@sphereon/oid4vci-client 0.20.2-next.2 → 0.21.0

package/dist/index.d.cts

@@ -1,7 +1,7 @@
 import { CredentialFormat, ISimpleLogger } from '@sphereon/ssi-types';
 import { CreateDPoPClientOpts, JWK } from '@sphereon/oid4vc-common';
 import * as _sphereon_oid4vci_common from '@sphereon/oid4vci-common';
-import { AccessTokenRequestOpts, OpenIDResponse, AccessTokenResponse, DPoPResponseParams, AccessTokenRequest, TxCodeAndPinRequired, EndpointMetadata, AuthorizationServerOpts, IssuerOpts, RequestObjectOpts, PKCEOpts, EndpointMetadataResultV1_0_15, AuthorizationRequestOpts, CredentialOfferRequestWithBaseUrl, CredentialConfigurationSupportedV1_0_15, OpenId4VCIVersion, AuthorizationChallengeRequestOpts, AuthorizationChallengeCodeResponse, CommonAuthorizationChallengeRequest, ExperimentalSubjectIssuance, UniformCredentialOfferRequest, CredentialIssuerMetadataV1_0_15, Jwt, ProofOfPossessionCallbacks, PoPMode, ProofOfPossession, Alg, Typ, AuthorizationDetailsV1_0_15, OID4VCICredentialFormat, CredentialResponse, CredentialRequest, CredentialRequestV1_0_15, CredentialIssuerMetadata, NotificationRequest, NotificationResponseResult, WellKnownEndpoints, CredentialOfferPayload, CredentialOfferPayloadV1_0_15, IssuerMetadataV1_0_15, AuthorizationResponse, CredentialResponseV1_0_15, AuthzFlowType, CredentialConfigurationSupported } from '@sphereon/oid4vci-common';
+import { AccessTokenRequestOpts, OpenIDResponse, AccessTokenResponse, DPoPResponseParams, AccessTokenRequest, TxCodeAndPinRequired, EndpointMetadata, AuthorizationServerOpts, IssuerOpts, RequestObjectOpts, PKCEOpts, EndpointMetadataResult as EndpointMetadataResult$1, AuthorizationRequestOpts, CredentialOfferRequestWithBaseUrl, CredentialConfigurationSupported, OpenId4VCIVersion, AuthorizationChallengeRequestOpts, AuthorizationChallengeCodeResponse, CommonAuthorizationChallengeRequest, ExperimentalSubjectIssuance, EndpointMetadataResultV1_0_15, UniformCredentialOfferRequest, CredentialIssuerMetadataV1_0_15, EndpointMetadataResultV1_0, CredentialIssuerMetadataV1_0, Jwt, ProofOfPossessionCallbacks, PoPMode, ProofOfPossession, Alg, Typ, AuthorizationDetailsV1_0_15, AuthorizationDetailsV1_0, OID4VCICredentialFormat, CredentialResponse, CredentialRequest, CredentialRequestV1_0_15, CredentialRequestV1_0, CredentialIssuerMetadata, NotificationRequest, NotificationResponseResult, WellKnownEndpoints, CredentialOfferPayload, SignedMetadataVerifyCallback, CredentialOfferPayloadV1_0_15, IssuerMetadataV1_0_15, CredentialOfferPayloadV1_0, IssuerMetadataV1_0, AuthorizationResponse, CredentialResponseV1_0_15, CredentialConfigurationSupportedV1_0_15, AuthzFlowType } from '@sphereon/oid4vci-common';
 
 declare class AccessTokenClient {
     acquireAccessToken(opts: AccessTokenRequestOpts): Promise<OpenIDResponse<AccessTokenResponse, DPoPResponseParams>>;
@@ -37,10 +37,10 @@ declare function createSignedAuthRequestWhenNeeded(requestObject: Record<string,
 }): Promise<void>;
 declare const createAuthorizationRequestUrl: ({ pkce, endpointMetadata, authorizationRequest, credentialOffer, credentialConfigurationSupported, clientId, version, }: {
     pkce: PKCEOpts;
-    endpointMetadata: EndpointMetadataResultV1_0_15;
+    endpointMetadata: EndpointMetadataResult$1;
     authorizationRequest: AuthorizationRequestOpts;
     credentialOffer?: CredentialOfferRequestWithBaseUrl;
-    credentialConfigurationSupported?: Record<string, CredentialConfigurationSupportedV1_0_15>;
+    credentialConfigurationSupported?: Record<string, CredentialConfigurationSupported>;
     clientId?: string;
     version?: OpenId4VCIVersion;
 }) => Promise<string>;
@@ -109,6 +109,60 @@ declare class CredentialRequestClientBuilderV1_0_15 {
     build(): CredentialRequestClient;
 }
 
+declare class CredentialRequestClientBuilderV1_0 {
+    credentialEndpoint?: string;
+    deferredCredentialEndpoint?: string;
+    nonceEndpoint?: string;
+    deferredCredentialAwait: boolean;
+    deferredCredentialIntervalInMS: number;
+    credentialIdentifiers?: string[];
+    credentialConfigurationId?: string;
+    credentialTypes?: string[];
+    token?: string;
+    version?: OpenId4VCIVersion;
+    subjectIssuance?: ExperimentalSubjectIssuance;
