,CAAC;KAAA;IAEY,8BAA8B,CAAC,EAC1C,kBAAkB,EAClB,aAAa,EACb,QAAQ,EACR,MAAM,EACN,UAAU,GAOX;;YACC,IAAI,CAAC,QAAQ,CAAC,kBAAkB,EAAE,aAAa,CAAC,CAAC;YACjD,MAAM,eAAe,GAAG,iBAAiB,CAAC,iBAAiB,CAAC;gBAC1D,MAAM;gBACN,UAAU;gBACV,QAAQ,EAAE,QAAQ;oBAChB,CAAC,CAAC,QAAQ;oBACV,CAAC,CAAC,CAAA,UAAU,aAAV,UAAU,uBAAV,UAAU,CAAE,aAAa;wBAC3B,CAAC,CAAC,MAAM,+BAAc,CAAC,mBAAmB,CAAC,UAAU,CAAC,MAAM,EAAE,EAAE,eAAe,EAAE,KAAK,EAAE,CAAC;wBACzF,CAAC,CAAC,SAAS;aACd,CAAC,CAAC;YACH,OAAO,IAAI,CAAC,YAAY,CAAC,eAAe,EAAE,kBAAkB,CAAC,CAAC;QAChE,CAAC;KAAA;IAEY,wBAAwB,CAAC,EACpC,eAAe,EACf,MAAM,EACN,GAAG,EACH,YAAY,EACZ,IAAI,EACJ,WAAW,GACY;;YACvB,MAAM,sBAAsB,GAAG,eAAe,CAAC,OAAO,CAAC;YACvD,MAAM,OAAO,GAAgC,EAAE,CAAC;YAChD,IAAI,MAAM,aAAN,MAAM,uBAAN,MAAM,CAAE,QAAQ,EAAE;gBACpB,OAAO,CAAC,SAAS,GAAG,MAAM,CAAC,QAAQ,CAAC;aACrC;YAED,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAAC,kBAAkB,CAAC,sBAAsB,CAAC,EAAE,GAAG,CAAC,CAAC;YAC5E,OAAO,CAAC,QAAQ,GAAG,GAAG,CAAC;YAEvB,IAAI,sBAAsB,CAAC,sCAAqD,CAAC,EAAE;gBACjF,IAAI,YAAY,EAAE;oBAChB,MAAM,IAAI,KAAK,CAAC,8DAA8D,CAAC,CAAC;iBACjF;gBACD,OAAO,CAAC,UAAU,GAAG,2BAAU,CAAC,mBAAmB,CAAC;gBACpD,2BAA2B;gBAC3B,OAAO,CAAC,sCAAqB,CAAC,GAAI,sBAAwD,CAAC,sCAAqB,CAAC,CAAC;aACnH;YACD,IAAI,UAAU,IAAI,sBAAsB,IAAI,cAAc,IAAI,sBAAsB,EAAE;gBACpF,IAAI,CAAC,qBAAqB,EAAE,CAAC;gBAC7B,OAAO,CAAC,UAAU,GAAG,2BAAU,CAAC,kBAAkB,CAAC;aACpD;YACD,IAAI,YAAY,EAAE;gBAChB,OAAO,CAAC,aAAa,GAAG,YAAY,CAAC;gBACrC,OAAO,CAAC,IAAI,GAAG,IAAI,CAAC;gBACpB,OAAO,CAAC,YAAY,GAAG,WAAW,CAAC;gBACnC,OAAO,CAAC,UAAU,GAAG,2BAAU,CAAC,kBAAkB,CAAC;aACpD;YACD,2BAA2B;YAC3B,IAAI,OAAO,CAAC,UAAU,KAAK,2BAAU,CAAC,kBAAkB,IAAK,sBAAwD,CAAC,sCAAqB,CAAC,EAAE;gBAC5I,MAAM,KAAK,CAAC,8EAA8E,CAAC,CAAC;aAC7F;YAED,OAAO,OAA6B,CAAC;QACvC,CAAC;KAAA;IAEO,4BAA4B,CAAC,SAAqB;QACxD,IAAI,2BAAU,CAAC,mBAAmB,KAAK,SAAS,EAAE;YAChD,MAAM,IAAI,KAAK,CAAC,2EAA2E,CAAC,CAAC;SAC9F;IACH,CAAC;IAEO,4BAA4B,CAAC,SAAqB;QACxD,IAAI,2BAAU,CAAC,kBAAkB,KAAK,SAAS,EAAE;YAC/C,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC,CAAC;SAC5D;IACH,CAAC;IAEO,kBAAkB,CAAC,cAAsC;QAC/D,IAAI,aAAa,GAAG,KAAK,CAAC;QAC1B,IAAI,CAAC,cAAc,EAAE;YACnB,MAAM,IAAI,KAAK,CAAC,mCAAkB,CAAC,eAAe,CAAC,CAAC;SACrD;QACD,MAAM,MAAM,GAAG,IAAA,oDAAmC,EAAC,cAAc,CAAC,CAAC;QACnE,IAAI,IAAA,yCAAwB,EAAC,cAAc,CAAC,EAAE;YAC5C,cAAc,GAAG,cAA+C,CAAC;YACjE,IAAI,OAAO,cAAc,CAAC,iBAAiB,KAAK,QAAQ,EAAE;gBACxD,aAAa,GAAG,cAAc,CAAC,iBAAiB,CAAC,WAAW,EAAE,KAAK,MAAM,CAAC;aAC3E;iBAAM,IAAI,OAAO,cAAc,CAAC,iBAAiB,KAAK,SAAS,EAAE;gBAChE,aAAa,GAAG,cAAc,CAAC,iBAAiB,CAAC;aAClD;SACF;aAAM,IAAI,IAAA,yCAAwB,EAAC,cAAc,CAAC,EAAE;YACnD,cAAc,GAAG,cAA+C,CAAC;YACjE,oEAAoE;YACpE,IAAI,QAAQ,IAAI,cAAc,IAAI,sDAAsD,IAAI,cAAc,CAAC,MAAO,EAAE;gBAClH,oEAAoE;gBACpE,aAAa,GAAG,cAAe,CAAC,MAAO,CAAC,sDAAsD,CAAE,CAAC,iBAAiB,CAAC;aACpH;SACF;QACD,KAAK,CAAC,2BAA2B,MAAM,KAAK,aAAa,EAAE,CAAC,CAAC;QAC7D,OAAO,aAAa,CAAC;IACvB,CAAC;IAEO,gBAAgB,CAAC,aAAuB,EAAE,GAAY;QAC5D,IAAI,aAAa,EAAE;YACjB,IAAI,CAAC,GAAG,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE;gBAClC,KAAK,CAAC,+BAA+B,CAAC,CAAC;gBACvC,MAAM,IAAI,KAAK,CAAC,yEAAyE,CAAC,CAAC;aAC5F;SACF;aAAM,IAAI,GAAG,EAAE;YACd,KAAK,CAAC,8BAA8B,CAAC,CAAC;YACtC,MAAM,IAAI,KAAK,CAAC,iDAAiD,CAAC,CAAC;SACpE;IACH,CAAC;IAEO,+BAA+B,CAAC,kBAAsC;QAC5E,IAAI,CAAC,kBAAkB,CAAC,sCAAqB,CAAC,EAAE;YAC9C,KAAK,CAAC,uDAAuD,CAAC,CAAC;YAC/D,MAAM,IAAI,KAAK,CAAC,+FAA+F,CAAC,CAAC;SAClH;IACH,CAAC;IAEO,0BAA0B,CAAC,kBAAsC;QACvE,IAAI,CAAC,kBAAkB,CAAC,aAAa,EAAE;YACrC,KAAK,CAAC,iDAAiD,CAAC,CAAC;YACzD,MAAM,IAAI,KAAK,CAAC,6DAA6D,CAAC,CAAC;SAChF;IACH,CAAC;IAEO,kBAAkB,CAAC,kBAAsC;QAC/D,IAAI,CAAC,kBAAkB,CAAC,IAAI,EAAE;YAC5B,KAAK,CAAC,wCAAwC,CAAC,CAAC;YAChD,MAAM,IAAI,KAAK,CAAC,oDAAoD,CAAC,CAAC;SACvE;IACH,CAAC;IAEO,yBAAyB,CAAC,kBAAsC;QACtE,IAAI,CAAC,kBAAkB,CAAC,YAAY,EAAE;YACpC,KAAK,CAAC,gDAAgD,CAAC,CAAC;YACxD,MAAM,IAAI,KAAK,CAAC,4DAA4D,CAAC,CAAC;SAC/E;IACH,CAAC;IAEO,QAAQ,CAAC,kBAAsC,EAAE,aAAuB;QAC9E,IAAI,kBAAkB,CAAC,UAAU,KAAK,2BAAU,CAAC,mBAAmB,EAAE;YACpE,IAAI,CAAC,4BAA4B,CAAC,kBAAkB,CAAC,UAAU,CAAC,CAAC;YACjE,IAAI,CAAC,+BAA+B,CAAC,kBAAkB,CAAC,CAAC;YACzD,IAAI,CAAC,gBAAgB,CAAC,aAAa,EAAE,kBAAkB,CAAC,QAAQ,CAAC,CAAC;SACnE;aAAM,IAAI,kBAAkB,CAAC,UAAU,KAAK,2BAAU,CAAC,kBAAkB,EAAE;YAC1E,IAAI,CAAC,4BAA4B,CAAC,kBAAkB,CAAC,UAAU,CAAC,CAAC;YACjE,IAAI,CAAC,0BAA0B,CAAC,kBAAkB,CAAC,CAAC;YACpD,IAAI,CAAC,kBAAkB,CAAC,kBAAkB,CAAC,CAAC;YAC5C,IAAI,CAAC,yBAAyB,CAAC,kBAAkB,CAAC,CAAC;SACpD;aAAM;YACL,IAAI,CAAC,qBAAqB,CAAC;SAC5B;IACH,CAAC;IAEa,YAAY,CAAC,eAAuB,EAAE,kBAAsC;;YACxF,OAAO,MAAM,IAAA,oBAAQ,EAAC,eAAe,EAAE,IAAA,4BAAgB,EAAC,kBAAkB,CAAC,CAAC,CAAC;QAC/E,CAAC;KAAA;IAEM,MAAM,CAAC,iBAAiB,CAAC,EAC9B,MAAM,EACN,UAAU,EACV,QAAQ,GAKT;QACC,IAAI,CAAC,MAAM,IAAI,CAAC,CAAA,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,cAAc,CAAA,IAAI,CAAC,UAAU,EAAE;YACvD,MAAM,IAAI,KAAK,CAAC,kGAAkG,CAAC,CAAC;SACrH;QACD,IAAI,GAAG,CAAC;QACR,IAAI,MAAM,IAAI,MAAM,CAAC,EAAE,EAAE;YACvB,GAAG,GAAG,IAAI,CAAC,oBAAoB,CAAC,MAAM,CAAC,EAAE,EAAE,MAAM,aAAN,MAAM,uBAAN,MAAM,CAAE,sBAAsB,EAAE,MAAM,CAAC,aAAa,CAAC,CAAC;SAClG;aAAM,IAAI,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,cAAc,EAAE;YACnC,GAAG,GAAG,QAAQ,CAAC,cAAc,CAAC;SAC/B;aAAM;YACL,IAAI,CAAC,UAAU,EAAE;gBACf,MAAM,KAAK,CAAC,oGAAoG,CAAC,CAAC;aACnH;YACD,GAAG,GAAG,IAAI,CAAC,oBAAoB,CAAC,UAAU,CAAC,MAAM,EAAE,MAAM,aAAN,MAAM,uBAAN,MAAM,CAAE,sBAAsB,EAAE,UAAU,CAAC,aAAa,CAAC,CAAC;SAC9G;QAED,IAAI,CAAC,GAAG,IAAI,CAAC,uBAAW,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE;YACtC,MAAM,IAAI,KAAK,CAAC,wEAAwE,CAAC,CAAC;SAC3F;QACD,KAAK,CAAC,mCAAmC,GAAG,EAAE,CAAC,CAAC;QAChD,OAAO,GAAG,CAAC;IACb,CAAC;IAEO,MAAM,CAAC,oBAAoB,CAAC,GAAW,EAAE,sBAAgC,EAAE,aAAsB;QACvG,IAAI,sBAAsB,KAAK,IAAI,IAAI,GAAG,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE;YAChE,MAAM,KAAK,CAAC,+CAA+C,GAAG,EAAE,CAAC,CAAC;SACnE;QACD,MAAM,QAAQ,GAAG,GAAG,CAAC,OAAO,CAAC,aAAa,EAAE,EAAE,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;QACnE,MAAM,QAAQ,GAAG,aAAa,CAAC,CAAC,CAAC,CAAC,aAAa,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,aAAa,CAAC,CAAC,CAAC,aAAa,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC;QACzH,0BAA0B;QAC1B,OAAO,WAAW,QAAQ,GAAG,QAAQ,EAAE,CAAC;IAC1C,CAAC;IAEO,qBAAqB;QAC3B,KAAK,CAAC,qCAAqC,CAAC,CAAC;QAC7C,MAAM,IAAI,KAAK,CAAC,4CAA4C,CAAC,CAAC;IAChE,CAAC;CACF;AAnPD,8CAmPC"}

