@sphereon/oid4vci-client 0.6.1-next.8 → 0.7.1-next.7
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/MetadataClient.d.ts +7 -5
- package/dist/MetadataClient.d.ts.map +1 -1
- package/dist/MetadataClient.js +84 -42
- package/dist/MetadataClient.js.map +1 -1
- package/dist/OpenID4VCIClient.d.ts +2 -2
- package/dist/OpenID4VCIClient.d.ts.map +1 -1
- package/dist/OpenID4VCIClient.js +15 -11
- package/dist/OpenID4VCIClient.js.map +1 -1
- package/lib/MetadataClient.ts +106 -59
- package/lib/OpenID4VCIClient.ts +22 -13
- package/lib/__tests__/AccessTokenClient.spec.ts +10 -1
- package/lib/__tests__/IT.spec.ts +3 -2
- package/lib/__tests__/IssuanceInitiation.spec.ts +13 -0
- package/lib/__tests__/MattrE2E.spec.test.ts +105 -0
- package/lib/__tests__/MetadataClient.spec.ts +21 -12
- package/lib/__tests__/OpenID4VCIClient.spec.ts +9 -7
- package/lib/__tests__/OpenID4VCIClientPAR.spec.ts +15 -5
- package/package.json +7 -7
package/dist/MetadataClient.d.ts
CHANGED
|
@@ -1,16 +1,16 @@
|
|
|
1
|
-
import { CredentialIssuerMetadata, CredentialOfferPayload, CredentialOfferRequestWithBaseUrl,
|
|
1
|
+
import { CredentialIssuerMetadata, CredentialOfferPayload, CredentialOfferRequestWithBaseUrl, EndpointMetadataResult, OpenIDResponse, WellKnownEndpoints } from '@sphereon/oid4vci-common';
|
|
2
2
|
export declare class MetadataClient {
|
|
3
3
|
/**
|
|
4
4
|
* Retrieve metadata using the Initiation obtained from a previous step
|
|
5
5
|
*
|
|
6
6
|
* @param credentialOffer
|
|
7
7
|
*/
|
|
8
|
-
static retrieveAllMetadataFromCredentialOffer(credentialOffer: CredentialOfferRequestWithBaseUrl): Promise<
|
|
8
|
+
static retrieveAllMetadataFromCredentialOffer(credentialOffer: CredentialOfferRequestWithBaseUrl): Promise<EndpointMetadataResult>;
|
|
9
9
|
/**
|
|
10
10
|
* Retrieve the metada using the initiation request obtained from a previous step
|
|
11
11
|
* @param request
|
|
12
12
|
*/
|
|
13
|
-
static retrieveAllMetadataFromCredentialOfferRequest(request: CredentialOfferPayload): Promise<
|
|
13
|
+
static retrieveAllMetadataFromCredentialOfferRequest(request: CredentialOfferPayload): Promise<EndpointMetadataResult>;
|
|
14
14
|
/**
|
|
15
15
|
* Retrieve all metadata from an issuer
|
|
16
16
|
* @param issuer The issuer URL
|
|
@@ -18,13 +18,15 @@ export declare class MetadataClient {
|
|
|
18
18
|
*/
|
|
19
19
|
static retrieveAllMetadata(issuer: string, opts?: {
|
|
20
20
|
errorOnNotFound: boolean;
|
|
21
|
-
}): Promise<
|
|
21
|
+
}): Promise<EndpointMetadataResult>;
|
|
22
22
|
/**
|
|
23
23
|
* Retrieve only the OID4VCI metadata for the issuer. So no OIDC/OAuth2 metadata
|
|
24
24
|
*
|
|
25
25
|
* @param issuerHost The issuer hostname
|
|
26
26
|
*/
|
|
27
|
-
static retrieveOpenID4VCIServerMetadata(issuerHost: string
|
|
27
|
+
static retrieveOpenID4VCIServerMetadata(issuerHost: string, opts?: {
|
|
28
|
+
errorOnNotFound?: boolean;
|
|
29
|
+
}): Promise<OpenIDResponse<CredentialIssuerMetadata> | undefined>;
|
|
28
30
|
/**
|
|
29
31
|
* Allows to retrieve information from a well-known location
|
|
30
32
|
*
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"MetadataClient.d.ts","sourceRoot":"","sources":["../lib/MetadataClient.ts"],"names":[],"mappings":"AAAA,OAAO,
|
|
1
|
+
{"version":3,"file":"MetadataClient.d.ts","sourceRoot":"","sources":["../lib/MetadataClient.ts"],"names":[],"mappings":"AAAA,OAAO,EAGL,wBAAwB,EACxB,sBAAsB,EACtB,iCAAiC,EACjC,sBAAsB,EAEtB,cAAc,EACd,kBAAkB,EACnB,MAAM,0BAA0B,CAAC;AAOlC,qBAAa,cAAc;IACzB;;;;OAIG;WACiB,sCAAsC,CAAC,eAAe,EAAE,iCAAiC,GAAG,OAAO,CAAC,sBAAsB,CAAC;IAI/I;;;OAGG;WACiB,6CAA6C,CAAC,OAAO,EAAE,sBAAsB,GAAG,OAAO,CAAC,sBAAsB,CAAC;IAQnI;;;;OAIG;WACiB,mBAAmB,CAAC,MAAM,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE;QAAE,eAAe,EAAE,OAAO,CAAA;KAAE,GAAG,OAAO,CAAC,sBAAsB,CAAC;IAgH7H;;;;OAIG;WACiB,gCAAgC,CAClD,UAAU,EAAE,MAAM,EAClB,IAAI,CAAC,EAAE;QACL,eAAe,CAAC,EAAE,OAAO,CAAC;KAC3B,GACA,OAAO,CAAC,cAAc,CAAC,wBAAwB,CAAC,GAAG,SAAS,CAAC;IAMhE;;;;;;OAMG;WACiB,iBAAiB,CAAC,CAAC,EACrC,IAAI,EAAE,MAAM,EACZ,YAAY,EAAE,kBAAkB,EAChC,IAAI,CAAC,EAAE;QAAE,eAAe,CAAC,EAAE,OAAO,CAAA;KAAE,GACnC,OAAO,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC;CAU9B"}
|
package/dist/MetadataClient.js
CHANGED
|
@@ -34,8 +34,9 @@ class MetadataClient {
|
|
|
34
34
|
*/
|
|
35
35
|
static retrieveAllMetadataFromCredentialOfferRequest(request) {
|
|
36
36
|
return __awaiter(this, void 0, void 0, function* () {
|
|
37
|
-
|
|
38
|
-
|
|
37
|
+
const issuer = (0, oid4vci_common_1.getIssuerFromCredentialOfferPayload)(request);
|
|
38
|
+
if (issuer) {
|
|
39
|
+
return MetadataClient.retrieveAllMetadata(issuer);
|
|
39
40
|
}
|
|
40
41
|
throw new Error("can't retrieve metadata from CredentialOfferRequest. No issuer field is present");
|
|
41
42
|
});
|
|
@@ -46,70 +47,110 @@ class MetadataClient {
|
|
|
46
47
|
* @param opts
|
|
47
48
|
*/
|
|
48
49
|
static retrieveAllMetadata(issuer, opts) {
|
|
49
|
-
var _a;
|
|
50
50
|
return __awaiter(this, void 0, void 0, function* () {
|
|
51
51
|
let token_endpoint;
|
|
52
52
|
let credential_endpoint;
|
|
53
|
-
|
|
54
|
-
let
|
|
55
|
-
|
|
56
|
-
|
|
57
|
-
|
|
58
|
-
|
|
59
|
-
|
|
60
|
-
|
|
61
|
-
|
|
62
|
-
|
|
63
|
-
errorOnNotFound: true,
|
|
64
|
-
});
|
|
65
|
-
token_endpoint = (_a = response.successBody) === null || _a === void 0 ? void 0 : _a.token_endpoint;
|
|
53
|
+
let authorization_endpoint;
|
|
54
|
+
let authorizationServerType = 'OID4VCI';
|
|
55
|
+
let authorization_server = issuer;
|
|
56
|
+
const oid4vciResponse = yield MetadataClient.retrieveOpenID4VCIServerMetadata(issuer, { errorOnNotFound: false }); // We will handle errors later, given we will also try other metadata locations
|
|
57
|
+
let credentialIssuerMetadata = oid4vciResponse === null || oid4vciResponse === void 0 ? void 0 : oid4vciResponse.successBody;
|
|
58
|
+
if (credentialIssuerMetadata) {
|
|
59
|
+
debug(`Issuer ${issuer} OID4VCI well-known server metadata\r\n${JSON.stringify(credentialIssuerMetadata)}`);
|
|
60
|
+
credential_endpoint = credentialIssuerMetadata.credential_endpoint;
|
|
61
|
+
if (credentialIssuerMetadata.token_endpoint) {
|
|
62
|
+
token_endpoint = credentialIssuerMetadata.token_endpoint;
|
|
66
63
|
}
|
|
64
|
+
if (credentialIssuerMetadata.authorization_server) {
|
|
65
|
+
authorization_server = credentialIssuerMetadata.authorization_server;
|
|
66
|
+
}
|
|
67
|
+
if (credentialIssuerMetadata.authorization_endpoint) {
|
|
68
|
+
authorization_endpoint = credentialIssuerMetadata.authorization_endpoint;
|
|
69
|
+
}
|
|
70
|
+
}
|
|
71
|
+
// No specific OID4VCI endpoint. Either can be an OAuth2 AS or an OIDC IDP. Let's start with OIDC first
|
|
72
|
+
let response = yield MetadataClient.retrieveWellknown(authorization_server, oid4vci_common_1.WellKnownEndpoints.OPENID_CONFIGURATION, {
|
|
73
|
+
errorOnNotFound: false,
|
|
74
|
+
});
|
|
75
|
+
let authMetadata = response.successBody;
|
|
76
|
+
if (authMetadata) {
|
|
77
|
+
debug(`Issuer ${issuer} has OpenID Connect Server metadata in well-known location`);
|
|
78
|
+
authorizationServerType = 'OIDC';
|
|
67
79
|
}
|
|
68
80
|
else {
|
|
69
|
-
//
|
|
70
|
-
|
|
71
|
-
|
|
72
|
-
|
|
73
|
-
|
|
74
|
-
|
|
75
|
-
|
|
81
|
+
// Now let's do OAuth2
|
|
82
|
+
response = yield MetadataClient.retrieveWellknown(authorization_server, oid4vci_common_1.WellKnownEndpoints.OAUTH_AS, { errorOnNotFound: false });
|
|
83
|
+
authMetadata = response.successBody;
|
|
84
|
+
}
|
|
85
|
+
if (!authMetadata) {
|
|
86
|
+
// We will always throw an error, no matter whether the user provided the option not to, because this is bad.
|
|
87
|
+
if (issuer !== authorization_server) {
|
|
88
|
+
throw Error(`Issuer ${issuer} provided a separate authorization server ${authorization_server}, but that server did not provide metadata`);
|
|
76
89
|
}
|
|
77
|
-
|
|
78
|
-
|
|
79
|
-
|
|
80
|
-
|
|
90
|
+
}
|
|
91
|
+
else {
|
|
92
|
+
if (!authorizationServerType) {
|
|
93
|
+
authorizationServerType = 'OAuth 2.0';
|
|
81
94
|
}
|
|
82
|
-
|
|
83
|
-
|
|
84
|
-
|
|
85
|
-
|
|
86
|
-
|
|
95
|
+
debug(`Issuer ${issuer} has ${authorizationServerType} Server metadata in well-known location`);
|
|
96
|
+
if (!authMetadata.authorization_endpoint) {
|
|
97
|
+
throw Error(`Authorization Sever ${authorization_server} did not provide an authorization_endpoint`);
|
|
98
|
+
}
|
|
99
|
+
else if (authorization_endpoint && authMetadata.authorization_endpoint !== authorization_endpoint) {
|
|
100
|
+
throw Error(`Credential issuer has a different authorization_endpoint (${authorization_endpoint}) from the Authorization Server (${authMetadata.authorization_endpoint})`);
|
|
101
|
+
}
|
|
102
|
+
authorization_endpoint = authMetadata.authorization_endpoint;
|
|
103
|
+
if (!authMetadata.token_endpoint) {
|
|
104
|
+
throw Error(`Authorization Sever ${authorization_server} did not provide a token_endpoint`);
|
|
105
|
+
}
|
|
106
|
+
else if (token_endpoint && authMetadata.token_endpoint !== token_endpoint) {
|
|
107
|
+
throw Error(`Credential issuer has a different token_endpoint (${token_endpoint}) from the Authorization Server (${authMetadata.token_endpoint})`);
|
|
108
|
+
}
|
|
109
|
+
token_endpoint = authMetadata.token_endpoint;
|
|
110
|
+
if (authMetadata.credential_endpoint) {
|
|
111
|
+