+    issuerState?: string;
+    static fromCredentialIssuer({ credentialIssuer, metadata, version, credentialIdentifiers, credentialConfigurationId, credentialTypes, }: {
+        credentialIssuer: string;
+        metadata?: EndpointMetadataResultV1_0;
+        version?: OpenId4VCIVersion;
+        credentialIdentifiers?: string[];
+        credentialConfigurationId?: string;
+        credentialTypes?: string | string[];
+    }): CredentialRequestClientBuilderV1_0;
+    static fromURI({ uri, metadata, }: {
+        uri: string;
+        metadata?: EndpointMetadataResultV1_0;
+    }): Promise<CredentialRequestClientBuilderV1_0>;
+    static fromCredentialOfferRequest(opts: {
+        request: UniformCredentialOfferRequest;
+        scheme?: string;
+        baseUrl?: string;
+        version?: OpenId4VCIVersion;
+        metadata?: EndpointMetadataResultV1_0;
+    }): CredentialRequestClientBuilderV1_0;
+    static fromCredentialOffer({ credentialOffer, metadata, }: {
+        credentialOffer: CredentialOfferRequestWithBaseUrl;
+        metadata?: EndpointMetadataResultV1_0;
+    }): CredentialRequestClientBuilderV1_0;
+    withCredentialEndpointFromMetadata(metadata: CredentialIssuerMetadataV1_0): this;
+    withCredentialEndpoint(credentialEndpoint: string): this;
+    withIssuerState(issuerState?: string): this;
+    withDeferredCredentialEndpointFromMetadata(metadata: CredentialIssuerMetadataV1_0): this;
+    withDeferredCredentialEndpoint(deferredCredentialEndpoint: string): this;
+    withNonceEndpointFromMetadata(metadata: CredentialIssuerMetadataV1_0): this;
+    withNonceEndpoint(nonceEndpoint: string): this;
+    withDeferredCredentialAwait(deferredCredentialAwait: boolean, deferredCredentialIntervalInMS?: number): this;
+    withCredentialIdentifiers(credentialIdentifiers: string[]): this;
+    withCredentialConfigurationId(credentialConfigurationId: string): this;
+    withCredentialType(credentialTypes: string | string[]): this;
+    withSubjectIssuance(subjectIssuance: ExperimentalSubjectIssuance): this;
+    withToken(accessToken: string): this;
+    withTokenFromResponse(response: AccessTokenResponse): this;
+    withVersion(version: OpenId4VCIVersion): this;
+    build(): CredentialRequestClient;
+}
+
 declare class ProofOfPossessionBuilder<DIDDoc = never> {
     private readonly proof?;
     private readonly callbacks?;
@@ -123,6 +177,8 @@ declare class ProofOfPossessionBuilder<DIDDoc = never> {
     private jti?;
     private cNonce?;
     private typ?;
+    private proofType;
+    private coseKey?;
     private constructor();
     static manual({ jwt, callbacks, version, mode, }: {
         jwt?: Jwt;
@@ -151,6 +207,8 @@ declare class ProofOfPossessionBuilder<DIDDoc = never> {
     withAlg(alg: Alg | string): this;
     withJti(jti: string): this;
     withTyp(typ: Typ): this;
+    withProofType(proofType: 'jwt' | 'cwt'): this;
+    withCoseKey(coseKey: unknown): this;
     withAccessTokenNonce(cNonce: string): this;
     withAccessTokenResponse(accessToken: AccessTokenResponse): this;
     withEndpointMetadata(endpointMetadata: EndpointMetadata): this;
@@ -166,13 +224,14 @@ interface CredentialRequestOpts {
     deferredCredentialEndpoint?: string;
     credentialTypes?: string[];
     credentialIdentifier?: string;
+    credentialIdentifiers?: string[];
     credentialConfigurationId?: string;
     proof: ProofOfPossession;
     token: string;
     version: OpenId4VCIVersion;
     subjectIssuance?: ExperimentalSubjectIssuance;
     issuerState?: string;
-    authorizationDetails?: AuthorizationDetailsV1_0_15[];
+    authorizationDetails?: (AuthorizationDetailsV1_0_15 | AuthorizationDetailsV1_0)[];
 }
 type CreateCredentialRequestOpts = {
     credentialIdentifier?: string;
@@ -194,7 +253,7 @@ declare class CredentialRequestClient {
     isDeferred(): boolean;
     getCredentialEndpoint(): string;
     getDeferredCredentialEndpoint(): string | undefined;
-    constructor(builder: CredentialRequestClientBuilderV1_0_15);
+    constructor(builder: CredentialRequestClientBuilderV1_0_15 | CredentialRequestClientBuilderV1_0);
     /**
      * Typically you should not use this method, as it omits a proof from the request.