package/dist/AuthorizationDetailsBuilder.d.ts

@@ -0,0 +1,11 @@
+import { AuthorizationDetailsJwtVcJson, CredentialFormatEnum } from '@sphereon/oid4vci-common';
+export declare class AuthorizationDetailsBuilder {
+    private readonly authorizationDetails;
+    constructor();
+    withType(type: string): AuthorizationDetailsBuilder;
+    withFormats(format: CredentialFormatEnum): AuthorizationDetailsBuilder;
+    withLocations(locations: string[]): AuthorizationDetailsBuilder;
+    addLocation(location: string): AuthorizationDetailsBuilder;
+    buildJwtVcJson(): AuthorizationDetailsJwtVcJson;
+}
+//# sourceMappingURL=AuthorizationDetailsBuilder.d.ts.map

package/dist/AuthorizationDetailsBuilder.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"AuthorizationDetailsBuilder.d.ts","sourceRoot":"","sources":["../lib/AuthorizationDetailsBuilder.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,6BAA6B,EAAE,oBAAoB,EAAE,MAAM,0BAA0B,CAAC;AAG/F,qBAAa,2BAA2B;IACtC,OAAO,CAAC,QAAQ,CAAC,oBAAoB,CAAyC;;IAM9E,QAAQ,CAAC,IAAI,EAAE,MAAM,GAAG,2BAA2B;IAKnD,WAAW,CAAC,MAAM,EAAE,oBAAoB,GAAG,2BAA2B;IAKtE,aAAa,CAAC,SAAS,EAAE,MAAM,EAAE,GAAG,2BAA2B;IAS/D,WAAW,CAAC,QAAQ,EAAE,MAAM,GAAG,2BAA2B;IAU1D,cAAc,IAAI,6BAA6B;CAMhD"}

package/dist/AuthorizationDetailsBuilder.js

@@ -0,0 +1,44 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AuthorizationDetailsBuilder = void 0;
+//todo: refactor this builder to be able to create ldp details as well
+class AuthorizationDetailsBuilder {
+    constructor() {
+        this.authorizationDetails = {};
+    }
+    withType(type) {
+        this.authorizationDetails.type = type;
+        return this;
+    }
+    withFormats(format) {
+        this.authorizationDetails.format = format;
+        return this;
+    }
+    withLocations(locations) {
+        if (this.authorizationDetails.locations) {
+            this.authorizationDetails.locations.push(...locations);
+        }
+        else {
+            this.authorizationDetails.locations = locations;
+        }
+        return this;
+    }
+    addLocation(location) {
+        if (this.authorizationDetails.locations) {
+            this.authorizationDetails.locations.push(location);
+        }
+        else {
+            this.authorizationDetails.locations = [location];
+        }
+        return this;
+    }
+    //todo: we have to consider one thing, if this is a general purpose builder, we want to support ldp types here as well. and for that we need a few checks.
+    buildJwtVcJson() {
+        if (this.authorizationDetails.format && this.authorizationDetails.type) {
+            return this.authorizationDetails;
+        }
+        throw new Error('Type and format are required properties');
+    }
+}
+exports.AuthorizationDetailsBuilder = AuthorizationDetailsBuilder;
+//# sourceMappingURL=AuthorizationDetailsBuilder.js.map