if (credential_endpoint && authMetadata.credential_endpoint !== credential_endpoint) {
|
|
112
|
+
debug(`Credential issuer has a different credential_endpoint (${credential_endpoint}) from the Authorization Server (${authMetadata.token_endpoint}). Will use the issuer value`);
|
|
113
|
+
}
|
|
114
|
+
else {
|
|
115
|
+
credential_endpoint = authMetadata.credential_endpoint;
|
|
116
|
+
}
|
|
87
117
|
}
|
|
88
118
|
}
|
|
119
|
+
if (!authorization_endpoint) {
|
|
120
|
+
debug(`Issuer ${issuer} does not expose authorization_endpoint, so only pre-auth will be supported`);
|
|
121
|
+
}
|
|
89
122
|
if (!token_endpoint) {
|
|
90
123
|
debug(`Issuer ${issuer} does not have a token_endpoint listed in well-known locations!`);
|
|
91
124
|
if (opts === null || opts === void 0 ? void 0 : opts.errorOnNotFound) {
|
|
92
|
-
throw
|
|
125
|
+
throw Error(`Could not deduce the token_endpoint for ${issuer}`);
|
|
93
126
|
}
|
|
94
127
|
else {
|
|
95
|
-
token_endpoint = `${issuer}${issuer.endsWith('/') ? '' : '/'}
|
|
128
|
+
token_endpoint = `${issuer}${issuer.endsWith('/') ? 'token' : '/token'}`;
|
|
96
129
|
}
|
|
97
130
|
}
|
|
98
131
|
if (!credential_endpoint) {
|
|
99
132
|
debug(`Issuer ${issuer} does not have a credential_endpoint listed in well-known locations!`);
|
|
100
133
|
if (opts === null || opts === void 0 ? void 0 : opts.errorOnNotFound) {
|
|
101
|
-
throw
|
|
134
|
+
throw Error(`Could not deduce the credential endpoint for ${issuer}`);
|
|
102
135
|
}
|
|
103
136
|
else {
|
|
104
|
-
credential_endpoint = `${issuer}${issuer.endsWith('/') ? '' : '/'}
|
|
137
|
+
credential_endpoint = `${issuer}${issuer.endsWith('/') ? 'credential' : '/credential'}`;
|
|
105
138
|
}
|
|
106
139
|
}
|
|
140
|
+
if (!credentialIssuerMetadata && authMetadata) {
|
|
141
|
+
// Apparently everything worked out and the issuer is exposing everything in oAuth2/OIDC well-knowns. Spec is vague about this situation, but we can support it
|
|
142
|
+
credentialIssuerMetadata = authMetadata;
|
|
143
|
+
}
|
|
107
144
|
debug(`Issuer ${issuer} token endpoint ${token_endpoint}, credential endpoint ${credential_endpoint}`);
|
|
108
145
|
return {
|
|
109
146
|
issuer,
|
|
110
147
|
token_endpoint,
|
|
111
148
|
credential_endpoint,
|
|
112
|
-
|
|
149
|
+
authorization_server,
|
|
150
|
+
authorization_endpoint,
|
|
151
|
+
authorizationServerType,
|
|
152
|
+
credentialIssuerMetadata: credentialIssuerMetadata,
|
|
153
|
+
authorizationServerMetadata: authMetadata,
|
|
113
154
|
};
|
|
114
155
|
});
|
|
115
156
|
}
|
|
@@ -118,10 +159,11 @@ class MetadataClient {
|
|
|
118
159
|
*
|
|
119
160
|
* @param issuerHost The issuer hostname
|
|
120
161
|
*/
|
|
121
|
-
static retrieveOpenID4VCIServerMetadata(issuerHost) {
|
|
162
|
+
static retrieveOpenID4VCIServerMetadata(issuerHost, opts) {
|
|
122
163
|
return __awaiter(this, void 0, void 0, function* () {
|
|
123
|
-
|
|
124
|
-
|
|
164
|
+
return MetadataClient.retrieveWellknown(issuerHost, oid4vci_common_1.WellKnownEndpoints.OPENID4VCI_ISSUER, {
|
|
165
|
+
errorOnNotFound: (opts === null || opts === void 0 ? void 0 : opts.errorOnNotFound) === undefined ? true : opts.errorOnNotFound,
|
|
166
|
+
});
|
|
125
167
|
});
|
|
126
168
|
}
|
|
127
169
|
/**
|
|
@@ -136,9 +178,9 @@ class MetadataClient {
|
|
|
136
178
|
const result = yield (0, functions_1.getJson)(`${host.endsWith('/') ? host.slice(0, -1) : host}${endpointType}`, {
|
|
137
179
|
exceptionOnHttpErrorStatus: opts === null || opts === void 0 ? void 0 : opts.errorOnNotFound,
|
|
138
180
|
});
|
|
139
|
-
if (result.origResponse.status
|
|
181
|
+
if (result.origResponse.status >= 400) {
|
|
140
182
|
// We only get here when error on not found is false
|
|
141
|
-
debug(`host ${host} with endpoint type ${endpointType}
|
|
183
|
+
debug(`host ${host} with endpoint type ${endpointType} status: ${result.origResponse.status}, ${result.origResponse.statusText}`);
|
|
142
184
|
}
|
|
143
185
|
return result;
|
|
144
186
|
});
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"MetadataClient.js","sourceRoot":"","sources":["../lib/MetadataClient.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,6DAUkC;AAClC,kDAA0B;AAE1B,2CAAsC;AAEtC,MAAM,KAAK,GAAG,IAAA,eAAK,EAAC,2BAA2B,CAAC,CAAC;AAEjD,MAAa,cAAc;IACzB;;;;OAIG;IACI,MAAM,CAAO,sCAAsC,CAAC,eAAkD;;YAC3G,OAAO,cAAc,CAAC,6CAA6C,CAAC,eAAe,CAAC,gBAAgB,CAAC,CAAC;QACxG,CAAC;KAAA;IAED;;;OAGG;IACI,MAAM,CAAO,6CAA6C,CAAC,OAA+B;;YAC/F,
|
|
1
|
+
{"version":3,"file":"MetadataClient.js","sourceRoot":"","sources":["../lib/MetadataClient.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,6DAUkC;AAClC,kDAA0B;AAE1B,2CAAsC;AAEtC,MAAM,KAAK,GAAG,IAAA,eAAK,EAAC,2BAA2B,CAAC,CAAC;AAEjD,MAAa,cAAc;IACzB;;;;OAIG;IACI,MAAM,CAAO,sCAAsC,CAAC,eAAkD;;YAC3G,OAAO,cAAc,CAAC,6CAA6C,CAAC,eAAe,CAAC,gBAAgB,CAAC,CAAC;QACxG,CAAC;KAAA;IAED;;;OAGG;IACI,MAAM,CAAO,6CAA6C,CAAC,OAA+B;;YAC/F,MAAM,MAAM,GAAG,IAAA,oDAAmC,EAAC,OAAO,CAAC,CAAC;YAC5D,IAAI,MAAM,EAAE;gBACV,OAAO,cAAc,CAAC,mBAAmB,CAAC,MAAM,CAAC,CAAC;aACnD;YACD,MAAM,IAAI,KAAK,CAAC,iFAAiF,CAAC,CAAC;QACrG,CAAC;KAAA;IAED;;;;OAIG;IACI,MAAM,CAAO,mBAAmB,CAAC,MAAc,EAAE,IAAmC;;YACzF,IAAI,cAAkC,CAAC;YACvC,IAAI,mBAAuC,CAAC;YAC5C,IAAI,sBAA0C,CAAC;YAC/C,IAAI,uBAAuB,GAA4B,SAAS,CAAC;YACjE,IAAI,oBAAoB,GAAW,MAAM,CAAC;YAC1C,MAAM,eAAe,GAAG,MAAM,cAAc,CAAC,gCAAgC,CAAC,MAAM,EAAE,EAAE,eAAe,EAAE,KAAK,EAAE,CAAC,CAAC,CAAC,+EAA+E;YAClM,IAAI,wBAAwB,GAAG,eAAe,aAAf,eAAe,uBAAf,eAAe,CAAE,WAAW,CAAC;YAC5D,IAAI,wBAAwB,EAAE;gBAC5B,KAAK,CAAC,UAAU,MAAM,0CAA0C,IAAI,CAAC,SAAS,CAAC,wBAAwB,CAAC,EAAE,CAAC,CAAC;gBAC5G,mBAAmB,GAAG,wBAAwB,CAAC,mBAAmB,CAAC;gBACnE,IAAI,wBAAwB,CAAC,cAAc,EAAE;oBAC3C,cAAc,GAAG,wBAAwB,CAAC,cAAc,CAAC;iBAC1D;gBACD,IAAI,wBAAwB,CAAC,oBAAoB,EAAE;oBACjD,oBAAoB,GAAG,wBAAwB,CAAC,oBAAoB,CAAC;iBACtE;gBACD,IAAI,wBAAwB,CAAC,sBAAsB,EAAE;oBACnD,sBAAsB,GAAG,wBAAwB,CAAC,sBAAsB,CAAC;iBAC1E;aACF;YACD,uGAAuG;YACvG,IAAI,QAAQ,GAAgD,MAAM,cAAc,CAAC,iBAAiB,CAChG,oBAAoB,EACpB,mCAAkB,CAAC,oBAAoB,EACvC;gBACE,eAAe,EAAE,KAAK;aACvB,CACF,CAAC;YACF,IAAI,YAAY,GAAG,QAAQ,CAAC,WAAW,CAAC;YACxC,IAAI,YAAY,EAAE;gBAChB,KAAK,CAAC,UAAU,MAAM,4DAA4D,CAAC,CAAC;gBACpF,uBAAuB,GAAG,MAAM,CAAC;aAClC;iBAAM;gBACL,sBAAsB;gBACtB,QAAQ,GAAG,MAAM,cAAc,CAAC,iBAAiB,CAAC,oBAAoB,EAAE,mCAAkB,CAAC,QAAQ,EAAE,EAAE,eAAe,EAAE,KAAK,EAAE,CAAC,CAAC;gBACjI,YAAY,GAAG,QAAQ,CAAC,WAAW,CAAC;aACrC;YACD,IAAI,CAAC,YAAY,EAAE;gBACjB,6GAA6G;gBAC7G,IAAI,MAAM,KAAK,oBAAoB,EAAE;oBACnC,MAAM,KAAK,CAAC,UAAU,MAAM,6CAA6C,oBAAoB,4CAA4C,CAAC,CAAC;iBAC5I;aACF;iBAAM;gBACL,IAAI,CAAC,uBAAuB,EAAE;oBAC5B,uBAAuB,GAAG,WAAW,CAAC;iBACvC;gBACD,KAAK,CAAC,UAAU,MAAM,QAAQ,uBAAuB,yCAAyC,CAAC,CAAC;gBAChG,IAAI,CAAC,YAAY,CAAC,sBAAsB,EAAE;oBACxC,MAAM,KAAK,CAAC,uBAAuB,oBAAoB,4CAA4C,CAAC,CAAC;iBACtG;qBAAM,IAAI,sBAAsB,IAAI,YAAY,CAAC,sBAAsB,KAAK,sBAAsB,EAAE;oBACnG,MAAM,KAAK,CACT,6DAA6D,sBAAsB,oCAAoC,YAAY,CAAC,sBAAsB,GAAG,CAC9J,CAAC;iBACH;gBACD,sBAAsB,GAAG,YAAY,CAAC,sBAAsB,CAAC;gBAC7D,IAAI,CAAC,YAAY,CAAC,cAAc,EAAE;oBAChC,MAAM,KAAK,CAAC,uBAAuB,oBAAoB,mCAAmC,CAAC,CAAC;iBAC7F;qBAAM,IAAI,cAAc,IAAI,YAAY,CAAC,cAAc,KAAK,cAAc,EAAE;oBAC3E,MAAM,KAAK,CACT,qDAAqD,cAAc,oCAAoC,YAAY,CAAC,cAAc,GAAG,CACtI,CAAC;iBACH;gBACD,cAAc,GAAG,YAAY,CAAC,cAAc,CAAC;gBAC7C,IAAI,YAAY,CAAC,mBAAmB,EAAE;oBACpC,IAAI,mBAAmB,IAAI,YAAY,CAAC,mBAAmB,KAAK,mBAAmB,EAAE;wBACnF,KAAK,CACH,0DAA0D,mBAAmB,oCAAoC,YAAY,CAAC,cAAc,8BAA8B,CAC3K,CAAC;qBACH;yBAAM;wBACL,mBAAmB,GAAG,YAAY,CAAC,mBAAmB,CAAC;qBACxD;iBACF;aACF;YAED,IAAI,CAAC,sBAAsB,EAAE;gBAC3B,KAAK,CAAC,UAAU,MAAM,6EAA6E,CAAC,CAAC;aACtG;YACD,IAAI,CAAC,cAAc,EAAE;gBACnB,KAAK,CAAC,UAAU,MAAM,iEAAiE,CAAC,CAAC;gBACzF,IAAI,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,eAAe,EAAE;oBACzB,MAAM,KAAK,CAAC,2CAA2C,MAAM,EAAE,CAAC,CAAC;iBAClE;qBAAM;oBACL,cAAc,GAAG,GAAG,MAAM,GAAG,MAAM,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,QAAQ,EAAE,CAAC;iBAC1E;aACF;YACD,IAAI,CAAC,mBAAmB,EAAE;gBACxB,KAAK,CAAC,UAAU,MAAM,sEAAsE,CAAC,CAAC;gBAC9F,IAAI,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,eAAe,EAAE;oBACzB,MAAM,KAAK,CAAC,gDAAgD,MAAM,EAAE,CAAC,CAAC;iBACvE;qBAAM;oBACL,mBAAmB,GAAG,GAAG,MAAM,GAAG,MAAM,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,aAAa,EAAE,CAAC;iBACzF;aACF;YAED,IAAI,CAAC,wBAAwB,IAAI,YAAY,EAAE;gBAC7C,+JAA+J;gBAC/J,wBAAwB,GAAG,YAAwC,CAAC;aACrE;YACD,KAAK,CAAC,UAAU,MAAM,mBAAmB,cAAc,yBAAyB,mBAAmB,EAAE,CAAC,CAAC;YACvG,OAAO;gBACL,MAAM;gBACN,cAAc;gBACd,mBAAmB;gBACnB,oBAAoB;gBACpB,sBAAsB;gBACtB,uBAAuB;gBACvB,wBAAwB,EAAE,wBAAwB;gBAClD,2BAA2B,EAAE,YAAY;aAC1C,CAAC;QACJ,CAAC;KAAA;IAED;;;;OAIG;IACI,MAAM,CAAO,gCAAgC,CAClD,UAAkB,EAClB,IAEC;;YAED,OAAO,cAAc,CAAC,iBAAiB,CAAC,UAAU,EAAE,mCAAkB,CAAC,iBAAiB,EAAE;gBACxF,eAAe,EAAE,CAAA,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,eAAe,MAAK,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,eAAe;aACnF,CAAC,CAAC;QACL,CAAC;KAAA;IAED;;;;;;OAMG;IACI,MAAM,CAAO,iBAAiB,CACnC,IAAY,EACZ,YAAgC,EAChC,IAAoC;;YAEpC,MAAM,MAAM,GAAsB,MAAM,IAAA,mBAAO,EAAC,GAAG,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,GAAG,YAAY,EAAE,EAAE;gBACjH,0BAA0B,EAAE,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,eAAe;aAClD,CAAC,CAAC;YACH,IAAI,MAAM,CAAC,YAAY,CAAC,MAAM,IAAI,GAAG,EAAE;gBACrC,oDAAoD;gBACpD,KAAK,CAAC,QAAQ,IAAI,uBAAuB,YAAY,YAAY,MAAM,CAAC,YAAY,CAAC,MAAM,KAAK,MAAM,CAAC,YAAY,CAAC,UAAU,EAAE,CAAC,CAAC;aACnI;YACD,OAAO,MAAM,CAAC;QAChB,CAAC;KAAA;CACF;AAhLD,wCAgLC"}