      * There are certain issuers that in specific circumstances can do without this proof, because they have other means of user binding
@@ -234,10 +293,10 @@ declare class CredentialRequestClient {
     }): Promise<OpenIDResponse<CredentialResponse> & {
         access_token: string;
     }>;
-    createCredentialRequestWithoutProof(opts: CreateCredentialRequestOpts): Promise<CredentialRequestV1_0_15>;
+    createCredentialRequestWithoutProof(opts: CreateCredentialRequestOpts): Promise<CredentialRequestV1_0_15 | CredentialRequestV1_0>;
     createCredentialRequest(opts: CreateCredentialRequestOpts & {
         proofInput: ProofOfPossessionBuilder | ProofOfPossession;
-    }): Promise<CredentialRequestV1_0_15>;
+    }): Promise<CredentialRequestV1_0_15 | CredentialRequestV1_0>;
     private createCredentialRequestImpl;
     private version;
 }
@@ -263,11 +322,12 @@ declare class CredentialOfferClientV1_0_15 {
 declare class CredentialRequestClientBuilder {
     private _builder;
     private constructor();
-    static fromCredentialIssuer({ credentialIssuer, metadata, version, credentialIdentifier, credentialTypes, }: {
+    static fromCredentialIssuer({ credentialIssuer, metadata, version, credentialIdentifier, credentialIdentifiers, credentialTypes, }: {
         credentialIssuer: string;
         metadata?: EndpointMetadata;
         version?: OpenId4VCIVersion;
         credentialIdentifier?: string;
+        credentialIdentifiers?: string[];
         credentialTypes?: string | string[];
     }): CredentialRequestClientBuilder;
     static fromURI({ uri, metadata, }: {
@@ -292,6 +352,7 @@ declare class CredentialRequestClientBuilder {
     withDeferredCredentialEndpoint(deferredCredentialEndpoint: string): this;
     withDeferredCredentialAwait(deferredCredentialAwait: boolean, deferredCredentialIntervalInMS?: number): this;
     withCredentialIdentifier(credentialIdentifier: string): this;
+    withCredentialIdentifiers(credentialIdentifiers: string[]): this;
     withIssuerState(issuerState?: string): this;
     withCredentialType(credentialTypes: string | string[]): this;
     withSubjectIssuance(subjectIssuance: ExperimentalSubjectIssuance): this;
@@ -344,20 +405,21 @@ declare class MetadataClient {
      *
      * @param credentialOffer
      */
-    static retrieveAllMetadataFromCredentialOffer(credentialOffer: CredentialOfferRequestWithBaseUrl): Promise<EndpointMetadataResultV1_0_15>;
+    static retrieveAllMetadataFromCredentialOffer(credentialOffer: CredentialOfferRequestWithBaseUrl): Promise<EndpointMetadataResult$1>;
     /**
      * Retrieve the metada using the initiation request obtained from a previous step
      * @param request
      */
-    static retrieveAllMetadataFromCredentialOfferRequest(request: CredentialOfferPayload): Promise<EndpointMetadataResultV1_0_15>;
+    static retrieveAllMetadataFromCredentialOfferRequest(request: CredentialOfferPayload): Promise<EndpointMetadataResult$1>;
     /**
      * Retrieve all metadata from an issuer
      * @param issuer The issuer URL
      * @param opts
      */
     static retrieveAllMetadata(issuer: string, opts?: {
-        errorOnNotFound: boolean;
-    }): Promise<EndpointMetadataResultV1_0_15>;
+        errorOnNotFound?: boolean;
+        signedMetadataVerifyCallback?: SignedMetadataVerifyCallback;
+    }): Promise<EndpointMetadataResult$1>;
     /**
      * Retrieve only the OID4VCI metadata for the issuer. So no OIDC/OAuth2 metadata
      *
@@ -387,7 +449,8 @@ declare class MetadataClientV1_0_15 {
      * @param opts
      */
     static retrieveAllMetadata(issuer: string, opts?: {
-        errorOnNotFound: boolean;
+        errorOnNotFound?: boolean;
+        signedMetadataVerifyCallback?: SignedMetadataVerifyCallback;
     }): Promise<EndpointMetadataResultV1_0_15>;
     /**
      * Retrieve only the OID4VCI metadata for the issuer. So no OIDC/OAuth2 metadata
@@ -400,6 +463,18 @@ declare class MetadataClientV1_0_15 {