package/dist/AuthorizationDetailsBuilder.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"AuthorizationDetailsBuilder.js","sourceRoot":"","sources":["../lib/AuthorizationDetailsBuilder.ts"],"names":[],"mappings":";;;AAEA,sEAAsE;AACtE,MAAa,2BAA2B;IAGtC;QACE,IAAI,CAAC,oBAAoB,GAAG,EAAE,CAAC;IACjC,CAAC;IAED,QAAQ,CAAC,IAAY;QACnB,IAAI,CAAC,oBAAoB,CAAC,IAAI,GAAG,IAAI,CAAC;QACtC,OAAO,IAAI,CAAC;IACd,CAAC;IAED,WAAW,CAAC,MAA4B;QACtC,IAAI,CAAC,oBAAoB,CAAC,MAAM,GAAG,MAAM,CAAC;QAC1C,OAAO,IAAI,CAAC;IACd,CAAC;IAED,aAAa,CAAC,SAAmB;QAC/B,IAAI,IAAI,CAAC,oBAAoB,CAAC,SAAS,EAAE;YACvC,IAAI,CAAC,oBAAoB,CAAC,SAAS,CAAC,IAAI,CAAC,GAAG,SAAS,CAAC,CAAC;SACxD;aAAM;YACL,IAAI,CAAC,oBAAoB,CAAC,SAAS,GAAG,SAAS,CAAC;SACjD;QACD,OAAO,IAAI,CAAC;IACd,CAAC;IAED,WAAW,CAAC,QAAgB;QAC1B,IAAI,IAAI,CAAC,oBAAoB,CAAC,SAAS,EAAE;YACvC,IAAI,CAAC,oBAAoB,CAAC,SAAS,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;SACpD;aAAM;YACL,IAAI,CAAC,oBAAoB,CAAC,SAAS,GAAG,CAAC,QAAQ,CAAC,CAAC;SAClD;QACD,OAAO,IAAI,CAAC;IACd,CAAC;IAED,0JAA0J;IAC1J,cAAc;QACZ,IAAI,IAAI,CAAC,oBAAoB,CAAC,MAAM,IAAI,IAAI,CAAC,oBAAoB,CAAC,IAAI,EAAE;YACtE,OAAO,IAAI,CAAC,oBAAqD,CAAC;SACnE;QACD,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC,CAAC;IAC7D,CAAC;CACF;AA1CD,kEA0CC"}

package/dist/CredentialOffer.d.ts

@@ -0,0 +1,6 @@
+import { CredentialOfferRequestWithBaseUrl } from '@sphereon/oid4vci-common';
+export declare class CredentialOffer {
+    static fromURI(uri: string): CredentialOfferRequestWithBaseUrl;
+    static toURI(uri: CredentialOfferRequestWithBaseUrl): string;
+}
+//# sourceMappingURL=CredentialOffer.d.ts.map

package/dist/CredentialOffer.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"CredentialOffer.d.ts","sourceRoot":"","sources":["../lib/CredentialOffer.ts"],"names":[],"mappings":"AAAA,OAAO,EAIL,iCAAiC,EAElC,MAAM,0BAA0B,CAAC;AAQlC,qBAAa,eAAe;WACZ,OAAO,CAAC,GAAG,EAAE,MAAM,GAAG,iCAAiC;WA+BvD,KAAK,CAAC,GAAG,EAAE,iCAAiC,GAAG,MAAM;CAQpE"}

package/dist/CredentialOffer.js

@@ -0,0 +1,49 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.CredentialOffer = void 0;
+const oid4vci_common_1 = require("@sphereon/oid4vci-common");
+const oid4vci_common_2 = require("@sphereon/oid4vci-common");
+const debug_1 = __importDefault(require("debug"));
+const functions_1 = require("./functions");
+const debug = (0, debug_1.default)('sphereon:openid4vci:initiation');
+class CredentialOffer {
+    static fromURI(uri) {
+        debug(`issuance initiation URI: ${uri}`);
+        if (!uri.includes('?')) {
+            debug(`Invalid issuance initiation URI: ${uri}`);
+            throw new Error('Invalid Issuance Initiation Request Payload');
+        }
+        const baseUrl = uri.split('?')[0];
+        const version = (0, oid4vci_common_2.determineSpecVersionFromURI)(uri);
+        const issuanceInitiationRequest = version < oid4vci_common_1.OpenId4VCIVersion.VER_1_0_11
+            ? (0, functions_1.convertURIToJsonObject)(uri, {
+                arrayTypeProperties: ['credential_type'],
+                requiredProperties: ['issuer', 'credential_type'],
+            })
+            : (0, functions_1.convertURIToJsonObject)(uri, {
+                arrayTypeProperties: ['credentials'],
+                requiredProperties: ['credentials', 'credential_issuer'],
+            });
+        const request = version < oid4vci_common_1.OpenId4VCIVersion.VER_1_0_11.valueOf()
+            ? issuanceInitiationRequest
+            : issuanceInitiationRequest;
+        return {
+            baseUrl,
+            request,
+            version,
+        };
+    }
+    static toURI(uri) {
+        const request = uri.request;
+        return (0, functions_1.convertJsonToURI)(request, {
+            baseUrl: uri.baseUrl,
+            arrayTypeProperties: ['credential_type'],
+            uriTypeProperties: ['issuer', 'credential_type'],
+        });
+    }
+}
+exports.CredentialOffer = CredentialOffer;
+//# sourceMappingURL=CredentialOffer.js.map