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import { AccessTokenResponse, Alg, AuthzFlowType, CodeChallengeMethod, CredentialOfferRequestWithBaseUrl, CredentialResponse, CredentialSupported, EndpointMetadata, OID4VCICredentialFormat, OpenId4VCIVersion, OpenIDResponse, ProofOfPossessionCallbacks, PushedAuthorizationResponse } from '@sphereon/oid4vci-common';
|
|
1
|
+
import { AccessTokenResponse, Alg, AuthzFlowType, CodeChallengeMethod, CredentialOfferRequestWithBaseUrl, CredentialResponse, CredentialSupported, EndpointMetadata, EndpointMetadataResult, OID4VCICredentialFormat, OpenId4VCIVersion, OpenIDResponse, ProofOfPossessionCallbacks, PushedAuthorizationResponse } from '@sphereon/oid4vci-common';
|
|
2
2
|
import { CredentialFormat } from '@sphereon/ssi-types';
|
|
3
3
|
interface AuthDetails {
|
|
4
4
|
type: 'openid_credential' | string;
|
|
@@ -59,7 +59,7 @@ export declare class OpenID4VCIClient {
|
|
|
59
59
|
issuerSupportedFlowTypes(): AuthzFlowType[];
|
|
60
60
|
get credentialOffer(): CredentialOfferRequestWithBaseUrl;
|
|
61
61
|
version(): OpenId4VCIVersion;
|
|
62
|
-
get endpointMetadata():
|
|
62
|
+
get endpointMetadata(): EndpointMetadataResult;
|
|
63
63
|
get kid(): string;
|
|
64
64
|
get alg(): string;
|
|
65
65
|
get clientId(): string | undefined;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"OpenID4VCIClient.d.ts","sourceRoot":"","sources":["../lib/OpenID4VCIClient.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,mBAAmB,EACnB,GAAG,EAEH,aAAa,EACb,mBAAmB,EAEnB,iCAAiC,EACjC,kBAAkB,EAClB,mBAAmB,EACnB,gBAAgB,EAChB,uBAAuB,EACvB,iBAAiB,EACjB,cAAc,EACd,0BAA0B,EAC1B,2BAA2B,EAE5B,MAAM,0BAA0B,CAAC;AAGlC,OAAO,EAAE,gBAAgB,EAAE,MAAM,qBAAqB,CAAC;AAYvD,UAAU,WAAW;IACnB,IAAI,EAAE,mBAAmB,GAAG,MAAM,CAAC;IACnC,SAAS,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;IAC9B,MAAM,EAAE,gBAAgB,GAAG,gBAAgB,EAAE,CAAC;IAE9C,CAAC,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC;CACtB;AAED,UAAU,eAAe;IACvB,QAAQ,EAAE,MAAM,CAAC;IACjB,aAAa,EAAE,MAAM,CAAC;IACtB,mBAAmB,EAAE,mBAAmB,CAAC;IACzC,oBAAoB,CAAC,EAAE,WAAW,GAAG,WAAW,EAAE,CAAC;IACnD,WAAW,EAAE,MAAM,CAAC;IACpB,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED,qBAAa,gBAAgB;IAC3B,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAgB;IAC1C,OAAO,CAAC,QAAQ,CAAC,gBAAgB,CAAoC;IACrE,OAAO,CAAC,SAAS,CAAC,CAAS;IAC3B,OAAO,CAAC,IAAI,CAAqB;IACjC,OAAO,CAAC,IAAI,CAA2B;IACvC,OAAO,CAAC,iBAAiB,
|
|
1
|
+
{"version":3,"file":"OpenID4VCIClient.d.ts","sourceRoot":"","sources":["../lib/OpenID4VCIClient.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,mBAAmB,EACnB,GAAG,EAEH,aAAa,EACb,mBAAmB,EAEnB,iCAAiC,EACjC,kBAAkB,EAClB,mBAAmB,EACnB,gBAAgB,EAChB,sBAAsB,EACtB,uBAAuB,EACvB,iBAAiB,EACjB,cAAc,EACd,0BAA0B,EAC1B,2BAA2B,EAE5B,MAAM,0BAA0B,CAAC;AAGlC,OAAO,EAAE,gBAAgB,EAAE,MAAM,qBAAqB,CAAC;AAYvD,UAAU,WAAW;IACnB,IAAI,EAAE,mBAAmB,GAAG,MAAM,CAAC;IACnC,SAAS,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;IAC9B,MAAM,EAAE,gBAAgB,GAAG,gBAAgB,EAAE,CAAC;IAE9C,CAAC,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC;CACtB;AAED,UAAU,eAAe;IACvB,QAAQ,EAAE,MAAM,CAAC;IACjB,aAAa,EAAE,MAAM,CAAC;IACtB,mBAAmB,EAAE,mBAAmB,CAAC;IACzC,oBAAoB,CAAC,EAAE,WAAW,GAAG,WAAW,EAAE,CAAC;IACnD,WAAW,EAAE,MAAM,CAAC;IACpB,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED,qBAAa,gBAAgB;IAC3B,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAgB;IAC1C,OAAO,CAAC,QAAQ,CAAC,gBAAgB,CAAoC;IACrE,OAAO,CAAC,SAAS,CAAC,CAAS;IAC3B,OAAO,CAAC,IAAI,CAAqB;IACjC,OAAO,CAAC,IAAI,CAA2B;IACvC,OAAO,CAAC,iBAAiB,CAAqC;IAC9D,OAAO,CAAC,oBAAoB,CAAkC;IAE9D,OAAO;WAiBa,OAAO,CAAC,EAC1B,GAAG,EACH,QAAQ,EACR,GAAG,EACH,GAAG,EACH,sBAAsB,EACtB,QAAQ,EACR,eAAe,GAChB,EAAE;QACD,GAAG,EAAE,MAAM,CAAC;QACZ,QAAQ,EAAE,aAAa,CAAC;QACxB,GAAG,CAAC,EAAE,MAAM,CAAC;QACb,GAAG,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC;QACnB,sBAAsB,CAAC,EAAE,OAAO,CAAC;QACjC,eAAe,CAAC,EAAE,OAAO,CAAC;QAC1B,QAAQ,CAAC,EAAE,MAAM,CAAC;KACnB,GAAG,OAAO,CAAC,gBAAgB,CAAC;IAShB,sBAAsB,IAAI,OAAO,CAAC,gBAAgB,CAAC;IAQzD,6BAA6B,CAAC,EACnC,QAAQ,EACR,mBAAmB,EACnB,aAAa,EACb,oBAAoB,EACpB,WAAW,EACX,KAAK,GACN,EAAE,eAAe,GAAG,MAAM;IA0Cd,oCAAoC,CAAC,EAChD,QAAQ,EACR,mBAAmB,EACnB,aAAa,EACb,oBAAoB,EACpB,WAAW,EACX,KAAK,GACN,EAAE,eAAe,GAAG,OAAO,CAAC,cAAc,CAAC,2BAA2B,CAAC,CAAC;IAsClE,0BAA0B,CAAC,oBAAoB,CAAC,EAAE,WAAW,GAAG,WAAW,EAAE,GAAG,WAAW,GAAG,WAAW,EAAE,GAAG,SAAS;IAW9H,OAAO,CAAC,eAAe;IAkBV,kBAAkB,CAAC,IAAI,CAAC,EAAE;QACrC,GAAG,CAAC,EAAE,MAAM,CAAC;QACb,QAAQ,CAAC,EAAE,MAAM,CAAC;QAClB,YAAY,CAAC,EAAE,MAAM,CAAC;QACtB,IAAI,CAAC,EAAE,MAAM,CAAC;QACd,WAAW,CAAC,EAAE,MAAM,CAAC;KACtB,GAAG,OAAO,CAAC,mBAAmB,CAAC;IAuCnB,kBAAkB,CAAC,EAC9B,eAAe,EACf,cAAc,EACd,MAAM,EACN,GAAG,EACH,GAAG,EACH,GAAG,GACJ,EAAE;QACD,eAAe,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;QACnC,cAAc,EAAE,0BAA0B,CAAC,GAAG,CAAC,CAAC;QAChD,MAAM,CAAC,EAAE,gBAAgB,GAAG,uBAAuB,CAAC;QACpD,GAAG,CAAC,EAAE,MAAM,CAAC;QACb,GAAG,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC;QACnB,GAAG,CAAC,EAAE,MAAM,CAAC;KACd,GAAG,OAAO,CAAC,kBAAkB,CAAC;IA6E/B,uBAAuB,CAAC,yBAAyB,EAAE,OAAO,EAAE,aAAa,CAAC,EAAE,MAAM,GAAG,mBAAmB,EAAE;IA4D1G,qBAAqB,CAAC,IAAI,EAAE,MAAM,GAAG,mBAAmB,EAAE;IAK1D,kBAAkB,IAAI,MAAM,EAAE;IAW9B,IAAI,QAAQ,IAAI,aAAa,CAE5B;IAED,wBAAwB,IAAI,aAAa,EAAE;IAI3C,IAAI,eAAe,IAAI,iCAAiC,CAEvD;IAEM,OAAO,IAAI,iBAAiB;IAInC,IAAW,gBAAgB,IAAI,sBAAsB,CAIpD;IAED,IAAI,GAAG,IAAI,MAAM,CAMhB;IAED,IAAI,GAAG,IAAI,MAAM,CAMhB;IAED,IAAI,QAAQ,IAAI,MAAM,GAAG,SAAS,CAKjC;IAED,IAAI,mBAAmB,IAAI,mBAAmB,CAI7C;IAEM,SAAS,IAAI,MAAM;IAKnB,sBAAsB,IAAI,MAAM;IAOhC,qBAAqB,IAAI,MAAM;IAKtC,OAAO,CAAC,gBAAgB;IAMxB,OAAO,CAAC,oBAAoB;IAM5B,OAAO,CAAC,iBAAiB;CAK1B"}
|
package/dist/OpenID4VCIClient.js
CHANGED
|
@@ -59,9 +59,12 @@ class OpenID4VCIClient {
|
|
|
59
59
|
if (!scope && !authorizationDetails) {
|
|
60
60
|
throw Error('Please provide a scope or authorization_details');
|
|
61
61
|
}
|
|
62
|
-
// todo:
|
|
63
|
-
|
|
64
|
-
|
|
62
|
+
// todo: Probably can go with current logic in MetadataClient who will always set the authorization_endpoint when found
|
|
63
|
+
// handling this because of the support for v1_0-08
|
|
64
|
+
if (this._endpointMetadata &&
|
|
65
|
+
this._endpointMetadata.credentialIssuerMetadata &&
|
|
66
|
+
'authorization_endpoint' in this._endpointMetadata.credentialIssuerMetadata) {
|
|
67
|
+
this._endpointMetadata.authorization_endpoint = this._endpointMetadata.credentialIssuerMetadata.authorization_endpoint;
|
|
65
68
|
}
|
|
66
69
|
if (!((_a = this._endpointMetadata) === null || _a === void 0 ? void 0 : _a.authorization_endpoint)) {
|
|
67
70
|
throw Error('Server metadata does not contain authorization endpoint');
|
|
@@ -98,12 +101,12 @@ class OpenID4VCIClient {
|
|
|
98
101
|
// Note that the presence of pushed_authorization_request_endpoint is sufficient for a client to determine that it may use the PAR flow.
|
|
99
102
|
// What happens if it doesn't ???
|
|
100
103
|
// let parEndpoint: string
|
|
101
|
-
if (!((_a = this._endpointMetadata) === null || _a === void 0 ? void 0 : _a.
|
|
102
|
-
!('pushed_authorization_request_endpoint' in this._endpointMetadata.
|
|
103
|
-
typeof this._endpointMetadata.
|
|
104
|
+
if (!((_a = this._endpointMetadata) === null || _a === void 0 ? void 0 : _a.credentialIssuerMetadata) ||
|
|
105
|
+
!('pushed_authorization_request_endpoint' in this._endpointMetadata.credentialIssuerMetadata) ||
|
|
106
|
+
typeof this._endpointMetadata.credentialIssuerMetadata.pushed_authorization_request_endpoint !== 'string') {
|
|
104
107
|
throw Error('Server metadata does not contain pushed authorization request endpoint');
|
|
105
108
|
}
|
|
106
|
-
const parEndpoint = this._endpointMetadata.
|
|
109
|
+
const parEndpoint = this._endpointMetadata.credentialIssuerMetadata.pushed_authorization_request_endpoint;
|
|
107
110
|
// add 'openid' scope if not present
|
|
108
111
|
if (scope && !scope.includes('openid')) {
|
|
109
112
|
scope = `openid ${scope}`;
|
|
@@ -134,7 +137,8 @@ class OpenID4VCIClient {
|
|
|
134
137
|
}
|
|
135
138
|
handleLocations(authorizationDetails) {
|
|
136
139
|
var _a;
|
|
137
|
-
if (authorizationDetails &&
|
|
140
|
+
if (authorizationDetails &&
|
|
141
|
+
(((_a = this.endpointMetadata.credentialIssuerMetadata) === null || _a === void 0 ? void 0 : _a.authorization_server) || this.endpointMetadata.authorization_endpoint)) {
|
|
138
142
|
if (authorizationDetails.locations) {
|
|
139
143
|
if (Array.isArray(authorizationDetails.locations)) {
|
|
140
144
|
authorizationDetails.locations.push(this.endpointMetadata.issuer);
|
|
@@ -195,8 +199,8 @@ class OpenID4VCIClient {
|
|
|
195
199
|
metadata: this.endpointMetadata,
|
|
196
200
|
});
|
|
197
201
|
requestBuilder.withTokenFromResponse(this.accessTokenResponse);
|
|
198
|
-
if ((_a = this.endpointMetadata) === null || _a === void 0 ? void 0 : _a.
|
|
199
|
-
const metadata = this.endpointMetadata.
|
|
202
|
+
if ((_a = this.endpointMetadata) === null || _a === void 0 ? void 0 : _a.credentialIssuerMetadata) {
|
|
203
|
+
const metadata = this.endpointMetadata.credentialIssuerMetadata;
|
|
200
204
|
const types = Array.isArray(credentialTypes) ? credentialTypes : [credentialTypes];
|
|
201
205
|
if (metadata.credentials_supported && Array.isArray(metadata.credentials_supported)) {
|
|
202
206
|
for (const type of types) {
|
|
@@ -255,7 +259,7 @@ class OpenID4VCIClient {
|
|
|
255
259
|
}
|
|
256
260
|
getCredentialsSupported(restrictToInitiationTypes, supportedType) {
|
|
257
261
|
return (0, IssuerMetadataUtils_1.getSupportedCredentials)({
|
|
258
|
-
issuerMetadata: this.endpointMetadata.