     }): Promise<OpenIDResponse<IssuerMetadataV1_0_15> | undefined>;
 }
 
+declare class MetadataClientV1_0 {
+    static retrieveAllMetadataFromCredentialOffer(credentialOffer: CredentialOfferRequestWithBaseUrl): Promise<EndpointMetadataResultV1_0>;
+    static retrieveAllMetadataFromCredentialOfferRequest(request: CredentialOfferPayloadV1_0): Promise<EndpointMetadataResultV1_0>;
+    static retrieveAllMetadata(issuer: string, opts?: {
+        errorOnNotFound?: boolean;
+        signedMetadataVerifyCallback?: SignedMetadataVerifyCallback;
+    }): Promise<EndpointMetadataResultV1_0>;
+    static retrieveOpenID4VCIServerMetadata(issuerHost: string, opts?: {
+        errorOnNotFound?: boolean;
+    }): Promise<OpenIDResponse<IssuerMetadataV1_0> | undefined>;
+}
+
 interface OpenID4VCIClientStateV1_0_15 {
     credentialIssuer: string;
     credentialOffer?: CredentialOfferRequestWithBaseUrl;
@@ -567,8 +642,10 @@ declare class OpenID4VCIClient {
     }): Promise<AccessTokenResponse & {
         params?: DPoPResponseParams;
     }>;
-    acquireCredentials({ credentialTypes, context, proofCallbacks, format, kid, jwk, alg, jti, deferredCredentialAwait, deferredCredentialIntervalInMS, createDPoPOpts, }: {
-        credentialTypes: string | string[];
+    acquireCredentials({ credentialIdentifier, credentialConfigurationId, credentialTypes, context, proofCallbacks, format, kid, jwk, alg, jti, deferredCredentialAwait, deferredCredentialIntervalInMS, createDPoPOpts, }: {
+        credentialIdentifier?: string;
+        credentialConfigurationId?: string;
+        credentialTypes?: string | string[];
         context?: string[];
         proofCallbacks: ProofOfPossessionCallbacks;
         format: CredentialFormat | OID4VCICredentialFormat;
@@ -624,4 +701,4 @@ declare class OpenID4VCIClient {
 
 declare const LOG: ISimpleLogger<string>;
 
-export { AccessTokenClient, type CreateCredentialRequestOpts, CredentialOfferClient, CredentialOfferClientV1_0_15, CredentialRequestClient, CredentialRequestClientBuilder, CredentialRequestClientBuilderV1_0_15, type CredentialRequestOpts, type EndpointMetadataResult, LOG, MetadataClient, MetadataClientV1_0_15, OpenID4VCIClient, type OpenID4VCIClientState, type OpenID4VCIClientStateV1_0_15, OpenID4VCIClientV1_0_15, ProofOfPossessionBuilder, acquireAuthorizationChallengeAuthCode, acquireAuthorizationChallengeAuthCodeUsingRequest, buildProof, constructBaseResponse, createAuthorizationChallengeRequest, createAuthorizationRequestUrl, createJwtBearerClientAssertion, createSignedAuthRequestWhenNeeded, generateMissingPKCEOpts, handleCredentialOfferUri, isUriEncoded, retrieveWellknown, sendAuthorizationChallengeRequest, sendNotification };
+export { AccessTokenClient, type CreateCredentialRequestOpts, CredentialOfferClient, CredentialOfferClientV1_0_15, CredentialRequestClient, CredentialRequestClientBuilder, CredentialRequestClientBuilderV1_0, CredentialRequestClientBuilderV1_0_15, type CredentialRequestOpts, type EndpointMetadataResult, LOG, MetadataClient, MetadataClientV1_0, MetadataClientV1_0_15, OpenID4VCIClient, type OpenID4VCIClientState, type OpenID4VCIClientStateV1_0_15, OpenID4VCIClientV1_0_15, ProofOfPossessionBuilder, acquireAuthorizationChallengeAuthCode, acquireAuthorizationChallengeAuthCodeUsingRequest, buildProof, constructBaseResponse, createAuthorizationChallengeRequest, createAuthorizationRequestUrl, createJwtBearerClientAssertion, createSignedAuthRequestWhenNeeded, generateMissingPKCEOpts, handleCredentialOfferUri, isUriEncoded, retrieveWellknown, sendAuthorizationChallengeRequest, sendNotification };

package/dist/index.d.ts

@@ -1,7 +1,7 @@
 import { CredentialFormat, ISimpleLogger } from '@sphereon/ssi-types';
 import { CreateDPoPClientOpts, JWK } from '@sphereon/oid4vc-common';
 import * as _sphereon_oid4vci_common from '@sphereon/oid4vci-common';