package/dist/CredentialOffer.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"CredentialOffer.js","sourceRoot":"","sources":["../lib/CredentialOffer.ts"],"names":[],"mappings":";;;;;;AAAA,6DAMkC;AAClC,6DAAuE;AACvE,kDAA0B;AAE1B,2CAAuE;AAEvE,MAAM,KAAK,GAAG,IAAA,eAAK,EAAC,gCAAgC,CAAC,CAAC;AAEtD,MAAa,eAAe;IACnB,MAAM,CAAC,OAAO,CAAC,GAAW;QAC/B,KAAK,CAAC,4BAA4B,GAAG,EAAE,CAAC,CAAC;QACzC,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE;YACtB,KAAK,CAAC,oCAAoC,GAAG,EAAE,CAAC,CAAC;YACjD,MAAM,IAAI,KAAK,CAAC,6CAA6C,CAAC,CAAC;SAChE;QACD,MAAM,OAAO,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QAClC,MAAM,OAAO,GAAG,IAAA,4CAA2B,EAAC,GAAG,CAAC,CAAC;QACjD,MAAM,yBAAyB,GAC7B,OAAO,GAAG,kCAAiB,CAAC,UAAU;YACpC,CAAC,CAAE,IAAA,kCAAsB,EAAC,GAAG,EAAE;gBAC3B,mBAAmB,EAAE,CAAC,iBAAiB,CAAC;gBACxC,kBAAkB,EAAE,CAAC,QAAQ,EAAE,iBAAiB,CAAC;aAClD,CAAmC;YACtC,CAAC,CAAE,IAAA,kCAAsB,EAAC,GAAG,EAAE;gBAC3B,mBAAmB,EAAE,CAAC,aAAa,CAAC;gBACpC,kBAAkB,EAAE,CAAC,aAAa,EAAE,mBAAmB,CAAC;aACzD,CAAmC,CAAC;QAE3C,MAAM,OAAO,GACX,OAAO,GAAG,kCAAiB,CAAC,UAAU,CAAC,OAAO,EAAE;YAC9C,CAAC,CAAE,yBAA2D;YAC9D,CAAC,CAAE,yBAA2D,CAAC;QAEnE,OAAO;YACL,OAAO;YACP,OAAO;YACP,OAAO;SACR,CAAC;IACJ,CAAC;IAEM,MAAM,CAAC,KAAK,CAAC,GAAsC;QACxD,MAAM,OAAO,GAAG,GAAG,CAAC,OAAO,CAAC;QAC5B,OAAO,IAAA,4BAAgB,EAAC,OAAO,EAAE;YAC/B,OAAO,EAAE,GAAG,CAAC,OAAO;YACpB,mBAAmB,EAAE,CAAC,iBAAiB,CAAC;YACxC,iBAAiB,EAAE,CAAC,QAAQ,EAAE,iBAAiB,CAAC;SACjD,CAAC,CAAC;IACL,CAAC;CACF;AAxCD,0CAwCC"}

package/dist/CredentialRequestClient.d.ts

@@ -0,0 +1,29 @@
+import { CredentialRequest, CredentialResponse, OpenIDResponse, ProofOfPossession } from '@sphereon/oid4vci-common';
+import { CredentialFormat } from '@sphereon/ssi-types';
+import { CredentialRequestClientBuilderV1_0_09 } from './CredentialRequestClientBuilderV1_0_09';
+import { ProofOfPossessionBuilder } from './ProofOfPossessionBuilder';
+export interface CredentialRequestOpts {
+    credentialEndpoint: string;
+    credentialType: string | string[];
+    format: CredentialFormat | CredentialFormat[];
+    proof: ProofOfPossession;
+    token: string;
+}
+export declare class CredentialRequestClient {
+    private readonly _credentialRequestOpts;
+    get credentialRequestOpts(): CredentialRequestOpts;
+    getCredentialEndpoint(): string;
+    constructor(builder: CredentialRequestClientBuilderV1_0_09);
+    acquireCredentialsUsingProof({ proofInput, credentialType, format, }: {
+        proofInput: ProofOfPossessionBuilder | ProofOfPossession;
+        credentialType?: string | string[];
+        format?: CredentialFormat | CredentialFormat[];
+    }): Promise<OpenIDResponse<CredentialResponse>>;
+    acquireCredentialsUsingRequest(request: CredentialRequest): Promise<OpenIDResponse<CredentialResponse>>;
+    createCredentialRequest({ proofInput, credentialType, format, }: {
+        proofInput: ProofOfPossessionBuilder | ProofOfPossession;
+        credentialType?: string | string[];
+        format?: CredentialFormat | CredentialFormat[];
+    }): Promise<CredentialRequest>;
+}
+//# sourceMappingURL=CredentialRequestClient.d.ts.map

package/dist/CredentialRequestClient.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"CredentialRequestClient.d.ts","sourceRoot":"","sources":["../lib/CredentialRequestClient.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,iBAAiB,EAAE,kBAAkB,EAAE,cAAc,EAAE,iBAAiB,EAAiB,MAAM,0BAA0B,CAAC;AACnI,OAAO,EAAE,gBAAgB,EAAE,MAAM,qBAAqB,CAAC;AAGvD,OAAO,EAAE,qCAAqC,EAAE,MAAM,yCAAyC,CAAC;AAChG,OAAO,EAAE,wBAAwB,EAAE,MAAM,4BAA4B,CAAC;AAKtE,MAAM,WAAW,qBAAqB;IACpC,kBAAkB,EAAE,MAAM,CAAC;IAC3B,cAAc,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;IAClC,MAAM,EAAE,gBAAgB,GAAG,gBAAgB,EAAE,CAAC;IAC9C,KAAK,EAAE,iBAAiB,CAAC;IACzB,KAAK,EAAE,MAAM,CAAC;CACf;AAED,qBAAa,uBAAuB;IAClC,OAAO,CAAC,QAAQ,CAAC,sBAAsB,CAAiC;IAExE,IAAI,qBAAqB,IAAI,qBAAqB,CAEjD;IAEM,qBAAqB,IAAI,MAAM;gBAInB,OAAO,EAAE,qCAAqC;IAIpD,4BAA4B,CAAC,EACxC,UAAU,EACV,cAAc,EACd,MAAM,GACP,EAAE;QACD,UAAU,EAAE,wBAAwB,GAAG,iBAAiB,CAAC;QACzD,cAAc,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;QACnC,MAAM,CAAC,EAAE,gBAAgB,GAAG,gBAAgB,EAAE,CAAC;KAChD,GAAG,OAAO,CAAC,cAAc,CAAC,kBAAkB,CAAC,CAAC;IAKlC,8BAA8B,CAAC,OAAO,EAAE,iBAAiB,GAAG,OAAO,CAAC,cAAc,CAAC,kBAAkB,CAAC,CAAC;IAavG,uBAAuB,CAAC,EACnC,UAAU,EACV,cAAc,EACd,MAAM,GACP,EAAE;QACD,UAAU,EAAE,wBAAwB,GAAG,iBAAiB,CAAC;QACzD,cAAc,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;QACnC,MAAM,CAAC,EAAE,gBAAgB,GAAG,gBAAgB,EAAE,CAAC;KAChD,GAAG,OAAO,CAAC,iBAAiB,CAAC;CAS/B"}