|
|
262
|
+
issuerMetadata: this.endpointMetadata.credentialIssuerMetadata,
|
|
259
263
|
version: this.version(),
|
|
260
264
|
supportedType,
|
|
261
265
|
credentialTypes: restrictToInitiationTypes ? this.getCredentialTypes() : undefined,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"OpenID4VCIClient.js","sourceRoot":"","sources":["../lib/OpenID4VCIClient.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,6DAiBkC;AAClC,qGAAsG;AAGtG,kDAA0B;AAE1B,2DAAwD;AACxD,mEAAgE;AAChE,qFAAkF;AAClF,qDAAkD;AAClD,yEAAsE;AACtE,2CAAyD;AAEzD,MAAM,KAAK,GAAG,IAAA,eAAK,EAAC,kBAAkB,CAAC,CAAC;AAmBxC,MAAa,gBAAgB;IAS3B,YACE,eAAkD,EAClD,QAAuB,EACvB,GAAY,EACZ,GAAkB,EAClB,QAAiB;QAEjB,IAAI,CAAC,eAAe,CAAC,cAAc,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE;YACtD,MAAM,KAAK,CAAC,SAAS,QAAQ,+BAA+B,eAAe,CAAC,oBAAoB,EAAE,CAAC,CAAC;SACrG;QACD,IAAI,CAAC,SAAS,GAAG,QAAQ,CAAC;QAC1B,IAAI,CAAC,gBAAgB,GAAG,eAAe,CAAC;QACxC,IAAI,CAAC,IAAI,GAAG,GAAG,CAAC;QAChB,IAAI,CAAC,IAAI,GAAG,GAAG,CAAC;QAChB,IAAI,CAAC,SAAS,GAAG,QAAQ,CAAC;IAC5B,CAAC;IAEM,MAAM,CAAO,OAAO,CAAC,EAC1B,GAAG,EACH,QAAQ,EACR,GAAG,EACH,GAAG,EACH,sBAAsB,EACtB,QAAQ,EACR,eAAe,GAShB;;YACC,MAAM,MAAM,GAAG,IAAI,gBAAgB,CAAC,MAAM,6CAAqB,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,OAAO,EAAE,eAAe,EAAE,CAAC,EAAE,QAAQ,EAAE,GAAG,EAAE,GAAG,EAAE,QAAQ,CAAC,CAAC;YAE1I,IAAI,sBAAsB,KAAK,SAAS,IAAI,sBAAsB,EAAE;gBAClE,MAAM,MAAM,CAAC,sBAAsB,EAAE,CAAC;aACvC;YACD,OAAO,MAAM,CAAC;QAChB,CAAC;KAAA;IAEY,sBAAsB;;YACjC,IAAI,CAAC,gBAAgB,EAAE,CAAC;YACxB,IAAI,CAAC,IAAI,CAAC,iBAAiB,EAAE;gBAC3B,IAAI,CAAC,iBAAiB,GAAG,MAAM,+BAAc,CAAC,sCAAsC,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;aAC5G;YACD,OAAO,IAAI,CAAC,gBAAgB,CAAC;QAC/B,CAAC;KAAA;IAEM,6BAA6B,CAAC,EACnC,QAAQ,EACR,mBAAmB,EACnB,aAAa,EACb,oBAAoB,EACpB,WAAW,EACX,KAAK,GACW;;QAChB,gFAAgF;QAChF,iGAAiG;QACjG,IAAI,CAAC,KAAK,IAAI,CAAC,oBAAoB,EAAE;YACnC,MAAM,KAAK,CAAC,iDAAiD,CAAC,CAAC;SAChE;QACD,yDAAyD;QACzD,IAAI,IAAI,CAAC,iBAAiB,IAAI,IAAI,CAAC,iBAAiB,CAAC,cAAc,IAAI,wBAAwB,IAAI,IAAI,CAAC,iBAAiB,CAAC,cAAc,EAAE;YACxI,IAAI,CAAC,iBAAiB,CAAC,sBAAsB,GAAG,IAAI,CAAC,iBAAiB,CAAC,cAAc,CAAC,sBAAgC,CAAC;SACxH;QACD,IAAI,CAAC,CAAA,MAAA,IAAI,CAAC,iBAAiB,0CAAE,sBAAsB,CAAA,EAAE;YACnD,MAAM,KAAK,CAAC,yDAAyD,CAAC,CAAC;SACxE;QAED,oCAAoC;QACpC,IAAI,KAAK,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE;YACtC,KAAK,GAAG,UAAU,KAAK,EAAE,CAAC;SAC3B;QAED,4BAA4B;QAC5B,MAAM,QAAQ,GAAG;YACf,aAAa,EAAE,6BAAY,CAAC,SAAS;YACrC,SAAS,EAAE,QAAQ;YACnB,qBAAqB,EAAE,mBAAmB;YAC1C,cAAc,EAAE,aAAa;YAC7B,qBAAqB,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,0BAA0B,CAAC,oBAAoB,CAAC,CAAC;YAC5F,YAAY,EAAE,WAAW;YACzB,KAAK,EAAE,KAAK;SACkB,CAAC;QAEjC,OAAO,IAAA,4BAAgB,EAAC,QAAQ,EAAE;YAChC,OAAO,EAAE,IAAI,CAAC,iBAAiB,CAAC,sBAAsB;YACtD,iBAAiB,EAAE,CAAC,cAAc,EAAE,OAAO,EAAE,uBAAuB,CAAC;YACrE,OAAO,EAAE,IAAI,CAAC,OAAO,EAAE;SACxB,CAAC,CAAC;IACL,CAAC;IAEY,oCAAoC,CAAC,EAChD,QAAQ,EACR,mBAAmB,EACnB,aAAa,EACb,oBAAoB,EACpB,WAAW,EACX,KAAK,GACW;;;YAChB,gFAAgF;YAChF,iGAAiG;YACjG,IAAI,CAAC,KAAK,IAAI,CAAC,oBAAoB,EAAE;gBACnC,MAAM,KAAK,CAAC,iDAAiD,CAAC,CAAC;aAChE;YAED,6JAA6J;YAC7J,wIAAwI;YACxI,iCAAiC;YACjC,0BAA0B;YAC1B,IACE,CAAC,CAAA,MAAA,IAAI,CAAC,iBAAiB,0CAAE,cAAc,CAAA;gBACvC,CAAC,CAAC,uCAAuC,IAAI,IAAI,CAAC,iBAAiB,CAAC,cAAc,CAAC;gBACnF,OAAO,IAAI,CAAC,iBAAiB,CAAC,cAAc,CAAC,qCAAqC,KAAK,QAAQ,EAC/F;gBACA,MAAM,KAAK,CAAC,wEAAwE,CAAC,CAAC;aACvF;YACD,MAAM,WAAW,GAAW,IAAI,CAAC,iBAAiB,CAAC,cAAc,CAAC,qCAAqC,CAAC;YAExG,oCAAoC;YACpC,IAAI,KAAK,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE;gBACtC,KAAK,GAAG,UAAU,KAAK,EAAE,CAAC;aAC3B;YAED,4BAA4B;YAC5B,MAAM,QAAQ,GAAgC;gBAC5C,aAAa,EAAE,6BAAY,CAAC,SAAS;gBACrC,SAAS,EAAE,QAAQ;gBACnB,qBAAqB,EAAE,mBAAmB;gBAC1C,cAAc,EAAE,aAAa;gBAC7B,qBAAqB,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,0BAA0B,CAAC,oBAAoB,CAAC,CAAC;gBAC5F,YAAY,EAAE,WAAW;gBACzB,KAAK,EAAE,KAAK;aACb,CAAC;YACF,OAAO,MAAM,IAAA,oBAAQ,EAAC,WAAW,EAAE,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC,CAAC;;KAC9D;IAEM,0BAA0B,CAAC,oBAAkD;QAClF,IAAI,oBAAoB,EAAE;YACxB,IAAI,KAAK,CAAC,OAAO,CAAC,oBAAoB,CAAC,EAAE;gBACvC,OAAO,oBAAoB,CAAC,GAAG,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,IAAI,CAAC,eAAe,mBAAM,KAAK,EAAG,CAAC,CAAC;aAChF;iBAAM;gBACL,OAAO,IAAI,CAAC,eAAe,mBAAM,oBAAoB,EAAG,CAAC;aAC1D;SACF;QACD,OAAO,oBAAoB,CAAC;IAC9B,CAAC;IAEO,eAAe,CAAC,oBAAiC;;QACvD,IAAI,oBAAoB,IAAI,CAAC,CAAA,MAAA,IAAI,CAAC,gBAAgB,CAAC,cAAc,0CAAE,oBAAoB,KAAI,IAAI,CAAC,gBAAgB,CAAC,sBAAsB,CAAC,EAAE;YACxI,IAAI,oBAAoB,CAAC,SAAS,EAAE;gBAClC,IAAI,KAAK,CAAC,OAAO,CAAC,oBAAoB,CAAC,SAAS,CAAC,EAAE;oBAChD,oBAAoB,CAAC,SAAsB,CAAC,IAAI,CAAC,IAAI,CAAC,gBAAgB,CAAC,MAAM,CAAC,CAAC;iBACjF;qBAAM;oBACL,oBAAoB,CAAC,SAAS,GAAG,CAAC,oBAAoB,CAAC,SAAmB,EAAE,IAAI,CAAC,gBAAgB,CAAC,MAAM,CAAC,CAAC;iBAC3G;aACF;iBAAM;gBACL,oBAAoB,CAAC,SAAS,GAAG,IAAI,CAAC,gBAAgB,CAAC,MAAM,CAAC;aAC/D;SACF;QACD,OAAO,oBAAoB,CAAC;IAC9B,CAAC;IAEY,kBAAkB,CAAC,IAM/B;;;YACC,MAAM,EAAE,GAAG,EAAE,QAAQ,EAAE,YAAY,EAAE,IAAI,EAAE,WAAW,EAAE,GAAG,IAAI,aAAJ,IAAI,cAAJ,IAAI,GAAI,EAAE,CAAC;YACtE,IAAI,CAAC,gBAAgB,EAAE,CAAC;YACxB,IAAI,QAAQ,EAAE;gBACZ,IAAI,CAAC,SAAS,GAAG,QAAQ,CAAC;aAC3B;YACD,IAAI,CAAC,IAAI,CAAC,oBAAoB,EAAE;gBAC9B,MAAM,iBAAiB,GAAG,IAAI,qCAAiB,EAAE,CAAC;gBAElD,MAAM,QAAQ,GAAG,MAAM,iBAAiB,CAAC,kBAAkB,CAAC;oBAC1D,eAAe,EAAE,IAAI,CAAC,eAAe;oBACrC,QAAQ,EAAE,IAAI,CAAC,gBAAgB;oBAC/B,GAAG;oBACH,YAAY;oBACZ,IAAI;oBACJ,WAAW;oBACX,MAAM,EAAE,EAAE,QAAQ,EAAE;iBACrB,CAAC,CAAC;gBAEH,IAAI,QAAQ,CAAC,SAAS,EAAE;oBACtB,KAAK,CAAC,0BAA0B,QAAQ,CAAC,SAAS,EAAE,CAAC,CAAC;oBACtD,MAAM,KAAK,CACT,mCAAmC,MAAA,IAAI,CAAC,iBAAiB,0CAAE,cAAc,eAAe,IAAI,CAAC,SAAS,EAAE,wBACtG,QAAQ,CAAC,YAAY,CAAC,MACxB,EAAE,CACH,CAAC;iBACH;qBAAM,IAAI,CAAC,QAAQ,CAAC,WAAW,EAAE;oBAChC,KAAK,CAAC,qCAAqC,CAAC,CAAC;oBAC7C,MAAM,KAAK,CACT,mCAAmC,MAAA,IAAI,CAAC,iBAAiB,0CACrD,cAAc,eAAe,IAAI,CAAC,SAAS,EAAE,+CAA+C,CACjG,CAAC;iBACH;gBACD,IAAI,CAAC,oBAAoB,GAAG,QAAQ,CAAC,WAAW,CAAC;aAClD;YAED,OAAO,IAAI,CAAC,mBAAmB,CAAC;;KACjC;IAEY,kBAAkB,CAAC,EAC9B,eAAe,EACf,cAAc,EACd,MAAM,EACN,GAAG,EACH,GAAG,EACH,GAAG,GAQJ;;;YACC,IAAI,GAAG,EAAE;gBACP,IAAI,CAAC,IAAI,GAAG,GAAG,CAAC;aACjB;YACD,IAAI,GAAG,EAAE;gBACP,IAAI,CAAC,IAAI,GAAG,GAAG,CAAC;aACjB;YAED,MAAM,cAAc,GAAG,+DAA8B,CAAC,mBAAmB,CAAC;gBACxE,eAAe,EAAE,IAAI,CAAC,eAAe;gBACrC,QAAQ,EAAE,IAAI,CAAC,gBAAgB;aAChC,CAAC,CAAC;YACH,cAAc,CAAC,qBAAqB,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;YAC/D,IAAI,MAAA,IAAI,CAAC,gBAAgB,0CAAE,cAAc,EAAE;gBACzC,MAAM,QAAQ,GAAG,IAAI,CAAC,gBAAgB,CAAC,cAAc,CAAC;gBACtD,MAAM,KAAK,GAAG,KAAK,CAAC,OAAO,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC,eAAe,CAAC,CAAC;gBACnF,IAAI,QAAQ,CAAC,qBAAqB,IAAI,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,qBAAqB,CAAC,EAAE;oBACnF,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE;wBACxB,IAAI,aAAa,GAAG,KAAK,CAAC;wBAC1B,KAAK,MAAM,mBAAmB,IAAI,QAAQ,CAAC,qBAAqB,EAAE;4BAChE,IAAI,CAAC,mBAAmB,CAAC,KAAK,IAAI,mBAAmB,CAAC,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE;gCACxE,MAAM,KAAK,CAAC,gDAAgD,CAAC,CAAC;6BAC/D;4BACD,IAAI,mBAAmB,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,EAAE;gCACjD,aAAa,GAAG,IAAI,CAAC;6BACtB;yBACF;wBACD,IAAI,CAAC,aAAa,EAAE;4BAClB,MAAM,KAAK,CAAC,4BAA4B,IAAI,CAAC,SAAS,CAAC,eAAe,CAAC,4BAA4B,IAAI,CAAC,SAAS,EAAE,EAAE,CAAC,CAAC;yBACxH;qBACF;iBACF;qBAAM,IAAI,QAAQ,CAAC,qBAAqB,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,qBAAqB,CAAC,EAAE;oBAC3F,MAAM,oBAAoB,GAAG,QAAQ,CAAC,qBAAuD,CAAC;oBAC9F,IAAI,KAAK,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,QAAQ,CAAC,qBAAqB,IAAI,CAAC,oBAAoB,CAAC,IAAI,CAAC,CAAC,EAAE;wBACxF,MAAM,KAAK,CAAC,4BAA4B,IAAI,CAAC,SAAS,CAAC,eAAe,CAAC,4BAA4B,IAAI,CAAC,SAAS,EAAE,EAAE,CAAC,CAAC;qBACxH;iBACF;gBACD,4GAA4G;aAC7G;YACD,MAAM,uBAAuB,GAAG,cAAc,CAAC,KAAK,EAAE,CAAC;YACvD,MAAM,YAAY,GAAG,mDAAwB,CAAC,uBAAuB,CAAC;gBACpE,mBAAmB,EAAE,IAAI,CAAC,mBAAmB;gBAC7C,SAAS,EAAE,cAAc;gBACzB,OAAO,EAAE,IAAI,CAAC,OAAO,EAAE;aACxB,CAAC;iBACC,UAAU,CAAC,IAAI,CAAC,SAAS,EAAE,CAAC;iBAC5B,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC;iBACjB,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;YAErB,IAAI,IAAI,CAAC,QAAQ,EAAE;gBACjB,YAAY,CAAC,YAAY,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;aAC1C;YACD,IAAI,GAAG,EAAE;gBACP,YAAY,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;aAC3B;YACD,MAAM,QAAQ,GAAG,MAAM,uBAAuB,CAAC,4BAA4B,CAAC;gBAC1E,UAAU,EAAE,YAAY;gBACxB,eAAe,EAAE,eAAe;gBAChC,MAAM;aACP,CAAC,CAAC;YACH,IAAI,QAAQ,CAAC,SAAS,EAAE;gBACtB,KAAK,CAAC,gCAAgC,QAAQ,CAAC,SAAS,EAAE,CAAC,CAAC;gBAC5D,MAAM,KAAK,CACT,gCAAgC,MAAA,IAAI,CAAC,iBAAiB,0CAAE,mBAAmB,eAAe,IAAI,CAAC,SAAS,EAAE,wBACxG,QAAQ,CAAC,YAAY,CAAC,MACxB,EAAE,CACH,CAAC;aACH;iBAAM,IAAI,CAAC,QAAQ,CAAC,WAAW,EAAE;gBAChC,KAAK,CAAC,2CAA2C,CAAC,CAAC;gBACnD,MAAM,KAAK,CACT,gCAAgC,MAAA,IAAI,CAAC,iBAAiB,0CAClD,mBAAmB,eAAe,IAAI,CAAC,SAAS,EAAE,+CAA+C,CACtG,CAAC;aACH;YACD,OAAO,QAAQ,CAAC,WAAW,CAAC;;KAC7B;IAED,uBAAuB,CAAC,yBAAkC,EAAE,aAAsB;QAChF,OAAO,IAAA,6CAAuB,EAAC;YAC7B,cAAc,EAAE,IAAI,CAAC,gBAAgB,CAAC,cAAc;YACpD,OAAO,EAAE,IAAI,CAAC,OAAO,EAAE;YACvB,aAAa;YACb,eAAe,EAAE,yBAAyB,CAAC,CAAC,CAAC,IAAI,CAAC,kBAAkB,EAAE,CAAC,CAAC,CAAC,SAAS;SACnF,CAAC,CAAC;QACH;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;oEAkD4D;IAC9D,CAAC;IAED,qBAAqB,CAAC,IAAY;QAChC,OAAO,IAAI,CAAC,uBAAuB,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC;IACnD,CAAC;IAED,qDAAqD;IACrD,kBAAkB;QAChB,IAAI,IAAI,CAAC,eAAe,CAAC,OAAO,GAAG,kCAAiB,CAAC,UAAU,EAAE;YAC/D,OAAO,OAAQ,IAAI,CAAC,eAAe,CAAC,yBAA2D,CAAC,eAAe,KAAK,QAAQ;gBAC1H,CAAC,CAAC,CAAE,IAAI,CAAC,eAAe,CAAC,yBAA2D,CAAC,eAAyB,CAAC;gBAC/G,CAAC,CAAG,IAAI,CAAC