-import { AccessTokenRequestOpts, OpenIDResponse, AccessTokenResponse, DPoPResponseParams, AccessTokenRequest, TxCodeAndPinRequired, EndpointMetadata, AuthorizationServerOpts, IssuerOpts, RequestObjectOpts, PKCEOpts, EndpointMetadataResultV1_0_15, AuthorizationRequestOpts, CredentialOfferRequestWithBaseUrl, CredentialConfigurationSupportedV1_0_15, OpenId4VCIVersion, AuthorizationChallengeRequestOpts, AuthorizationChallengeCodeResponse, CommonAuthorizationChallengeRequest, ExperimentalSubjectIssuance, UniformCredentialOfferRequest, CredentialIssuerMetadataV1_0_15, Jwt, ProofOfPossessionCallbacks, PoPMode, ProofOfPossession, Alg, Typ, AuthorizationDetailsV1_0_15, OID4VCICredentialFormat, CredentialResponse, CredentialRequest, CredentialRequestV1_0_15, CredentialIssuerMetadata, NotificationRequest, NotificationResponseResult, WellKnownEndpoints, CredentialOfferPayload, CredentialOfferPayloadV1_0_15, IssuerMetadataV1_0_15, AuthorizationResponse, CredentialResponseV1_0_15, AuthzFlowType, CredentialConfigurationSupported } from '@sphereon/oid4vci-common';
+import { AccessTokenRequestOpts, OpenIDResponse, AccessTokenResponse, DPoPResponseParams, AccessTokenRequest, TxCodeAndPinRequired, EndpointMetadata, AuthorizationServerOpts, IssuerOpts, RequestObjectOpts, PKCEOpts, EndpointMetadataResult as EndpointMetadataResult$1, AuthorizationRequestOpts, CredentialOfferRequestWithBaseUrl, CredentialConfigurationSupported, OpenId4VCIVersion, AuthorizationChallengeRequestOpts, AuthorizationChallengeCodeResponse, CommonAuthorizationChallengeRequest, ExperimentalSubjectIssuance, EndpointMetadataResultV1_0_15, UniformCredentialOfferRequest, CredentialIssuerMetadataV1_0_15, EndpointMetadataResultV1_0, CredentialIssuerMetadataV1_0, Jwt, ProofOfPossessionCallbacks, PoPMode, ProofOfPossession, Alg, Typ, AuthorizationDetailsV1_0_15, AuthorizationDetailsV1_0, OID4VCICredentialFormat, CredentialResponse, CredentialRequest, CredentialRequestV1_0_15, CredentialRequestV1_0, CredentialIssuerMetadata, NotificationRequest, NotificationResponseResult, WellKnownEndpoints, CredentialOfferPayload, SignedMetadataVerifyCallback, CredentialOfferPayloadV1_0_15, IssuerMetadataV1_0_15, CredentialOfferPayloadV1_0, IssuerMetadataV1_0, AuthorizationResponse, CredentialResponseV1_0_15, CredentialConfigurationSupportedV1_0_15, AuthzFlowType } from '@sphereon/oid4vci-common';
 
 declare class AccessTokenClient {
     acquireAccessToken(opts: AccessTokenRequestOpts): Promise<OpenIDResponse<AccessTokenResponse, DPoPResponseParams>>;
@@ -37,10 +37,10 @@ declare function createSignedAuthRequestWhenNeeded(requestObject: Record<string,
 }): Promise<void>;
 declare const createAuthorizationRequestUrl: ({ pkce, endpointMetadata, authorizationRequest, credentialOffer, credentialConfigurationSupported, clientId, version, }: {
     pkce: PKCEOpts;
-    endpointMetadata: EndpointMetadataResultV1_0_15;
+    endpointMetadata: EndpointMetadataResult$1;
     authorizationRequest: AuthorizationRequestOpts;
     credentialOffer?: CredentialOfferRequestWithBaseUrl;
-    credentialConfigurationSupported?: Record<string, CredentialConfigurationSupportedV1_0_15>;
+    credentialConfigurationSupported?: Record<string, CredentialConfigurationSupported>;
     clientId?: string;
     version?: OpenId4VCIVersion;
 }) => Promise<string>;
@@ -109,6 +109,60 @@ declare class CredentialRequestClientBuilderV1_0_15 {
     build(): CredentialRequestClient;
 }
 
+declare class CredentialRequestClientBuilderV1_0 {
+    credentialEndpoint?: string;
+    deferredCredentialEndpoint?: string;
+    nonceEndpoint?: string;
+    deferredCredentialAwait: boolean;
+    deferredCredentialIntervalInMS: number;
+    credentialIdentifiers?: string[];
+    credentialConfigurationId?: string;
+    credentialTypes?: string[];
+    token?: string;
+    version?: OpenId4VCIVersion;
+    subjectIssuance?: ExperimentalSubjectIssuance;
+    issuerState?: string;
+    static fromCredentialIssuer({ credentialIssuer, metadata, version, credentialIdentifiers, credentialConfigurationId, credentialTypes, }: {
+        credentialIssuer: string;