package/dist/CredentialRequestClient.js

@@ -0,0 +1,63 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.CredentialRequestClient = void 0;
+const oid4vci_common_1 = require("@sphereon/oid4vci-common");
+const debug_1 = __importDefault(require("debug"));
+const ProofOfPossessionBuilder_1 = require("./ProofOfPossessionBuilder");
+const functions_1 = require("./functions");
+const debug = (0, debug_1.default)('sphereon:openid4vci:credential');
+class CredentialRequestClient {
+    get credentialRequestOpts() {
+        return this._credentialRequestOpts;
+    }
+    getCredentialEndpoint() {
+        return this.credentialRequestOpts.credentialEndpoint;
+    }
+    constructor(builder) {
+        this._credentialRequestOpts = Object.assign({}, builder);
+    }
+    acquireCredentialsUsingProof({ proofInput, credentialType, format, }) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const request = yield this.createCredentialRequest({ proofInput, credentialType, format });
+            return yield this.acquireCredentialsUsingRequest(request);
+        });
+    }
+    acquireCredentialsUsingRequest(request) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const credentialEndpoint = this.credentialRequestOpts.credentialEndpoint;
+            if (!(0, functions_1.isValidURL)(credentialEndpoint)) {
+                debug(`Invalid credential endpoint: ${credentialEndpoint}`);
+                throw new Error(oid4vci_common_1.URL_NOT_VALID);
+            }
+            debug(`Acquiring credential(s) from: ${credentialEndpoint}`);
+            const requestToken = this.credentialRequestOpts.token;
+            const response = yield (0, functions_1.post)(credentialEndpoint, JSON.stringify(request), { bearerToken: requestToken });
+            debug(`Credential endpoint ${credentialEndpoint} response:\r\n${response}`);
+            return response;
+        });
+    }
+    createCredentialRequest({ proofInput, credentialType, format, }) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const proof = 'proof_type' in proofInput ? yield ProofOfPossessionBuilder_1.ProofOfPossessionBuilder.fromProof(proofInput).build() : yield proofInput.build();
+            return {
+                type: credentialType ? credentialType : this.credentialRequestOpts.credentialType,
+                format: format ? format : this.credentialRequestOpts.format,
+                proof,
+            };
+        });
+    }
+}
+exports.CredentialRequestClient = CredentialRequestClient;
+//# sourceMappingURL=CredentialRequestClient.js.map

package/dist/CredentialRequestClient.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"CredentialRequestClient.js","sourceRoot":"","sources":["../lib/CredentialRequestClient.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,6DAAmI;AAEnI,kDAA0B;AAG1B,yEAAsE;AACtE,2CAA+C;AAE/C,MAAM,KAAK,GAAG,IAAA,eAAK,EAAC,gCAAgC,CAAC,CAAC;AAUtD,MAAa,uBAAuB;IAGlC,IAAI,qBAAqB;QACvB,OAAO,IAAI,CAAC,sBAA+C,CAAC;IAC9D,CAAC;IAEM,qBAAqB;QAC1B,OAAO,IAAI,CAAC,qBAAqB,CAAC,kBAAkB,CAAC;IACvD,CAAC;IAED,YAAmB,OAA8C;QAC/D,IAAI,CAAC,sBAAsB,qBAAQ,OAAO,CAAE,CAAC;IAC/C,CAAC;IAEY,4BAA4B,CAAC,EACxC,UAAU,EACV,cAAc,EACd,MAAM,GAKP;;YACC,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,uBAAuB,CAAC,EAAE,UAAU,EAAE,cAAc,EAAE,MAAM,EAAE,CAAC,CAAC;YAC3F,OAAO,MAAM,IAAI,CAAC,8BAA8B,CAAC,OAAO,CAAC,CAAC;QAC5D,CAAC;KAAA;IAEY,8BAA8B,CAAC,OAA0B;;YACpE,MAAM,kBAAkB,GAAW,IAAI,CAAC,qBAAqB,CAAC,kBAAkB,CAAC;YACjF,IAAI,CAAC,IAAA,sBAAU,EAAC,kBAAkB,CAAC,EAAE;gBACnC,KAAK,CAAC,gCAAgC,kBAAkB,EAAE,CAAC,CAAC;gBAC5D,MAAM,IAAI,KAAK,CAAC,8BAAa,CAAC,CAAC;aAChC;YACD,KAAK,CAAC,iCAAiC,kBAAkB,EAAE,CAAC,CAAC;YAC7D,MAAM,YAAY,GAAW,IAAI,CAAC,qBAAqB,CAAC,KAAK,CAAC;YAC9D,MAAM,QAAQ,GAAuC,MAAM,IAAA,gBAAI,EAAC,kBAAkB,EAAE,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,EAAE,EAAE,WAAW,EAAE,YAAY,EAAE,CAAC,CAAC;YAC5I,KAAK,CAAC,uBAAuB,kBAAkB,iBAAiB,QAAQ,EAAE,CAAC,CAAC;YAC5E,OAAO,QAAQ,CAAC;QAClB,CAAC;KAAA;IAEY,uBAAuB,CAAC,EACnC,UAAU,EACV,cAAc,EACd,MAAM,GAKP;;YACC,MAAM,KAAK,GACT,YAAY,IAAI,UAAU,CAAC,CAAC,CAAC,MAAM,mDAAwB,CAAC,SAAS,CAAC,UAA+B,CAAC,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC,MAAM,UAAU,CAAC,KAAK,EAAE,CAAC;YAC5I,OAAO;gBACL,IAAI,EAAE,cAAc,CAAC,CAAC,CAAC,cAAc,CAAC,CAAC,CAAC,IAAI,CAAC,qBAAqB,CAAC,cAAc;gBACjF,MAAM,EAAE,MAAM,CAAC,CAAC,CAAE,MAAiB,CAAC,CAAC,CAAE,IAAI,CAAC,qBAAqB,CAAC,MAAiB;gBACnF,KAAK;aACN,CAAC;QACJ,CAAC;KAAA;CACF;AA1DD,0DA0DC"}