,eAAe,CAAC,yBAA2D,CAAC,eAA4B,CAAC;SACrH;aAAM;YACL,6JAA6J;YAC7J,OAAO,IAAI,CAAC,eAAe,CAAC,gBAAgB,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,OAAO,CAAC,KAAK,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC;SAChH;IACH,CAAC;IAED,IAAI,QAAQ;QACV,OAAO,IAAI,CAAC,SAAS,CAAC;IACxB,CAAC;IAED,wBAAwB;QACtB,OAAO,IAAI,CAAC,eAAe,CAAC,cAAc,CAAC;IAC7C,CAAC;IAED,IAAI,eAAe;QACjB,OAAO,IAAI,CAAC,gBAAgB,CAAC;IAC/B,CAAC;IAEM,OAAO;QACZ,OAAO,IAAI,CAAC,eAAe,CAAC,OAAO,CAAC;IACtC,CAAC;IAED,IAAW,gBAAgB;QACzB,IAAI,CAAC,oBAAoB,EAAE,CAAC;QAC5B,oEAAoE;QACpE,OAAO,IAAI,CAAC,iBAAkB,CAAC;IACjC,CAAC;IAED,IAAI,GAAG;QACL,IAAI,CAAC,gBAAgB,EAAE,CAAC;QACxB,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE;YACd,MAAM,IAAI,KAAK,CAAC,8BAA8B,CAAC,CAAC;SACjD;QACD,OAAO,IAAI,CAAC,IAAI,CAAC;IACnB,CAAC;IAED,IAAI,GAAG;QACL,IAAI,CAAC,gBAAgB,EAAE,CAAC;QACxB,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE;YACd,MAAM,IAAI,KAAK,CAAC,8BAA8B,CAAC,CAAC;SACjD;QACD,OAAO,IAAI,CAAC,IAAI,CAAC;IACnB,CAAC;IAED,IAAI,QAAQ;QACV;;WAEG;QACH,OAAO,IAAI,CAAC,SAAS,CAAC;IACxB,CAAC;IAED,IAAI,mBAAmB;QACrB,IAAI,CAAC,iBAAiB,EAAE,CAAC;QACzB,oEAAoE;QACpE,OAAO,IAAI,CAAC,oBAAqB,CAAC;IACpC,CAAC;IAEM,SAAS;QACd,IAAI,CAAC,gBAAgB,EAAE,CAAC;QACxB,OAAO,IAAI,CAAC,iBAAiB,CAAC,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,EAAE,CAAC;IAClF,CAAC;IAEM,sBAAsB;QAC3B,IAAI,CAAC,gBAAgB,EAAE,CAAC;QACxB,OAAO,IAAI,CAAC,gBAAgB;YAC1B,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC,cAAc;YACtC,CAAC,CAAC,qCAAiB,CAAC,iBAAiB,CAAC,EAAE,UAAU,EAAE,EAAE,MAAM,EAAE,IAAI,CAAC,SAAS,EAAE,EAAE,EAAE,CAAC,CAAC;IACxF,CAAC;IAEM,qBAAqB;QAC1B,IAAI,CAAC,gBAAgB,EAAE,CAAC;QACxB,OAAO,IAAI,CAAC,gBAAgB,CAAC,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC,mBAAmB,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,SAAS,EAAE,aAAa,CAAC;IAC9G,CAAC;IAEO,gBAAgB;QACtB,IAAI,CAAC,IAAI,CAAC,gBAAgB,EAAE;YAC1B,MAAM,KAAK,CAAC,oDAAoD,CAAC,CAAC;SACnE;IACH,CAAC;IAEO,oBAAoB;QAC1B,IAAI,CAAC,IAAI,CAAC,iBAAiB,EAAE;YAC3B,MAAM,KAAK,CAAC,oBAAoB,CAAC,CAAC;SACnC;IACH,CAAC;IAEO,iBAAiB;QACvB,IAAI,CAAC,IAAI,CAAC,oBAAoB,EAAE;YAC9B,MAAM,KAAK,CAAC,yBAAyB,CAAC,CAAC;SACxC;IACH,CAAC;CACF;AAvdD,4CAudC"}
|
|
1
|
+
{"version":3,"file":"OpenID4VCIClient.js","sourceRoot":"","sources":["../lib/OpenID4VCIClient.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,6DAkBkC;AAClC,qGAAsG;AAGtG,kDAA0B;AAE1B,2DAAwD;AACxD,mEAAgE;AAChE,qFAAkF;AAClF,qDAAkD;AAClD,yEAAsE;AACtE,2CAAyD;AAEzD,MAAM,KAAK,GAAG,IAAA,eAAK,EAAC,kBAAkB,CAAC,CAAC;AAmBxC,MAAa,gBAAgB;IAS3B,YACE,eAAkD,EAClD,QAAuB,EACvB,GAAY,EACZ,GAAkB,EAClB,QAAiB;QAEjB,IAAI,CAAC,eAAe,CAAC,cAAc,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE;YACtD,MAAM,KAAK,CAAC,SAAS,QAAQ,+BAA+B,eAAe,CAAC,oBAAoB,EAAE,CAAC,CAAC;SACrG;QACD,IAAI,CAAC,SAAS,GAAG,QAAQ,CAAC;QAC1B,IAAI,CAAC,gBAAgB,GAAG,eAAe,CAAC;QACxC,IAAI,CAAC,IAAI,GAAG,GAAG,CAAC;QAChB,IAAI,CAAC,IAAI,GAAG,GAAG,CAAC;QAChB,IAAI,CAAC,SAAS,GAAG,QAAQ,CAAC;IAC5B,CAAC;IAEM,MAAM,CAAO,OAAO,CAAC,EAC1B,GAAG,EACH,QAAQ,EACR,GAAG,EACH,GAAG,EACH,sBAAsB,EACtB,QAAQ,EACR,eAAe,GAShB;;YACC,MAAM,MAAM,GAAG,IAAI,gBAAgB,CAAC,MAAM,6CAAqB,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,OAAO,EAAE,eAAe,EAAE,CAAC,EAAE,QAAQ,EAAE,GAAG,EAAE,GAAG,EAAE,QAAQ,CAAC,CAAC;YAE1I,IAAI,sBAAsB,KAAK,SAAS,IAAI,sBAAsB,EAAE;gBAClE,MAAM,MAAM,CAAC,sBAAsB,EAAE,CAAC;aACvC;YACD,OAAO,MAAM,CAAC;QAChB,CAAC;KAAA;IAEY,sBAAsB;;YACjC,IAAI,CAAC,gBAAgB,EAAE,CAAC;YACxB,IAAI,CAAC,IAAI,CAAC,iBAAiB,EAAE;gBAC3B,IAAI,CAAC,iBAAiB,GAAG,MAAM,+BAAc,CAAC,sCAAsC,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;aAC5G;YACD,OAAO,IAAI,CAAC,gBAAgB,CAAC;QAC/B,CAAC;KAAA;IAEM,6BAA6B,CAAC,EACnC,QAAQ,EACR,mBAAmB,EACnB,aAAa,EACb,oBAAoB,EACpB,WAAW,EACX,KAAK,GACW;;QAChB,gFAAgF;QAChF,iGAAiG;QACjG,IAAI,CAAC,KAAK,IAAI,CAAC,oBAAoB,EAAE;YACnC,MAAM,KAAK,CAAC,iDAAiD,CAAC,CAAC;SAChE;QACD,uHAAuH;QACvH,oDAAoD;QACpD,IACE,IAAI,CAAC,iBAAiB;YACtB,IAAI,CAAC,iBAAiB,CAAC,wBAAwB;YAC/C,wBAAwB,IAAI,IAAI,CAAC,iBAAiB,CAAC,wBAAwB,EAC3E;YACA,IAAI,CAAC,iBAAiB,CAAC,sBAAsB,GAAG,IAAI,CAAC,iBAAiB,CAAC,wBAAwB,CAAC,sBAAgC,CAAC;SAClI;QACD,IAAI,CAAC,CAAA,MAAA,IAAI,CAAC,iBAAiB,0CAAE,sBAAsB,CAAA,EAAE;YACnD,MAAM,KAAK,CAAC,yDAAyD,CAAC,CAAC;SACxE;QAED,oCAAoC;QACpC,IAAI,KAAK,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE;YACtC,KAAK,GAAG,UAAU,KAAK,EAAE,CAAC;SAC3B;QAED,4BAA4B;QAC5B,MAAM,QAAQ,GAAG;YACf,aAAa,EAAE,6BAAY,CAAC,SAAS;YACrC,SAAS,EAAE,QAAQ;YACnB,qBAAqB,EAAE,mBAAmB;YAC1C,cAAc,EAAE,aAAa;YAC7B,qBAAqB,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,0BAA0B,CAAC,oBAAoB,CAAC,CAAC;YAC5F,YAAY,EAAE,WAAW;YACzB,KAAK,EAAE,KAAK;SACkB,CAAC;QAEjC,OAAO,IAAA,4BAAgB,EAAC,QAAQ,EAAE;YAChC,OAAO,EAAE,IAAI,CAAC,iBAAiB,CAAC,sBAAsB;YACtD,iBAAiB,EAAE,CAAC,cAAc,EAAE,OAAO,EAAE,uBAAuB,CAAC;YACrE,OAAO,EAAE,IAAI,CAAC,OAAO,EAAE;SACxB,CAAC,CAAC;IACL,CAAC;IAEY,oCAAoC,CAAC,EAChD,QAAQ,EACR,mBAAmB,EACnB,aAAa,EACb,oBAAoB,EACpB,WAAW,EACX,KAAK,GACW;;;YAChB,gFAAgF;YAChF,iGAAiG;YACjG,IAAI,CAAC,KAAK,IAAI,CAAC,oBAAoB,EAAE;gBACnC,MAAM,KAAK,CAAC,iDAAiD,CAAC,CAAC;aAChE;YAED,6JAA6J;YAC7J,wIAAwI;YACxI,iCAAiC;YACjC,0BAA0B;YAC1B,IACE,CAAC,CAAA,MAAA,IAAI,CAAC,iBAAiB,0CAAE,wBAAwB,CAAA;gBACjD,CAAC,CAAC,uCAAuC,IAAI,IAAI,CAAC,iBAAiB,CAAC,wBAAwB,CAAC;gBAC7F,OAAO,IAAI,CAAC,iBAAiB,CAAC,wBAAwB,CAAC,qCAAqC,KAAK,QAAQ,EACzG;gBACA,MAAM,KAAK,CAAC,wEAAwE,CAAC,CAAC;aACvF;YACD,MAAM,WAAW,GAAW,IAAI,CAAC,iBAAiB,CAAC,wBAAwB,CAAC,qCAAqC,CAAC;YAElH,oCAAoC;YACpC,IAAI,KAAK,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE;gBACtC,KAAK,GAAG,UAAU,KAAK,EAAE,CAAC;aAC3B;YAED,4BAA4B;YAC5B,MAAM,QAAQ,GAAgC;gBAC5C,aAAa,EAAE,6BAAY,CAAC,SAAS;gBACrC,SAAS,EAAE,QAAQ;gBACnB,qBAAqB,EAAE,mBAAmB;gBAC1C,cAAc,EAAE,aAAa;gBAC7B,qBAAqB,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,0BAA0B,CAAC,oBAAoB,CAAC,CAAC;gBAC5F,YAAY,EAAE,WAAW;gBACzB,KAAK,EAAE,KAAK;aACb,CAAC;YACF,OAAO,MAAM,IAAA,oBAAQ,EAAC,WAAW,EAAE,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC,CAAC;;KAC9D;IAEM,0BAA0B,CAAC,oBAAkD;QAClF,IAAI,oBAAoB,EAAE;YACxB,IAAI,KAAK,CAAC,OAAO,CAAC,oBAAoB,CAAC,EAAE;gBACvC,OAAO,oBAAoB,CAAC,GAAG,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,IAAI,CAAC,eAAe,mBAAM,KAAK,EAAG,CAAC,CAAC;aAChF;iBAAM;gBACL,OAAO,IAAI,CAAC,eAAe,mBAAM,oBAAoB,EAAG,CAAC;aAC1D;SACF;QACD,OAAO,oBAAoB,CAAC;IAC9B,CAAC;IAEO,eAAe,CAAC,oBAAiC;;QACvD,IACE,oBAAoB;YACpB,CAAC,CAAA,MAAA,IAAI,CAAC,gBAAgB,CAAC,wBAAwB,0CAAE,oBAAoB,KAAI,IAAI,CAAC,gBAAgB,CAAC,sBAAsB,CAAC,EACtH;YACA,IAAI,oBAAoB,CAAC,SAAS,EAAE;gBAClC,IAAI,KAAK,CAAC,OAAO,CAAC,oBAAoB,CAAC,SAAS,CAAC,EAAE;oBAChD,oBAAoB,CAAC,SAAsB,CAAC,IAAI,CAAC,IAAI,CAAC,gBAAgB,CAAC,MAAM,CAAC,CAAC;iBACjF;qBAAM;oBACL,oBAAoB,CAAC,SAAS,GAAG,CAAC,oBAAoB,CAAC,SAAmB,EAAE,IAAI,CAAC,gBAAgB,CAAC,MAAM,CAAC,CAAC;iBAC3G;aACF;iBAAM;gBACL,oBAAoB,CAAC,SAAS,GAAG,IAAI,CAAC,gBAAgB,CAAC,MAAM,CAAC;aAC/D;SACF;QACD,OAAO,oBAAoB,CAAC;IAC9B,CAAC;IAEY,kBAAkB,CAAC,IAM/B;;;YACC,MAAM,EAAE,GAAG,EAAE,QAAQ,EAAE,YAAY,EAAE,IAAI,EAAE,WAAW,EAAE,GAAG,IAAI,aAAJ,IAAI,cAAJ,IAAI,GAAI,EAAE,CAAC;YACtE,IAAI,CAAC,gBAAgB,EAAE,CAAC;YACxB,IAAI,QAAQ,EAAE;gBACZ,IAAI,CAAC,SAAS,GAAG,QAAQ,CAAC;aAC3B;YACD,IAAI,CAAC,IAAI,CAAC,oBAAoB,EAAE;gBAC9B,MAAM,iBAAiB,GAAG,IAAI,qCAAiB,EAAE,CAAC;gBAElD,MAAM,QAAQ,GAAG,MAAM,iBAAiB,CAAC,kBAAkB,CAAC;oBAC1D,eAAe,EAAE,IAAI,CAAC,eAAe;oBACrC,QAAQ,EAAE,IAAI,CAAC,gBAAgB;oBAC/B,GAAG;oBACH,YAAY;oBACZ,IAAI;oBACJ,WAAW;oBACX,MAAM,EAAE,EAAE,QAAQ,EAAE;iBACrB,CAAC,CAAC;gBAEH,IAAI,QAAQ,CAAC,SAAS,EAAE;oBACtB,KAAK,CAAC,0BAA0B,QAAQ,CAAC,SAAS,EAAE,CAAC,CAAC;oBACtD,MAAM,KAAK,CACT,mCAAmC,MAAA,IAAI,CAAC,iBAAiB,0CAAE,cAAc,eAAe,IAAI,CAAC,SAAS,EAAE,wBACtG,QAAQ,CAAC,YAAY,CAAC,MACxB,EAAE,CACH,CAAC;iBACH;qBAAM,IAAI,CAAC,QAAQ,CAAC,WAAW,EAAE;oBAChC,KAAK,CAAC,qCAAqC,CAAC,CAAC;oBAC7C,MAAM,KAAK,CACT,mCAAmC,MAAA,IAAI,CAAC,iBAAiB,0CACrD,cAAc,eAAe,IAAI,CAAC,SAAS,EAAE,+CAA+C,CACjG,CAAC;iBACH;gBACD,IAAI,CAAC,oBAAoB,GAAG,QAAQ,CAAC,WAAW,CAAC;aAClD;YAED,OAAO,IAAI,CAAC,mBAAmB,CAAC;;KACjC;IAEY,kBAAkB,CAAC,EAC9B,eAAe,EACf,cAAc,EACd,MAAM,EACN,GAAG,EACH,GAAG,EACH,GAAG,GAQJ;;;YACC,IAAI,GAAG,EAAE;gBACP,IAAI,CAAC,IAAI,GAAG,GAAG,CAAC;aACjB;YACD,IAAI,GAAG,EAAE;gBACP,IAAI,CAAC,IAAI,GAAG,GAAG,CAAC;aACjB;YAED,MAAM,cAAc,GAAG,+DAA8B,CAAC,mBAAmB,CAAC;gBACxE,eAAe,EAAE,IAAI,CAAC,eAAe;gBACrC,QAAQ,EAAE,IAAI,CAAC,gBAAgB;aAChC,CAAC,CAAC;YACH,cAAc,CAAC,qBAAqB,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;YAC/D,IAAI,MAAA,IAAI,CAAC,gBAAgB,0CAAE,wBAAwB,EAAE;gBACnD,MAAM,QAAQ,GAAG,IAAI,CAAC,gBAAgB,CAAC,wBAAwB,CAAC;gBAChE,MAAM,KAAK,GAAG,KAAK,CAAC,OAAO,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC,eAAe,CAAC,CAAC;gBACnF,IAAI,QAAQ,CAAC,qBAAqB,IAAI,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,qBAAqB,CAAC,EAAE;oBACnF,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE;wBACxB,IAAI,aAAa,GAAG,KAAK,CAAC;wBAC1B,KAAK,MAAM,mBAAmB,IAAI,QAAQ,CAAC,qBAAqB,EAAE;4BAChE,IAAI,CAAC,mBAAmB,CAAC,KAAK,IAAI,mBAAmB,CAAC,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE;gCACxE,MAAM,KAAK,CAAC,gDAAgD,CAAC,CAAC;6BAC/D;4BACD,IAAI,mBAAmB,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,EAAE;gCACjD,aAAa,GAAG,IAAI,CAAC;6BACtB;yBACF;wBACD,IAAI,CAAC,aAAa,EAAE;4BAClB,MAAM,KAAK,CAAC,4BAA4B,IAAI,CAAC,SAAS,CAAC,eAAe,CAAC,4BAA4B,IAAI,CAAC,SAAS,EAAE,EAAE,CAAC,CAAC;yBACxH;qBACF;iBACF;qBAAM,IAAI,QAAQ,CAAC,qBAAqB,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,qBAAqB,CAAC,EAAE;oBAC3F,MAAM,oBAAoB,GAAG,QAAQ,CAAC,qBAAuD,CAAC;oBAC9F,IAAI,KAAK,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,QAAQ,CAAC,qBAAqB,IAAI,CAAC,oBAAoB,CAAC,IAAI,CAAC,CAAC,EAAE;wBACxF,MAAM,KAAK,CAAC,4BAA4B,IAAI,CAAC,SAAS,CAAC,eAAe,CAAC,4BAA4B,IAAI,