+        metadata?: EndpointMetadataResultV1_0;
+        version?: OpenId4VCIVersion;
+        credentialIdentifiers?: string[];
+        credentialConfigurationId?: string;
+        credentialTypes?: string | string[];
+    }): CredentialRequestClientBuilderV1_0;
+    static fromURI({ uri, metadata, }: {
+        uri: string;
+        metadata?: EndpointMetadataResultV1_0;
+    }): Promise<CredentialRequestClientBuilderV1_0>;
+    static fromCredentialOfferRequest(opts: {
+        request: UniformCredentialOfferRequest;
+        scheme?: string;
+        baseUrl?: string;
+        version?: OpenId4VCIVersion;
+        metadata?: EndpointMetadataResultV1_0;
+    }): CredentialRequestClientBuilderV1_0;
+    static fromCredentialOffer({ credentialOffer, metadata, }: {
+        credentialOffer: CredentialOfferRequestWithBaseUrl;
+        metadata?: EndpointMetadataResultV1_0;
+    }): CredentialRequestClientBuilderV1_0;
+    withCredentialEndpointFromMetadata(metadata: CredentialIssuerMetadataV1_0): this;
+    withCredentialEndpoint(credentialEndpoint: string): this;
+    withIssuerState(issuerState?: string): this;
+    withDeferredCredentialEndpointFromMetadata(metadata: CredentialIssuerMetadataV1_0): this;
+    withDeferredCredentialEndpoint(deferredCredentialEndpoint: string): this;
+    withNonceEndpointFromMetadata(metadata: CredentialIssuerMetadataV1_0): this;
+    withNonceEndpoint(nonceEndpoint: string): this;
+    withDeferredCredentialAwait(deferredCredentialAwait: boolean, deferredCredentialIntervalInMS?: number): this;
+    withCredentialIdentifiers(credentialIdentifiers: string[]): this;
+    withCredentialConfigurationId(credentialConfigurationId: string): this;
+    withCredentialType(credentialTypes: string | string[]): this;
+    withSubjectIssuance(subjectIssuance: ExperimentalSubjectIssuance): this;
+    withToken(accessToken: string): this;
+    withTokenFromResponse(response: AccessTokenResponse): this;
+    withVersion(version: OpenId4VCIVersion): this;
+    build(): CredentialRequestClient;
+}
+
 declare class ProofOfPossessionBuilder<DIDDoc = never> {
     private readonly proof?;
     private readonly callbacks?;
@@ -123,6 +177,8 @@ declare class ProofOfPossessionBuilder<DIDDoc = never> {
     private jti?;
     private cNonce?;
     private typ?;
+    private proofType;
+    private coseKey?;
     private constructor();
     static manual({ jwt, callbacks, version, mode, }: {
         jwt?: Jwt;
@@ -151,6 +207,8 @@ declare class ProofOfPossessionBuilder<DIDDoc = never> {
     withAlg(alg: Alg | string): this;
     withJti(jti: string): this;
     withTyp(typ: Typ): this;
+    withProofType(proofType: 'jwt' | 'cwt'): this;
+    withCoseKey(coseKey: unknown): this;
     withAccessTokenNonce(cNonce: string): this;
     withAccessTokenResponse(accessToken: AccessTokenResponse): this;
     withEndpointMetadata(endpointMetadata: EndpointMetadata): this;
@@ -166,13 +224,14 @@ interface CredentialRequestOpts {
     deferredCredentialEndpoint?: string;
     credentialTypes?: string[];
     credentialIdentifier?: string;
+    credentialIdentifiers?: string[];
     credentialConfigurationId?: string;
     proof: ProofOfPossession;
     token: string;
     version: OpenId4VCIVersion;
     subjectIssuance?: ExperimentalSubjectIssuance;
     issuerState?: string;
-    authorizationDetails?: AuthorizationDetailsV1_0_15[];
+    authorizationDetails?: (AuthorizationDetailsV1_0_15 | AuthorizationDetailsV1_0)[];
 }
 type CreateCredentialRequestOpts = {
     credentialIdentifier?: string;
@@ -194,7 +253,7 @@ declare class CredentialRequestClient {
     isDeferred(): boolean;
     getCredentialEndpoint(): string;
     getDeferredCredentialEndpoint(): string | undefined;
-    constructor(builder: CredentialRequestClientBuilderV1_0_15);
+    constructor(builder: CredentialRequestClientBuilderV1_0_15 | CredentialRequestClientBuilderV1_0);
     /**
      * Typically you should not use this method, as it omits a proof from the request.