package/dist/CredentialRequestClientBuilderV1_0_09.d.ts

@@ -0,0 +1,29 @@
+import { AccessTokenResponse, CredentialOfferPayload, CredentialOfferRequestWithBaseUrl, EndpointMetadata, IssuerMetadata } from '@sphereon/oid4vci-common';
+import { CredentialFormat } from '@sphereon/ssi-types';
+import { CredentialRequestClient } from './CredentialRequestClient';
+export declare class CredentialRequestClientBuilderV1_0_09 {
+    credentialEndpoint?: string;
+    credentialType?: string | string[];
+    format?: CredentialFormat | CredentialFormat[];
+    token?: string;
+    static fromURI({ uri, metadata }: {
+        uri: string;
+        metadata?: EndpointMetadata;
+    }): CredentialRequestClientBuilderV1_0_09;
+    static fromCredentialOfferRequest({ request, metadata, }: {
+        request: CredentialOfferPayload;
+        metadata?: EndpointMetadata;
+    }): CredentialRequestClientBuilderV1_0_09;
+    static fromCredentialOffer({ credentialOffer, metadata, }: {
+        credentialOffer: CredentialOfferRequestWithBaseUrl;
+        metadata?: EndpointMetadata;
+    }): CredentialRequestClientBuilderV1_0_09;
+    withCredentialEndpointFromMetadata(metadata: IssuerMetadata): CredentialRequestClientBuilderV1_0_09;
+    withCredentialEndpoint(credentialEndpoint: string): CredentialRequestClientBuilderV1_0_09;
+    withCredentialType(credentialType: string | string[]): CredentialRequestClientBuilderV1_0_09;
+    withFormat(format: CredentialFormat | CredentialFormat[]): CredentialRequestClientBuilderV1_0_09;
+    withToken(accessToken: string): CredentialRequestClientBuilderV1_0_09;
+    withTokenFromResponse(response: AccessTokenResponse): CredentialRequestClientBuilderV1_0_09;
+    build(): CredentialRequestClient;
+}
+//# sourceMappingURL=CredentialRequestClientBuilderV1_0_09.d.ts.map

package/dist/CredentialRequestClientBuilderV1_0_09.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"CredentialRequestClientBuilderV1_0_09.d.ts","sourceRoot":"","sources":["../lib/CredentialRequestClientBuilderV1_0_09.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,mBAAmB,EACnB,sBAAsB,EAEtB,iCAAiC,EACjC,gBAAgB,EAEhB,cAAc,EACf,MAAM,0BAA0B,CAAC;AAClC,OAAO,EAAE,gBAAgB,EAAE,MAAM,qBAAqB,CAAC;AAEvD,OAAO,EAAE,uBAAuB,EAAE,MAAM,2BAA2B,CAAC;AAGpE,qBAAa,qCAAqC;IAChD,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAC5B,cAAc,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;IACnC,MAAM,CAAC,EAAE,gBAAgB,GAAG,gBAAgB,EAAE,CAAC;IAC/C,KAAK,CAAC,EAAE,MAAM,CAAC;WAED,OAAO,CAAC,EAAE,GAAG,EAAE,QAAQ,EAAE,EAAE;QAAE,GAAG,EAAE,MAAM,CAAC;QAAC,QAAQ,CAAC,EAAE,gBAAgB,CAAA;KAAE,GAAG,qCAAqC;WAU/G,0BAA0B,CAAC,EACvC,OAAO,EACP,QAAQ,GACT,EAAE;QACD,OAAO,EAAE,sBAAsB,CAAC;QAChC,QAAQ,CAAC,EAAE,gBAAgB,CAAC;KAC7B,GAAG,qCAAqC;WAgB3B,mBAAmB,CAAC,EAChC,eAAe,EACf,QAAQ,GACT,EAAE;QACD,eAAe,EAAE,iCAAiC,CAAC;QACnD,QAAQ,CAAC,EAAE,gBAAgB,CAAC;KAC7B,GAAG,qCAAqC;IAOlC,kCAAkC,CAAC,QAAQ,EAAE,cAAc,GAAG,qCAAqC;IAKnG,sBAAsB,CAAC,kBAAkB,EAAE,MAAM,GAAG,qCAAqC;IAKzF,kBAAkB,CAAC,cAAc,EAAE,MAAM,GAAG,MAAM,EAAE,GAAG,qCAAqC;IAK5F,UAAU,CAAC,MAAM,EAAE,gBAAgB,GAAG,gBAAgB,EAAE,GAAG,qCAAqC;IAKhG,SAAS,CAAC,WAAW,EAAE,MAAM,GAAG,qCAAqC;IAKrE,qBAAqB,CAAC,QAAQ,EAAE,mBAAmB,GAAG,qCAAqC;IAK3F,KAAK,IAAI,uBAAuB;CAGxC"}