CAAC,SAAS,EAAE,EAAE,CAAC,CAAC;qBACxH;iBACF;gBACD,4GAA4G;aAC7G;YACD,MAAM,uBAAuB,GAAG,cAAc,CAAC,KAAK,EAAE,CAAC;YACvD,MAAM,YAAY,GAAG,mDAAwB,CAAC,uBAAuB,CAAC;gBACpE,mBAAmB,EAAE,IAAI,CAAC,mBAAmB;gBAC7C,SAAS,EAAE,cAAc;gBACzB,OAAO,EAAE,IAAI,CAAC,OAAO,EAAE;aACxB,CAAC;iBACC,UAAU,CAAC,IAAI,CAAC,SAAS,EAAE,CAAC;iBAC5B,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC;iBACjB,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;YAErB,IAAI,IAAI,CAAC,QAAQ,EAAE;gBACjB,YAAY,CAAC,YAAY,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;aAC1C;YACD,IAAI,GAAG,EAAE;gBACP,YAAY,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;aAC3B;YACD,MAAM,QAAQ,GAAG,MAAM,uBAAuB,CAAC,4BAA4B,CAAC;gBAC1E,UAAU,EAAE,YAAY;gBACxB,eAAe,EAAE,eAAe;gBAChC,MAAM;aACP,CAAC,CAAC;YACH,IAAI,QAAQ,CAAC,SAAS,EAAE;gBACtB,KAAK,CAAC,gCAAgC,QAAQ,CAAC,SAAS,EAAE,CAAC,CAAC;gBAC5D,MAAM,KAAK,CACT,gCAAgC,MAAA,IAAI,CAAC,iBAAiB,0CAAE,mBAAmB,eAAe,IAAI,CAAC,SAAS,EAAE,wBACxG,QAAQ,CAAC,YAAY,CAAC,MACxB,EAAE,CACH,CAAC;aACH;iBAAM,IAAI,CAAC,QAAQ,CAAC,WAAW,EAAE;gBAChC,KAAK,CAAC,2CAA2C,CAAC,CAAC;gBACnD,MAAM,KAAK,CACT,gCAAgC,MAAA,IAAI,CAAC,iBAAiB,0CAClD,mBAAmB,eAAe,IAAI,CAAC,SAAS,EAAE,+CAA+C,CACtG,CAAC;aACH;YACD,OAAO,QAAQ,CAAC,WAAW,CAAC;;KAC7B;IAED,uBAAuB,CAAC,yBAAkC,EAAE,aAAsB;QAChF,OAAO,IAAA,6CAAuB,EAAC;YAC7B,cAAc,EAAE,IAAI,CAAC,gBAAgB,CAAC,wBAAwB;YAC9D,OAAO,EAAE,IAAI,CAAC,OAAO,EAAE;YACvB,aAAa;YACb,eAAe,EAAE,yBAAyB,CAAC,CAAC,CAAC,IAAI,CAAC,kBAAkB,EAAE,CAAC,CAAC,CAAC,SAAS;SACnF,CAAC,CAAC;QACH;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;oEAkD4D;IAC9D,CAAC;IAED,qBAAqB,CAAC,IAAY;QAChC,OAAO,IAAI,CAAC,uBAAuB,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC;IACnD,CAAC;IAED,qDAAqD;IACrD,kBAAkB;QAChB,IAAI,IAAI,CAAC,eAAe,CAAC,OAAO,GAAG,kCAAiB,CAAC,UAAU,EAAE;YAC/D,OAAO,OAAQ,IAAI,CAAC,eAAe,CAAC,yBAA2D,CAAC,eAAe,KAAK,QAAQ;gBAC1H,CAAC,CAAC,CAAE,IAAI,CAAC,eAAe,CAAC,yBAA2D,CAAC,eAAyB,CAAC;gBAC/G,CAAC,CAAG,IAAI,CAAC,eAAe,CAAC,yBAA2D,CAAC,eAA4B,CAAC;SACrH;aAAM;YACL,6JAA6J;YAC7J,OAAO,IAAI,CAAC,eAAe,CAAC,gBAAgB,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,OAAO,CAAC,KAAK,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC;SAChH;IACH,CAAC;IAED,IAAI,QAAQ;QACV,OAAO,IAAI,CAAC,SAAS,CAAC;IACxB,CAAC;IAED,wBAAwB;QACtB,OAAO,IAAI,CAAC,eAAe,CAAC,cAAc,CAAC;IAC7C,CAAC;IAED,IAAI,eAAe;QACjB,OAAO,IAAI,CAAC,gBAAgB,CAAC;IAC/B,CAAC;IAEM,OAAO;QACZ,OAAO,IAAI,CAAC,eAAe,CAAC,OAAO,CAAC;IACtC,CAAC;IAED,IAAW,gBAAgB;QACzB,IAAI,CAAC,oBAAoB,EAAE,CAAC;QAC5B,oEAAoE;QACpE,OAAO,IAAI,CAAC,iBAAkB,CAAC;IACjC,CAAC;IAED,IAAI,GAAG;QACL,IAAI,CAAC,gBAAgB,EAAE,CAAC;QACxB,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE;YACd,MAAM,IAAI,KAAK,CAAC,8BAA8B,CAAC,CAAC;SACjD;QACD,OAAO,IAAI,CAAC,IAAI,CAAC;IACnB,CAAC;IAED,IAAI,GAAG;QACL,IAAI,CAAC,gBAAgB,EAAE,CAAC;QACxB,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE;YACd,MAAM,IAAI,KAAK,CAAC,8BAA8B,CAAC,CAAC;SACjD;QACD,OAAO,IAAI,CAAC,IAAI,CAAC;IACnB,CAAC;IAED,IAAI,QAAQ;QACV;;WAEG;QACH,OAAO,IAAI,CAAC,SAAS,CAAC;IACxB,CAAC;IAED,IAAI,mBAAmB;QACrB,IAAI,CAAC,iBAAiB,EAAE,CAAC;QACzB,oEAAoE;QACpE,OAAO,IAAI,CAAC,oBAAqB,CAAC;IACpC,CAAC;IAEM,SAAS;QACd,IAAI,CAAC,gBAAgB,EAAE,CAAC;QACxB,OAAO,IAAI,CAAC,iBAAiB,CAAC,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,EAAE,CAAC;IAClF,CAAC;IAEM,sBAAsB;QAC3B,IAAI,CAAC,gBAAgB,EAAE,CAAC;QACxB,OAAO,IAAI,CAAC,gBAAgB;YAC1B,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC,cAAc;YACtC,CAAC,CAAC,qCAAiB,CAAC,iBAAiB,CAAC,EAAE,UAAU,EAAE,EAAE,MAAM,EAAE,IAAI,CAAC,SAAS,EAAE,EAAE,EAAE,CAAC,CAAC;IACxF,CAAC;IAEM,qBAAqB;QAC1B,IAAI,CAAC,gBAAgB,EAAE,CAAC;QACxB,OAAO,IAAI,CAAC,gBAAgB,CAAC,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC,mBAAmB,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,SAAS,EAAE,aAAa,CAAC;IAC9G,CAAC;IAEO,gBAAgB;QACtB,IAAI,CAAC,IAAI,CAAC,gBAAgB,EAAE;YAC1B,MAAM,KAAK,CAAC,oDAAoD,CAAC,CAAC;SACnE;IACH,CAAC;IAEO,oBAAoB;QAC1B,IAAI,CAAC,IAAI,CAAC,iBAAiB,EAAE;YAC3B,MAAM,KAAK,CAAC,oBAAoB,CAAC,CAAC;SACnC;IACH,CAAC;IAEO,iBAAiB;QACvB,IAAI,CAAC,IAAI,CAAC,oBAAoB,EAAE;YAC9B,MAAM,KAAK,CAAC,yBAAyB,CAAC,CAAC;SACxC;IACH,CAAC;CACF;AA/dD,4CA+dC"}
|
package/lib/MetadataClient.ts
CHANGED
|
@@ -1,11 +1,11 @@
|
|
|
1
1
|
import {
|
|
2
|
+
AuthorizationServerMetadata,
|
|
3
|
+
AuthorizationServerType,
|
|
2
4
|
CredentialIssuerMetadata,
|
|
3
5
|
CredentialOfferPayload,
|
|
4
6
|
CredentialOfferRequestWithBaseUrl,
|
|
5
|
-
|
|
7
|
+
EndpointMetadataResult,
|
|
6
8
|
getIssuerFromCredentialOfferPayload,
|
|
7
|
-
OAuth2ASMetadata,
|
|
8
|
-
Oauth2ASWithOID4VCIMetadata,
|
|
9
9
|
OpenIDResponse,
|
|
10
10
|
WellKnownEndpoints,
|
|
11
11
|
} from '@sphereon/oid4vci-common';
|
|
@@ -21,7 +21,7 @@ export class MetadataClient {
|
|
|
21
21
|
*
|
|
22
22
|
* @param credentialOffer
|
|
23
23
|
*/
|
|
24
|
-
public static async retrieveAllMetadataFromCredentialOffer(credentialOffer: CredentialOfferRequestWithBaseUrl): Promise<
|
|
24
|
+
public static async retrieveAllMetadataFromCredentialOffer(credentialOffer: CredentialOfferRequestWithBaseUrl): Promise<EndpointMetadataResult> {
|
|
25
25
|
return MetadataClient.retrieveAllMetadataFromCredentialOfferRequest(credentialOffer.credential_offer);
|
|
26
26
|
}
|
|
27
27
|
|
|
@@ -29,9 +29,10 @@ export class MetadataClient {
|
|
|
29
29
|
* Retrieve the metada using the initiation request obtained from a previous step
|
|
30
30
|
* @param request
|
|
31
31
|
*/
|
|
32
|
-
public static async retrieveAllMetadataFromCredentialOfferRequest(request: CredentialOfferPayload): Promise<
|
|
33
|
-
|
|
34
|
-
|
|
32
|
+
public static async retrieveAllMetadataFromCredentialOfferRequest(request: CredentialOfferPayload): Promise<EndpointMetadataResult> {
|
|
33
|
+
const issuer = getIssuerFromCredentialOfferPayload(request);
|
|
34
|
+
if (issuer) {
|
|
35
|
+
return MetadataClient.retrieveAllMetadata(issuer);
|
|
35
36
|
}
|
|
36
37
|
throw new Error("can't retrieve metadata from CredentialOfferRequest. No issuer field is present");
|
|
37
38
|
}
|
|
@@ -41,75 +42,115 @@ export class MetadataClient {
|
|
|
41
42
|
* @param issuer The issuer URL
|
|
42
43
|
* @param opts
|
|
43
44
|
*/
|
|
44
|
-
public static async retrieveAllMetadata(issuer: string, opts?: { errorOnNotFound: boolean }): Promise<
|
|
45
|
-
let token_endpoint;
|
|
46
|
-
let credential_endpoint;
|
|
47
|
-
|
|
48
|
-
let
|
|
49
|
-
|
|
50
|
-
|
|
51
|
-
|
|
52
|
-
|
|
53
|
-
|
|
54
|
-
|
|
55
|
-
|
|
56
|
-
|
|
57
|
-
|
|
58
|
-
|
|
59
|
-
|
|
60
|
-
WellKnownEndpoints.OAUTH_AS,
|
|
61
|
-
{
|
|
62
|
-
errorOnNotFound: true,
|
|
63
|
-
},
|
|
64
|
-
);
|
|
65
|
-
token_endpoint = response.successBody?.token_endpoint;
|
|
45
|
+
public static async retrieveAllMetadata(issuer: string, opts?: { errorOnNotFound: boolean }): Promise<EndpointMetadataResult> {
|
|
46
|
+
let token_endpoint: string | undefined;
|
|
47
|
+
let credential_endpoint: string | undefined;
|
|
48
|
+
let authorization_endpoint: string | undefined;
|
|
49
|
+
let authorizationServerType: AuthorizationServerType = 'OID4VCI';
|
|
50
|
+
let authorization_server: string = issuer;
|
|
51
|
+
const oid4vciResponse = await MetadataClient.retrieveOpenID4VCIServerMetadata(issuer, { errorOnNotFound: false }); // We will handle errors later, given we will also try other metadata locations
|
|
52
|
+
let credentialIssuerMetadata = oid4vciResponse?.successBody;
|
|
53
|
+
if (credentialIssuerMetadata) {
|
|
54
|
+
debug(`Issuer ${issuer} OID4VCI well-known server metadata\r\n${JSON.stringify(credentialIssuerMetadata)}`);
|
|
55
|
+
credential_endpoint = credentialIssuerMetadata.credential_endpoint;
|
|
56
|
+
if (credentialIssuerMetadata.token_endpoint) {
|
|
57
|
+
token_endpoint = credentialIssuerMetadata.token_endpoint;
|
|
58
|
+
}
|
|
59
|
+
if (credentialIssuerMetadata.authorization_server) {
|
|
60
|
+
authorization_server = credentialIssuerMetadata.authorization_server;
|
|
66
61
|
}
|
|
62
|
+
if (credentialIssuerMetadata.authorization_endpoint) {
|
|
63
|
+
authorization_endpoint = credentialIssuerMetadata.authorization_endpoint;
|
|
64
|
+
}
|
|
65
|
+
}
|
|
66
|
+
// No specific OID4VCI endpoint. Either can be an OAuth2 AS or an OIDC IDP. Let's start with OIDC first
|
|
67
|
+
let response: OpenIDResponse<AuthorizationServerMetadata> = await MetadataClient.retrieveWellknown(
|
|
68
|
+
authorization_server,
|
|
69
|
+
WellKnownEndpoints.OPENID_CONFIGURATION,
|
|
70
|
+
{
|
|
71
|
+
errorOnNotFound: false,
|
|
72
|
+
},
|
|
73
|
+
);
|
|
74
|
+
let authMetadata = response.successBody;
|
|
75
|
+
if (authMetadata) {
|
|
76
|
+
debug(`Issuer ${issuer} has OpenID Connect Server metadata in well-known location`);
|
|
77
|
+
authorizationServerType = 'OIDC';
|
|
67
78
|
} else {
|
|
68
|
-
//
|
|
69
|
-
|
|
70
|
-
|
|
71
|
-
|
|
72
|
-
|
|
73
|
-
|
|
74
|
-
|
|
75
|
-
|
|
76
|
-
|
|
77
|
-
|
|
78
|
-
|
|
79
|
-
|
|
80
|
-
// Now oAuth2
|
|
81
|
-
response = await MetadataClient.retrieveWellknown(issuer, WellKnownEndpoints.OAUTH_AS, { errorOnNotFound: false });
|
|
82
|
-
asConfig = response.successBody;
|
|
79
|
+
// Now let's do OAuth2
|
|
80
|
+
response = await MetadataClient.retrieveWellknown(authorization_server, WellKnownEndpoints.OAUTH_AS, { errorOnNotFound: false });
|
|
81
|
+
authMetadata = response.successBody;
|
|
82
|
+
}
|
|
83
|
+
if (!authMetadata) {
|
|
84
|
+
// We will always throw an error, no matter whether the user provided the option not to, because this is bad.