      * There are certain issuers that in specific circumstances can do without this proof, because they have other means of user binding
@@ -234,10 +293,10 @@ declare class CredentialRequestClient {
     }): Promise<OpenIDResponse<CredentialResponse> & {
         access_token: string;
     }>;
-    createCredentialRequestWithoutProof(opts: CreateCredentialRequestOpts): Promise<CredentialRequestV1_0_15>;
+    createCredentialRequestWithoutProof(opts: CreateCredentialRequestOpts): Promise<CredentialRequestV1_0_15 | CredentialRequestV1_0>;
     createCredentialRequest(opts: CreateCredentialRequestOpts & {
         proofInput: ProofOfPossessionBuilder | ProofOfPossession;
-    }): Promise<CredentialRequestV1_0_15>;
+    }): Promise<CredentialRequestV1_0_15 | CredentialRequestV1_0>;
     private createCredentialRequestImpl;
     private version;
 }
@@ -263,11 +322,12 @@ declare class CredentialOfferClientV1_0_15 {
 declare class CredentialRequestClientBuilder {
     private _builder;
     private constructor();
-    static fromCredentialIssuer({ credentialIssuer, metadata, version, credentialIdentifier, credentialTypes, }: {
+    static fromCredentialIssuer({ credentialIssuer, metadata, version, credentialIdentifier, credentialIdentifiers, credentialTypes, }: {
         credentialIssuer: string;
         metadata?: EndpointMetadata;
         version?: OpenId4VCIVersion;
         credentialIdentifier?: string;
+        credentialIdentifiers?: string[];
         credentialTypes?: string | string[];
     }): CredentialRequestClientBuilder;
     static fromURI({ uri, metadata, }: {
@@ -292,6 +352,7 @@ declare class CredentialRequestClientBuilder {
     withDeferredCredentialEndpoint(deferredCredentialEndpoint: string): this;
     withDeferredCredentialAwait(deferredCredentialAwait: boolean, deferredCredentialIntervalInMS?: number): this;
     withCredentialIdentifier(credentialIdentifier: string): this;
+    withCredentialIdentifiers(credentialIdentifiers: string[]): this;
     withIssuerState(issuerState?: string): this;
     withCredentialType(credentialTypes: string | string[]): this;
     withSubjectIssuance(subjectIssuance: ExperimentalSubjectIssuance): this;
@@ -344,20 +405,21 @@ declare class MetadataClient {
      *
      * @param credentialOffer
      */
-    static retrieveAllMetadataFromCredentialOffer(credentialOffer: CredentialOfferRequestWithBaseUrl): Promise<EndpointMetadataResultV1_0_15>;
+    static retrieveAllMetadataFromCredentialOffer(credentialOffer: CredentialOfferRequestWithBaseUrl): Promise<EndpointMetadataResult$1>;
     /**
      * Retrieve the metada using the initiation request obtained from a previous step
      * @param request
      */
-    static retrieveAllMetadataFromCredentialOfferRequest(request: CredentialOfferPayload): Promise<EndpointMetadataResultV1_0_15>;
+    static retrieveAllMetadataFromCredentialOfferRequest(request: CredentialOfferPayload): Promise<EndpointMetadataResult$1>;
     /**
      * Retrieve all metadata from an issuer
      * @param issuer The issuer URL
      * @param opts
      */
     static retrieveAllMetadata(issuer: string, opts?: {
-        errorOnNotFound: boolean;
-    }): Promise<EndpointMetadataResultV1_0_15>;
+        errorOnNotFound?: boolean;
+        signedMetadataVerifyCallback?: SignedMetadataVerifyCallback;
+    }): Promise<EndpointMetadataResult$1>;
     /**
      * Retrieve only the OID4VCI metadata for the issuer. So no OIDC/OAuth2 metadata
      *
@@ -387,7 +449,8 @@ declare class MetadataClientV1_0_15 {
      * @param opts
      */
     static retrieveAllMetadata(issuer: string, opts?: {
-        errorOnNotFound: boolean;
+        errorOnNotFound?: boolean;
+        signedMetadataVerifyCallback?: SignedMetadataVerifyCallback;