package/dist/CredentialRequestClientBuilderV1_0_09.js

@@ -0,0 +1,63 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.CredentialRequestClientBuilderV1_0_09 = void 0;
+const oid4vci_common_1 = require("@sphereon/oid4vci-common");
+const CredentialRequestClient_1 = require("./CredentialRequestClient");
+const functions_1 = require("./functions");
+class CredentialRequestClientBuilderV1_0_09 {
+    static fromURI({ uri, metadata }) {
+        return CredentialRequestClientBuilderV1_0_09.fromCredentialOfferRequest({
+            request: (0, functions_1.convertURIToJsonObject)(uri, {
+                arrayTypeProperties: ['credential_type'],
+                requiredProperties: ['issuer', 'credential_type'],
+            }),
+            metadata,
+        });
+    }
+    static fromCredentialOfferRequest({ request, metadata, }) {
+        const builder = new CredentialRequestClientBuilderV1_0_09();
+        const issuer = (0, oid4vci_common_1.getIssuerFromCredentialOfferPayload)(request)
+            ? (0, oid4vci_common_1.getIssuerFromCredentialOfferPayload)(request)
+            : metadata === null || metadata === void 0 ? void 0 : metadata.issuer;
+        builder.withCredentialEndpoint((metadata === null || metadata === void 0 ? void 0 : metadata.credential_endpoint) ? metadata.credential_endpoint : issuer.endsWith('/') ? `${issuer}credential` : `${issuer}/credential`);
+        //todo: This basically sets all types available during initiation. Probably the user only wants a subset. So do we want to do this?
+        //todo: handle this for v11
+        builder.withCredentialType(request.credential_type);
+        return builder;
+    }
+    static fromCredentialOffer({ credentialOffer, metadata, }) {
+        return CredentialRequestClientBuilderV1_0_09.fromCredentialOfferRequest({
+            request: credentialOffer.request,
+            metadata,
+        });
+    }
+    withCredentialEndpointFromMetadata(metadata) {
+        this.credentialEndpoint = metadata.credential_endpoint;
+        return this;
+    }
+    withCredentialEndpoint(credentialEndpoint) {
+        this.credentialEndpoint = credentialEndpoint;
+        return this;
+    }
+    withCredentialType(credentialType) {
+        this.credentialType = credentialType;
+        return this;
+    }
+    withFormat(format) {
+        this.format = format;
+        return this;
+    }
+    withToken(accessToken) {
+        this.token = accessToken;
+        return this;
+    }
+    withTokenFromResponse(response) {
+        this.token = response.access_token;
+        return this;
+    }
+    build() {
+        return new CredentialRequestClient_1.CredentialRequestClient(this);
+    }
+}
+exports.CredentialRequestClientBuilderV1_0_09 = CredentialRequestClientBuilderV1_0_09;
+//# sourceMappingURL=CredentialRequestClientBuilderV1_0_09.js.map

package/dist/CredentialRequestClientBuilderV1_0_09.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"CredentialRequestClientBuilderV1_0_09.js","sourceRoot":"","sources":["../lib/CredentialRequestClientBuilderV1_0_09.ts"],"names":[],"mappings":";;;AAAA,6DAQkC;AAGlC,uEAAoE;AACpE,2CAAqD;AAErD,MAAa,qCAAqC;IAMzC,MAAM,CAAC,OAAO,CAAC,EAAE,GAAG,EAAE,QAAQ,EAAgD;QACnF,OAAO,qCAAqC,CAAC,0BAA0B,CAAC;YACtE,OAAO,EAAE,IAAA,kCAAsB,EAAC,GAAG,EAAE;gBACnC,mBAAmB,EAAE,CAAC,iBAAiB,CAAC;gBACxC,kBAAkB,EAAE,CAAC,QAAQ,EAAE,iBAAiB,CAAC;aAClD,CAA2B;YAC5B,QAAQ;SACT,CAAC,CAAC;IACL,CAAC;IAEM,MAAM,CAAC,0BAA0B,CAAC,EACvC,OAAO,EACP,QAAQ,GAIT;QACC,MAAM,OAAO,GAAG,IAAI,qCAAqC,EAAE,CAAC;QAC5D,MAAM,MAAM,GAAG,IAAA,oDAAmC,EAAC,OAAO,CAAC;YACzD,CAAC,CAAE,IAAA,oDAAmC,EAAC,OAAO,CAAY;YAC1D,CAAC,CAAE,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,MAAiB,CAAC;QACjC,OAAO,CAAC,sBAAsB,CAC5B,CAAA,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,mBAAmB,EAAC,CAAC,CAAC,QAAQ,CAAC,mBAAmB,CAAC,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,MAAM,YAAY,CAAC,CAAC,CAAC,GAAG,MAAM,aAAa,CACrI,CAAC;QAEF,mIAAmI;QACnI,2BAA2B;QAC3B,OAAO,CAAC,kBAAkB,CAAE,OAAyC,CAAC,eAAe,CAAC,CAAC;QAEvF,OAAO,OAAO,CAAC;IACjB,CAAC;IAEM,MAAM,CAAC,mBAAmB,CAAC,EAChC,eAAe,EACf,QAAQ,GAIT;QACC,OAAO,qCAAqC,CAAC,0BAA0B,CAAC;YACtE,OAAO,EAAE,eAAe,CAAC,OAAO;YAChC,QAAQ;SACT,CAAC,CAAC;IACL,CAAC;IAEM,kCAAkC,CAAC,QAAwB;QAChE,IAAI,CAAC,kBAAkB,GAAG,QAAQ,CAAC,mBAAmB,CAAC;QACvD,OAAO,IAAI,CAAC;IACd,CAAC;IAEM,sBAAsB,CAAC,kBAA0B;QACtD,IAAI,CAAC,kBAAkB,GAAG,kBAAkB,CAAC;QAC7C,OAAO,IAAI,CAAC;IACd,CAAC;IAEM,kBAAkB,CAAC,cAAiC;QACzD,IAAI,CAAC,cAAc,GAAG,cAAc,CAAC;QACrC,OAAO,IAAI,CAAC;IACd,CAAC;IAEM,UAAU,CAAC,MAA6C;QAC7D,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;QACrB,OAAO,IAAI,CAAC;IACd,CAAC;IAEM,SAAS,CAAC,WAAmB;QAClC,IAAI,CAAC,KAAK,GAAG,WAAW,CAAC;QACzB,OAAO,IAAI,CAAC;IACd,CAAC;IAEM,qBAAqB,CAAC,QAA6B;QACxD,IAAI,CAAC,KAAK,GAAG,QAAQ,CAAC,YAAY,CAAC;QACnC,OAAO,IAAI,CAAC;IACd,CAAC;IAEM,KAAK;QACV,OAAO,IAAI,iDAAuB,CAAC,IAAI,CAAC,CAAC;IAC3C,CAAC;CACF;AApFD,sFAoFC"}