|
|
85
|
+
if (issuer !== authorization_server) {
|
|
86
|
+
throw Error(`Issuer ${issuer} provided a separate authorization server ${authorization_server}, but that server did not provide metadata`);
|
|
87
|
+
}
|
|
88
|
+
} else {
|
|
89
|
+
if (!authorizationServerType) {
|
|
90
|
+
authorizationServerType = 'OAuth 2.0';
|
|
83
91
|
}
|
|
84
|
-
|
|
85
|
-
|
|
86
|
-
|
|
87
|
-
|
|
88
|
-
|
|
92
|
+
debug(`Issuer ${issuer} has ${authorizationServerType} Server metadata in well-known location`);
|
|
93
|
+
if (!authMetadata.authorization_endpoint) {
|
|
94
|
+
throw Error(`Authorization Sever ${authorization_server} did not provide an authorization_endpoint`);
|
|
95
|
+
} else if (authorization_endpoint && authMetadata.authorization_endpoint !== authorization_endpoint) {
|
|
96
|
+
throw Error(
|
|
97
|
+
`Credential issuer has a different authorization_endpoint (${authorization_endpoint}) from the Authorization Server (${authMetadata.authorization_endpoint})`,
|
|
98
|
+
);
|
|
99
|
+
}
|
|
100
|
+
authorization_endpoint = authMetadata.authorization_endpoint;
|
|
101
|
+
if (!authMetadata.token_endpoint) {
|
|
102
|
+
throw Error(`Authorization Sever ${authorization_server} did not provide a token_endpoint`);
|
|
103
|
+
} else if (token_endpoint && authMetadata.token_endpoint !== token_endpoint) {
|
|
104
|
+
throw Error(
|
|
105
|
+
`Credential issuer has a different token_endpoint (${token_endpoint}) from the Authorization Server (${authMetadata.token_endpoint})`,
|
|
106
|
+
);
|
|
107
|
+
}
|
|
108
|
+
token_endpoint = authMetadata.token_endpoint;
|
|
109
|
+
if (authMetadata.credential_endpoint) {
|
|
110
|
+
if (credential_endpoint && authMetadata.credential_endpoint !== credential_endpoint) {
|
|
111
|
+
debug(
|
|
112
|
+
`Credential issuer has a different credential_endpoint (${credential_endpoint}) from the Authorization Server (${authMetadata.token_endpoint}). Will use the issuer value`,
|
|
113
|
+
);
|
|
114
|
+
} else {
|
|
115
|
+
credential_endpoint = authMetadata.credential_endpoint;
|
|
116
|
+
}
|
|
89
117
|
}
|
|
90
118
|
}
|
|
119
|
+
|
|
120
|
+
if (!authorization_endpoint) {
|
|
121
|
+
debug(`Issuer ${issuer} does not expose authorization_endpoint, so only pre-auth will be supported`);
|
|
122
|
+
}
|
|
91
123
|
if (!token_endpoint) {
|
|
92
124
|
debug(`Issuer ${issuer} does not have a token_endpoint listed in well-known locations!`);
|
|
93
125
|
if (opts?.errorOnNotFound) {
|
|
94
|
-
throw
|
|
126
|
+
throw Error(`Could not deduce the token_endpoint for ${issuer}`);
|
|
95
127
|
} else {
|
|
96
|
-
token_endpoint = `${issuer}${issuer.endsWith('/') ? '' : '/'}
|
|
128
|
+
token_endpoint = `${issuer}${issuer.endsWith('/') ? 'token' : '/token'}`;
|
|
97
129
|
}
|
|
98
130
|
}
|
|
99
131
|
if (!credential_endpoint) {
|
|
100
132
|
debug(`Issuer ${issuer} does not have a credential_endpoint listed in well-known locations!`);
|
|
101
133
|
if (opts?.errorOnNotFound) {
|
|
102
|
-
throw
|
|
134
|
+
throw Error(`Could not deduce the credential endpoint for ${issuer}`);
|
|
103
135
|
} else {
|
|
104
|
-
credential_endpoint = `${issuer}${issuer.endsWith('/') ? '' : '/'}
|
|
136
|
+
credential_endpoint = `${issuer}${issuer.endsWith('/') ? 'credential' : '/credential'}`;
|
|
105
137
|
}
|
|
106
138
|
}
|
|
139
|
+
|
|
140
|
+
if (!credentialIssuerMetadata && authMetadata) {
|
|
141
|
+
// Apparently everything worked out and the issuer is exposing everything in oAuth2/OIDC well-knowns. Spec is vague about this situation, but we can support it
|
|
142
|
+
credentialIssuerMetadata = authMetadata as CredentialIssuerMetadata;
|
|
143
|
+
}
|
|
107
144
|
debug(`Issuer ${issuer} token endpoint ${token_endpoint}, credential endpoint ${credential_endpoint}`);
|
|
108
145
|
return {
|
|
109
146
|
issuer,
|
|
110
147
|
token_endpoint,
|
|
111
148
|
credential_endpoint,
|
|
112
|
-
|
|
149
|
+
authorization_server,
|
|
150
|
+
authorization_endpoint,
|
|
151
|
+
authorizationServerType,
|
|
152
|
+
credentialIssuerMetadata: credentialIssuerMetadata,
|
|
153
|
+
authorizationServerMetadata: authMetadata,
|
|
113
154
|
};
|
|
114
155
|
}
|
|
115
156
|
|
|
@@ -118,9 +159,15 @@ export class MetadataClient {
|
|
|
118
159
|
*
|
|
119
160
|
* @param issuerHost The issuer hostname
|
|
120
161
|
*/
|
|
121
|
-
public static async retrieveOpenID4VCIServerMetadata(
|
|
122
|
-
|
|
123
|
-
|
|
162
|
+
public static async retrieveOpenID4VCIServerMetadata(
|
|
163
|
+
issuerHost: string,
|
|
164
|
+
opts?: {
|
|
165
|
+
errorOnNotFound?: boolean;
|
|
166
|
+
},
|
|
167
|
+
): Promise<OpenIDResponse<CredentialIssuerMetadata> | undefined> {
|
|
168
|
+
return MetadataClient.retrieveWellknown(issuerHost, WellKnownEndpoints.OPENID4VCI_ISSUER, {
|
|
169
|
+
errorOnNotFound: opts?.errorOnNotFound === undefined ? true : opts.errorOnNotFound,
|
|
170
|
+
});
|
|
124
171
|
}
|
|
125
172
|
|
|
126
173
|
/**
|
|
@@ -138,9 +185,9 @@ export class MetadataClient {
|
|
|
138
185
|
const result: OpenIDResponse<T> = await getJson(`${host.endsWith('/') ? host.slice(0, -1) : host}${endpointType}`, {
|
|
139
186
|
exceptionOnHttpErrorStatus: opts?.errorOnNotFound,
|
|
140
187
|
});
|
|
141
|
-
if (result.origResponse.status
|
|
188
|
+
if (result.origResponse.status >= 400) {
|
|
142
189
|
// We only get here when error on not found is false
|
|
143
|
-
debug(`host ${host} with endpoint type ${endpointType}
|
|
190
|
+
debug(`host ${host} with endpoint type ${endpointType} status: ${result.origResponse.status}, ${result.origResponse.statusText}`);
|
|
144
191
|
}
|
|
145
192
|
return result;
|
|
146
193
|
}
|
package/lib/OpenID4VCIClient.ts
CHANGED
|
@@ -9,6 +9,7 @@ import {
|
|
|
9
9
|
CredentialResponse,
|
|
10
10
|
CredentialSupported,
|
|
11
11
|
EndpointMetadata,
|
|
12
|
+
EndpointMetadataResult,
|
|
12
13
|
OID4VCICredentialFormat,
|
|
13
14
|
OpenId4VCIVersion,
|
|
14
15
|
OpenIDResponse,
|
|
@@ -53,7 +54,7 @@ export class OpenID4VCIClient {
|
|
|
53
54
|
private _clientId?: string;
|
|
54
55
|
private _kid: string | undefined;
|
|
55
56
|
private _alg: Alg | string | undefined;
|
|
56
|
-
private _endpointMetadata:
|
|
57
|
+
private _endpointMetadata: EndpointMetadataResult | undefined;
|
|
57
58
|
private _accessTokenResponse: AccessTokenResponse | undefined;
|
|
58
59
|
|
|
59
60
|
private constructor(
|
|
@@ -119,9 +120,14 @@ export class OpenID4VCIClient {
|
|
|
119
120
|
if (!scope && !authorizationDetails) {
|
|
120
121
|
throw Error('Please provide a scope or authorization_details');
|
|
121
122
|
}
|
|
122
|
-
// todo:
|
|
123
|
-
|
|
124
|
-
|
|
123
|
+
// todo: Probably can go with current logic in MetadataClient who will always set the authorization_endpoint when found
|
|
124
|
+
// handling this because of the support for v1_0-08
|
|
125
|
+
if (
|
|
126
|
+
this._endpointMetadata &&
|
|
127
|
+
this._endpointMetadata.credentialIssuerMetadata &&
|
|
128
|
+
'authorization_endpoint' in this._endpointMetadata.credentialIssuerMetadata
|
|
129
|
+
) {
|
|
130
|
+
this._endpointMetadata.authorization_endpoint = this._endpointMetadata.credentialIssuerMetadata.authorization_endpoint as string;
|
|
125
131
|
}
|
|
126
132
|
if (!this._endpointMetadata?.authorization_endpoint) {
|
|
127
133
|
throw Error('Server metadata does not contain authorization endpoint');
|
|
@@ -169,13 +175,13 @@ export class OpenID4VCIClient {
|
|
|
169
175
|
// What happens if it doesn't ???
|
|
170
176
|
// let parEndpoint: string
|
|
171
177
|
if (
|
|
172
|
-
!this._endpointMetadata?.
|
|
173
|
-
!('pushed_authorization_request_endpoint' in this._endpointMetadata.
|
|
174
|
-
typeof this._endpointMetadata.
|
|
178
|
+
!this._endpointMetadata?.credentialIssuerMetadata ||
|
|
179
|
+
!('pushed_authorization_request_endpoint' in this._endpointMetadata.credentialIssuerMetadata) ||
|
|
180
|
+
typeof this._endpointMetadata.credentialIssuerMetadata.pushed_authorization_request_endpoint !== 'string'
|
|
175
181
|
) {
|
|
176
182
|
throw Error('Server metadata does not contain pushed authorization request endpoint');
|
|
177
183
|
}
|
|
178
|
-
const parEndpoint: string = this._endpointMetadata.
|
|
184
|
+
const parEndpoint: string = this._endpointMetadata.credentialIssuerMetadata.pushed_authorization_request_endpoint;
|
|
179
185
|
|
|
180
186
|
// add 'openid' scope if not present
|
|
181
187
|
if (scope && !scope.includes('openid')) {
|
|
@@ -207,7 +213,10 @@ export class OpenID4VCIClient {
|
|
|
207
213
|
}
|
|
208
214
|
|
|
209
215
|
private handleLocations(authorizationDetails: AuthDetails) {
|
|
210
|
-
if (
|
|
216
|
+
if (
|
|
217
|
+
authorizationDetails &&
|
|
218
|
+
(this.endpointMetadata.credentialIssuerMetadata?.authorization_server || this.endpointMetadata.authorization_endpoint)
|
|
219
|
+
) {
|
|
211
220
|
if (authorizationDetails.locations) {
|
|
212
221
|
if (Array.isArray(authorizationDetails.locations)) {
|
|
213
222
|
(authorizationDetails.locations as string[]).push(this.endpointMetadata.issuer);
|
|
@@ -293,8 +302,8 @@ export class OpenID4VCIClient {
|
|
|
293
302
|
metadata: this.endpointMetadata,
|
|
294
303
|
});
|
|
295
304
|
requestBuilder.withTokenFromResponse(this.accessTokenResponse);
|
|
296
|
-
if (this.endpointMetadata?.
|
|
297
|
-
const metadata = this.endpointMetadata.
|
|
305
|
+
if (this.endpointMetadata?.credentialIssuerMetadata) {
|
|
306
|
+
const metadata = this.endpointMetadata.credentialIssuerMetadata;
|
|
298
307
|
const types = Array.isArray(credentialTypes) ? credentialTypes : [credentialTypes];
|
|
299
308
|
if (metadata.credentials_supported && Array.isArray(metadata.credentials_supported)) {
|
|
300
309
|
for (const type of types) {
|
|
@@ -359,7 +368,7 @@ export class OpenID4VCIClient {
|
|
|
359
368
|
|
|
360
369
|
getCredentialsSupported(restrictToInitiationTypes: boolean, supportedType?: string): CredentialSupported[] {
|
|
361
370
|
return getSupportedCredentials({
|
|
362
|
-
issuerMetadata: this.endpointMetadata.
|
|
371
|
+
issuerMetadata: this.endpointMetadata.credentialIssuerMetadata,
|
|
363
372
|
version: this.version(),
|
|
364
373
|
supportedType,
|
|
365
374
|
credentialTypes: restrictToInitiationTypes ? this.getCredentialTypes() : undefined,
|
|
@@ -449,7 +458,7 @@ export class OpenID4VCIClient {
|
|
|
449
458
|
return this.credentialOffer.version;
|
|
450
459
|
}
|
|
451
460
|
|
|
452
|
-
public get endpointMetadata():
|
|
461
|
+
public get endpointMetadata(): EndpointMetadataResult {
|
|
453
462
|
this.assertServerMetadata();
|
|
454
463
|
// eslint-disable-next-line @typescript-eslint/no-non-null-assertion
|
|
455
464
|
return this._endpointMetadata!;
|
|
@@ -1,4 +1,11 @@
|
|
|
1
|
-
import {
|
|
1
|
+
import {
|
|
2
|
+
AccessTokenRequest,
|
|
3
|
+
AccessTokenRequestOpts,
|
|
4
|
+
AccessTokenResponse,
|
|
5
|
+
GrantTypes,
|
|
6
|
+
OpenIDResponse,
|
|
7
|
+
WellKnownEndpoints
|
|
8
|
+
} from '@sphereon/oid4vci-common'
|
|
2
9
|
import nock from 'nock';
|
|
3
10
|
|
|
4
11
|
import { AccessTokenClient } from '../AccessTokenClient';
|
|
@@ -11,6 +18,8 @@ const MOCK_URL = 'https://sphereonjunit20221013.com/';
|
|
|
11
18
|
describe('AccessTokenClient should', () => {
|
|
12
19
|
beforeEach(() => {
|
|
13
20
|
nock.cleanAll();
|
|
21
|
+
nock(MOCK_URL).get(WellKnownEndpoints.OAUTH_AS).reply(404, {});
|
|
22
|
+
nock(MOCK_URL).get(WellKnownEndpoints.OPENID_CONFIGURATION).reply(404, {});
|
|
14
23
|
});
|
|
15
24
|
|
|
16
25
|
afterEach(() => {
|
package/lib/__tests__/IT.spec.ts
CHANGED
|
@@ -5,8 +5,8 @@ import {
|
|
|
5
5
|
CredentialOfferRequestWithBaseUrl,
|
|
6
6
|
Jwt,
|
|
7
7
|
OpenId4VCIVersion,
|
|
8
|
-
ProofOfPossession,
|
|
9
|
-
} from '@sphereon/oid4vci-common'
|
|
8
|
+
ProofOfPossession, WellKnownEndpoints
|
|
9
|
+
} from '@sphereon/oid4vci-common'
|
|
10
10
|
// eslint-disable-next-line @typescript-eslint/ban-ts-comment
|
|
11
11
|
// @ts-ignore
|
|
12
12
|
import nock from 'nock';
|
|
@@ -55,6 +55,7 @@ describe('OID4VCI-Client should', () => {
|
|
|
55
55
|
function succeedWithAFullFlowWithClientSetup() {
|
|
56
56
|
nock(IDENTIPROOF_ISSUER_URL).get('/.well-known/openid-credential-issuer').reply(200, JSON.stringify(IDENTIPROOF_OID4VCI_METADATA));
|
|
57
57
|
nock(IDENTIPROOF_AS_URL).get('/.well-known/oauth-authorization-server').reply(200, JSON.stringify(IDENTIPROOF_AS_METADATA));
|
|
58
|
+
nock(IDENTIPROOF_AS_URL).get(WellKnownEndpoints.OPENID_CONFIGURATION).reply(404, {});
|
|
58
59
|
nock(IDENTIPROOF_AS_URL)
|
|
59
60
|
.post(/oauth2\/token.*/)
|
|
60
61
|
.reply(200, JSON.stringify(mockedAccessTokenResponse));
|
|
@@ -1,3 +1,5 @@
|
|
|
1
|
+
import { OpenId4VCIVersion } from '@sphereon/oid4vci-common';
|
|
2
|
+
|
|
1
3
|
import { CredentialOfferClient } from '../CredentialOfferClient';
|
|
2
4
|
|
|
3
5
|
import { INITIATION_TEST, INITIATION_TEST_HTTPS_URI, INITIATION_TEST_URI } from './MetadataMocks';
|
|
@@ -45,4 +47,15 @@ describe('Issuance Initiation', () => {
|
|
|
45
47
|
const issuanceInitiationURI = INITIATION_TEST_HTTPS_URI.replace('?', '');
|
|
46
48
|
await expect(async () => CredentialOfferClient.fromURI(issuanceInitiationURI)).rejects.toThrowError('Invalid Credential Offer Request');
|
|
47
49
|
});
|
|
50
|
+
|
|
51
|
+