     }): Promise<EndpointMetadataResultV1_0_15>;
     /**
      * Retrieve only the OID4VCI metadata for the issuer. So no OIDC/OAuth2 metadata
@@ -400,6 +463,18 @@ declare class MetadataClientV1_0_15 {
     }): Promise<OpenIDResponse<IssuerMetadataV1_0_15> | undefined>;
 }
 
+declare class MetadataClientV1_0 {
+    static retrieveAllMetadataFromCredentialOffer(credentialOffer: CredentialOfferRequestWithBaseUrl): Promise<EndpointMetadataResultV1_0>;
+    static retrieveAllMetadataFromCredentialOfferRequest(request: CredentialOfferPayloadV1_0): Promise<EndpointMetadataResultV1_0>;
+    static retrieveAllMetadata(issuer: string, opts?: {
+        errorOnNotFound?: boolean;
+        signedMetadataVerifyCallback?: SignedMetadataVerifyCallback;
+    }): Promise<EndpointMetadataResultV1_0>;
+    static retrieveOpenID4VCIServerMetadata(issuerHost: string, opts?: {
+        errorOnNotFound?: boolean;
+    }): Promise<OpenIDResponse<IssuerMetadataV1_0> | undefined>;
+}
+
 interface OpenID4VCIClientStateV1_0_15 {
     credentialIssuer: string;
     credentialOffer?: CredentialOfferRequestWithBaseUrl;
@@ -567,8 +642,10 @@ declare class OpenID4VCIClient {
     }): Promise<AccessTokenResponse & {
         params?: DPoPResponseParams;
     }>;
-    acquireCredentials({ credentialTypes, context, proofCallbacks, format, kid, jwk, alg, jti, deferredCredentialAwait, deferredCredentialIntervalInMS, createDPoPOpts, }: {
-        credentialTypes: string | string[];
+    acquireCredentials({ credentialIdentifier, credentialConfigurationId, credentialTypes, context, proofCallbacks, format, kid, jwk, alg, jti, deferredCredentialAwait, deferredCredentialIntervalInMS, createDPoPOpts, }: {
+        credentialIdentifier?: string;
+        credentialConfigurationId?: string;
+        credentialTypes?: string | string[];
         context?: string[];
         proofCallbacks: ProofOfPossessionCallbacks;
         format: CredentialFormat | OID4VCICredentialFormat;
@@ -624,4 +701,4 @@ declare class OpenID4VCIClient {
 
 declare const LOG: ISimpleLogger<string>;
 
-export { AccessTokenClient, type CreateCredentialRequestOpts, CredentialOfferClient, CredentialOfferClientV1_0_15, CredentialRequestClient, CredentialRequestClientBuilder, CredentialRequestClientBuilderV1_0_15, type CredentialRequestOpts, type EndpointMetadataResult, LOG, MetadataClient, MetadataClientV1_0_15, OpenID4VCIClient, type OpenID4VCIClientState, type OpenID4VCIClientStateV1_0_15, OpenID4VCIClientV1_0_15, ProofOfPossessionBuilder, acquireAuthorizationChallengeAuthCode, acquireAuthorizationChallengeAuthCodeUsingRequest, buildProof, constructBaseResponse, createAuthorizationChallengeRequest, createAuthorizationRequestUrl, createJwtBearerClientAssertion, createSignedAuthRequestWhenNeeded, generateMissingPKCEOpts, handleCredentialOfferUri, isUriEncoded, retrieveWellknown, sendAuthorizationChallengeRequest, sendNotification };
+export { AccessTokenClient, type CreateCredentialRequestOpts, CredentialOfferClient, CredentialOfferClientV1_0_15, CredentialRequestClient, CredentialRequestClientBuilder, CredentialRequestClientBuilderV1_0, CredentialRequestClientBuilderV1_0_15, type CredentialRequestOpts, type EndpointMetadataResult, LOG, MetadataClient, MetadataClientV1_0, MetadataClientV1_0_15, OpenID4VCIClient, type OpenID4VCIClientState, type OpenID4VCIClientStateV1_0_15, OpenID4VCIClientV1_0_15, ProofOfPossessionBuilder, acquireAuthorizationChallengeAuthCode, acquireAuthorizationChallengeAuthCodeUsingRequest, buildProof, constructBaseResponse, createAuthorizationChallengeRequest, createAuthorizationRequestUrl, createJwtBearerClientAssertion, createSignedAuthRequestWhenNeeded, generateMissingPKCEOpts, handleCredentialOfferUri, isUriEncoded, retrieveWellknown, sendAuthorizationChallengeRequest, sendNotification };