it('Should return Credential Offer', async () => {
|
|
52
|
+
const client = await CredentialOfferClient.fromURI(
|
|
53
|
+
'openid-credential-offer://?credential_offer=%7B%22credential_issuer%22%3A%22https%3A%2F%2Flaunchpad.vii.electron.mattrlabs.io%22%2C%22credentials%22%3A%5B%7B%22format%22%3A%22ldp_vc%22%2C%22types%22%3A%5B%22OpenBadgeCredential%22%5D%7D%5D%2C%22grants%22%3A%7B%22urn%3Aietf%3Aparams%3Aoauth%3Agrant-type%3Apre-authorized_code%22%3A%7B%22pre-authorized_code%22%3A%22UPZohaodPlLBnGsqB02n2tIupCIg8nKRRUEUHWA665X%22%7D%7D%7D',
|
|
54
|
+
);
|
|
55
|
+
expect(client.version).toEqual(OpenId4VCIVersion.VER_1_0_11);
|
|
56
|
+
expect(client.baseUrl).toEqual('openid-credential-offer://');
|
|
57
|
+
expect(client.scheme).toEqual('openid-credential-offer');
|
|
58
|
+
expect(client.credential_offer.credential_issuer).toEqual('https://launchpad.vii.electron.mattrlabs.io');
|
|
59
|
+
expect(client.preAuthorizedCode).toEqual('UPZohaodPlLBnGsqB02n2tIupCIg8nKRRUEUHWA665X');
|
|
60
|
+
});
|
|
48
61
|
});
|
|
@@ -0,0 +1,105 @@
|
|
|
1
|
+
import { fetch } from 'cross-fetch';
|
|
2
|
+
import { Alg, AuthzFlowType, Jwt } from '@sphereon/oid4vci-common';
|
|
3
|
+
import { importJWK, JWK, SignJWT } from 'jose';
|
|
4
|
+
|
|
5
|
+
import { OpenID4VCIClient } from '..';
|
|
6
|
+
|
|
7
|
+
export const UNIT_TEST_TIMEOUT = 30000;
|
|
8
|
+
|
|
9
|
+
const ISSUER_URL = 'https://launchpad.vii.electron.mattrlabs.io';
|
|
10
|
+
|
|
11
|
+
const jwk: JWK = {
|
|
12
|
+
crv: 'Ed25519',
|
|
13
|
+
d: 'kTRm0aONHYwNPA-w_DtjMHUIWjE3K70qgCIhWojZ0eU',
|
|
14
|
+
x: 'NeA0d8sp86xRh3DczU4m5wPNIbl0HCSwOBcMN3sNmdk',
|
|
15
|
+
kty: 'OKP',
|
|
16
|
+
};
|
|
17
|
+
|
|
18
|
+
// pub hex: 35e03477cb29f3ac518770dccd4e26e703cd21b9741c24b038170c377b0d99d9
|
|
19
|
+
// priv hex: 913466d1a38d1d8c0d3c0fb0fc3b633075085a31372bbd2a8022215a88d9d1e5
|
|
20
|
+
const did = `did:key:z6Mki5ZwZKN1dBQprfJTikUvkDxrHijiiQngkWviMF5gw2Hv`;
|
|
21
|
+
const kid = `${did}#z6Mki5ZwZKN1dBQprfJTikUvkDxrHijiiQngkWviMF5gw2Hv`;
|
|
22
|
+
describe('OID4VCI-Client using Mattr issuer should', () => {
|
|
23
|
+
async function test(format: 'ldp_vc' | 'jwt_vc_json') {
|
|
24
|
+
const offer = await getCredentialOffer(format)
|
|
25
|
+
const client = await OpenID4VCIClient.fromURI({
|
|
26
|
+
uri: offer.offerUrl,
|
|
27
|
+
flowType: AuthzFlowType.PRE_AUTHORIZED_CODE_FLOW,
|
|
28
|
+
kid,
|
|
29
|
+
alg: Alg.EdDSA
|
|
30
|
+
})
|
|
31
|
+
expect(client.flowType).toEqual(AuthzFlowType.PRE_AUTHORIZED_CODE_FLOW)
|
|
32
|
+
expect(client.credentialOffer).toBeDefined()
|
|
33
|
+
expect(client.endpointMetadata).toBeDefined()
|
|
34
|
+
expect(client.getCredentialEndpoint()).toEqual(`${ISSUER_URL}/oidc/v1/auth/credential`)
|
|
35
|
+
expect(client.getAccessTokenEndpoint()).toEqual('https://launchpad.vii.electron.mattrlabs.io/oidc/v1/auth/token')
|
|
36
|
+
|
|
37
|
+
const accessToken = await client.acquireAccessToken()
|
|
38
|
+
console.log(accessToken)
|
|
39
|
+
expect(accessToken).toMatchObject({
|
|
40
|
+
expires_in: 3600,
|
|
41
|
+
scope: 'OpenBadgeCredential',
|
|
42
|
+
token_type: 'Bearer'
|
|
43
|
+
})
|
|
44
|
+
|
|
45
|
+
const credentialResponse = await client.acquireCredentials({
|
|
46
|
+
credentialTypes: 'OpenBadgeCredential',
|
|
47
|
+
format,
|
|
48
|
+
proofCallbacks: {
|
|
49
|
+
signCallback: proofOfPossessionCallbackFunction
|
|
50
|
+
}
|
|
51
|
+
})
|
|
52
|
+
expect(credentialResponse.credential).toBeDefined()
|
|
53
|
+
}
|
|
54
|
+
|
|
55
|
+
it(
|
|
56
|
+
'succeed in a full flow with the client using OpenID4VCI version 11 and ldp_vc',
|
|
57
|
+
async () => {
|
|
58
|
+
|
|
59
|
+
await test('ldp_vc')
|
|
60
|
+
},
|
|
61
|
+
UNIT_TEST_TIMEOUT,
|
|
62
|
+
);
|
|
63
|
+
it(
|
|
64
|
+
'succeed in a full flow with the client using OpenID4VCI version 11 and jwt_vc_json',
|
|
65
|
+
async () => {
|
|
66
|
+
|
|
67
|
+
await test('jwt_vc_json')
|
|
68
|
+
},
|
|
69
|
+
UNIT_TEST_TIMEOUT,
|
|
70
|
+
);
|
|
71
|
+
});
|
|
72
|
+
|
|
73
|
+
interface CreateCredentialOfferResponse {
|
|
74
|
+
id: string;
|
|
75
|
+
offerUrl: string;
|
|
76
|
+
}
|
|
77
|
+
|
|
78
|
+
async function getCredentialOffer(format: 'ldp_vc' | 'jwt_vc_json'): Promise<CreateCredentialOfferResponse> {
|
|
79
|
+
const credentialOffer = await fetch('https://launchpad.mattrlabs.com/api/credential-offer', {
|
|
80
|
+
method: 'post',
|
|
81
|
+
headers: {
|
|
82
|
+
Accept: 'application/json',
|
|
83
|
+
'Content-Type': 'application/json',
|
|
84
|
+
},
|
|
85
|
+
|
|
86
|
+
//make sure to serialize your JSON body
|
|
87
|
+
body: JSON.stringify({
|
|
88
|
+
format,
|
|
89
|
+
type: 'OpenBadgeCredential',
|
|
90
|
+
userId: '622a9f65-21c0-4c0b-9a6a-f7574c2a1549',
|
|
91
|
+
userAuthenticationRequired: false,
|
|
92
|
+
}),
|
|
93
|
+
});
|
|
94
|
+
|
|
95
|
+
return (await credentialOffer.json()) as CreateCredentialOfferResponse;
|
|
96
|
+
}
|
|
97
|
+
|
|
98
|
+
async function proofOfPossessionCallbackFunction(args: Jwt, kid?: string): Promise<string> {
|
|
99
|
+
const importedJwk = await importJWK(jwk, 'EdDSA');
|
|
100
|
+
return await new SignJWT({ ...args.payload })
|
|
101
|
+
.setProtectedHeader({ ...args.header })
|
|
102
|
+
.setIssuedAt()
|
|
103
|
+
.setExpirationTime('2h')
|
|
104
|
+
.sign(importedJwk);
|
|
105
|
+
}
|
|
@@ -30,16 +30,18 @@ describe('MetadataClient with IdentiProof Issuer should', () => {
|
|
|
30
30
|
nock(IDENTIPROOF_ISSUER_URL).get(WellKnownEndpoints.OPENID4VCI_ISSUER).reply(200, JSON.stringify(IDENTIPROOF_OID4VCI_METADATA));
|
|
31
31
|
|
|
32
32
|
nock(IDENTIPROOF_AS_URL).get(WellKnownEndpoints.OAUTH_AS).reply(200, JSON.stringify(IDENTIPROOF_AS_METADATA));
|
|
33
|
+
nock(IDENTIPROOF_AS_URL).get(WellKnownEndpoints.OPENID_CONFIGURATION).reply(404);
|
|
33
34
|
|
|
34
35
|
const metadata = await MetadataClient.retrieveAllMetadata(IDENTIPROOF_ISSUER_URL);
|
|
35
36
|
expect(metadata.credential_endpoint).toEqual('https://issuer.research.identiproof.io/credential');
|
|
36
37
|
expect(metadata.token_endpoint).toEqual('https://auth.research.identiproof.io/oauth2/token');
|
|
37
|
-
expect(metadata.
|
|
38
|
+
expect(metadata.credentialIssuerMetadata).toMatchObject(IDENTIPROOF_OID4VCI_METADATA);
|
|
38
39
|
});
|
|
39
40
|
|
|
40
41
|
it('succeed with OID4VCI and separate AS metadata from Initiation', async () => {
|
|
41
42
|
nock(IDENTIPROOF_ISSUER_URL).get(WellKnownEndpoints.OPENID4VCI_ISSUER).reply(200, JSON.stringify(IDENTIPROOF_OID4VCI_METADATA));
|
|
42
43
|
nock(IDENTIPROOF_AS_URL).get(WellKnownEndpoints.OAUTH_AS).reply(200, JSON.stringify(IDENTIPROOF_AS_METADATA));
|
|
44
|
+
nock(IDENTIPROOF_AS_URL).get(WellKnownEndpoints.OPENID_CONFIGURATION).reply(404);
|
|
43
45
|
|
|
44
46
|
const INITIATE_URI =
|
|
45
47
|
'openid-initiate-issuance://?issuer=https%3A%2F%2Fissuer.research.identiproof.io&credential_type=OpenBadgeCredential&pre-authorized_code=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJhOTUyZjUxNi1jYWVmLTQ4YjMtODIxYy00OTRkYzgyNjljZjAiLCJwcmUtYXV0aG9yaXplZCI6dHJ1ZX0.YE5DlalcLC2ChGEg47CQDaN1gTxbaQqSclIVqsSAUHE&user_pin_required=false';
|
|
@@ -47,7 +49,7 @@ describe('MetadataClient with IdentiProof Issuer should', () => {
|
|
|
47
49
|
const metadata = await MetadataClient.retrieveAllMetadata(getIssuerFromCredentialOfferPayload(initiation.credential_offer) as string);
|
|
48
50
|
expect(metadata.credential_endpoint).toEqual('https://issuer.research.identiproof.io/credential');
|
|
49
51
|
expect(metadata.token_endpoint).toEqual('https://auth.research.identiproof.io/oauth2/token');
|
|
50
|
-
expect(metadata.
|
|
52
|
+
expect(metadata.credentialIssuerMetadata).toEqual(IDENTIPROOF_OID4VCI_METADATA);
|
|
51
53
|
});
|
|
52
54
|
|
|
53
55
|
it('Fail without OID4VCI and only AS metadata (no credential endpoint)', async () => {
|
|
@@ -64,18 +66,20 @@ describe('MetadataClient with IdentiProof Issuer should', () => {
|
|
|
64
66
|
.reply(404, JSON.stringify({ error: 'does not exist' }));
|
|
65
67
|
|
|
66
68
|
await expect(() => MetadataClient.retrieveAllMetadata(IDENTIPROOF_ISSUER_URL, { errorOnNotFound: true })).rejects.toThrowError(
|
|
67
|
-
'Could not deduce the
|
|
69
|
+
'Could not deduce the token_endpoint for https://issuer.research.identiproof.io',
|
|
68
70
|
);
|
|
69
71
|
});
|
|
70
72
|
|
|
71
73
|
it('Fail with OID4VCI and no AS metadata', async () => {
|
|
72
74
|
nock(IDENTIPROOF_ISSUER_URL).get(WellKnownEndpoints.OPENID4VCI_ISSUER).reply(200, JSON.stringify(IDENTIPROOF_OID4VCI_METADATA));
|
|
73
|
-
nock(
|
|
75
|
+
nock(IDENTIPROOF_AS_URL)
|
|
74
76
|
.get(WellKnownEndpoints.OPENID_CONFIGURATION)
|
|
75
77
|
.reply(404, JSON.stringify({ error: 'does not exist' }));
|
|
76
78
|
|
|
77
79
|
nock(IDENTIPROOF_AS_URL).get(WellKnownEndpoints.OAUTH_AS).reply(404, JSON.stringify({}));
|
|
78
|
-
await expect(() => MetadataClient.retrieveAllMetadata(IDENTIPROOF_ISSUER_URL)).rejects.toThrowError(
|
|
80
|
+
await expect(() => MetadataClient.retrieveAllMetadata(IDENTIPROOF_ISSUER_URL)).rejects.toThrowError(
|
|
81
|
+
'Issuer https://issuer.research.identiproof.io provided a separate authorization server https://auth.research.identiproof.io, but that server did not provide metadata',
|
|
82
|
+
);
|
|
79
83
|
});
|
|
80
84
|
|
|
81
85
|
it('Fail if there is no token endpoint with errors enabled', async () => {
|
|
@@ -83,9 +87,10 @@ describe('MetadataClient with IdentiProof Issuer should', () => {
|
|
|
83
87
|
const meta = JSON.parse(JSON.stringify(IDENTIPROOF_AS_METADATA));
|
|
84
88
|
delete meta.token_endpoint;
|
|
85
89
|
nock(IDENTIPROOF_AS_URL).get(WellKnownEndpoints.OAUTH_AS).reply(200, JSON.stringify(meta));
|
|
90
|
+
nock(IDENTIPROOF_AS_URL).get(WellKnownEndpoints.OPENID_CONFIGURATION).reply(404);
|
|
86
91
|
|
|
87
92
|
await expect(() => MetadataClient.retrieveAllMetadata(IDENTIPROOF_ISSUER_URL, { errorOnNotFound: true })).rejects.toThrowError(
|
|
88
|
-
'
|
|
93
|
+
'Authorization Sever https://auth.research.identiproof.io did not provide a token_endpoint',
|
|
89
94
|
);
|
|
90
95
|
});
|
|
91
96
|
|
|
@@ -94,6 +99,7 @@ describe('MetadataClient with IdentiProof Issuer should', () => {
|
|
|
94
99
|
delete meta.credential_endpoint;
|
|
95
100
|
nock(IDENTIPROOF_ISSUER_URL).get(WellKnownEndpoints.OPENID4VCI_ISSUER).reply(200, JSON.stringify(meta));
|
|
96
101
|
nock(IDENTIPROOF_AS_URL).get(WellKnownEndpoints.OAUTH_AS).reply(200, JSON.stringify(IDENTIPROOF_AS_METADATA));
|
|
102
|
+
nock(IDENTIPROOF_AS_URL).get(WellKnownEndpoints.OPENID_CONFIGURATION).reply(404);
|
|
97
103
|
|
|
98
104
|
await expect(() => MetadataClient.retrieveAllMetadata(IDENTIPROOF_ISSUER_URL, { errorOnNotFound: true })).rejects.toThrowError(
|
|
99
105
|
'Could not deduce the credential endpoint for https://issuer.research.identiproof.io',
|
|
@@ -103,6 +109,7 @@ describe('MetadataClient with IdentiProof Issuer should', () => {
|
|
|
103
109
|
it('Succeed with default value if there is no credential endpoint with errors disabled', async () => {
|
|
104
110
|
nock(IDENTIPROOF_ISSUER_URL).get(WellKnownEndpoints.OPENID4VCI_ISSUER).reply(200, JSON.stringify(IDENTIPROOF_OID4VCI_METADATA));
|
|
105
111
|
nock(IDENTIPROOF_AS_URL).get(WellKnownEndpoints.OAUTH_AS).reply(200, JSON.stringify(IDENTIPROOF_AS_METADATA));
|
|
112
|
+
nock(IDENTIPROOF_AS_URL).get(WellKnownEndpoints.OPENID_CONFIGURATION).reply(404);
|
|
106
113
|
|
|
107
114
|
const metadata = await MetadataClient.retrieveAllMetadata(IDENTIPROOF_ISSUER_URL);
|
|
108
115
|
expect(metadata.credential_endpoint).toEqual('https://issuer.research.identiproof.io/credential');
|
|
@@ -130,11 +137,13 @@ describe('MetadataClient with IdentiProof Issuer should', () => {
|
|
|
130
137
|
describe('Metadataclient with Spruce Issuer should', () => {
|
|
131
138
|
it('succeed with OID4VCI and separate AS metadata', async () => {
|
|
132
139
|
nock(SPRUCE_ISSUER_URL).get(WellKnownEndpoints.OPENID4VCI_ISSUER).reply(200, JSON.stringify(SPRUCE_OID4VCI_METADATA));
|
|
140
|
+
nock(SPRUCE_ISSUER_URL).get(WellKnownEndpoints.OPENID_CONFIGURATION).reply(404);
|
|
141
|
+
nock(SPRUCE_ISSUER_URL).get(WellKnownEndpoints.OAUTH_AS).reply(404);
|
|
133
142
|
|
|
134
143
|
const metadata = await MetadataClient.retrieveAllMetadata(SPRUCE_ISSUER_URL);
|
|
135
144
|
expect(metadata.credential_endpoint).toEqual('https://ngi-oidc4vci-test.spruceid.xyz/credential');
|
|
136
145
|
expect(metadata.token_endpoint).toEqual('https://ngi-oidc4vci-test.spruceid.xyz/token');
|
|
137
|
-
expect(metadata.
|
|
146
|
+
expect(metadata.credentialIssuerMetadata).toEqual(SPRUCE_OID4VCI_METADATA);
|
|
138
147
|
});
|
|
139
148
|
|
|
140
149
|
it('Fail without OID4VCI', async () => {
|
|
@@ -144,7 +153,7 @@ describe('Metadataclient with Spruce Issuer should', () => {
|
|
|
144
153
|
.reply(404, JSON.stringify({ error: 'does not exist' }));
|
|
145
154
|
|
|
146
155
|
await expect(() => MetadataClient.retrieveAllMetadata(SPRUCE_ISSUER_URL, { errorOnNotFound: true })).rejects.toThrowError(
|
|
147
|
-
'Could not deduce the
|
|
156
|
+
'Could not deduce the token_endpoint for https://ngi-oidc4vci-test.spruceid.xyz',
|
|
148
157
|
);
|
|
149
158
|
});
|
|
150
159
|
});
|
|
@@ -160,7 +169,7 @@ describe('Metadataclient with Danubetech should', () => {
|
|
|
160
169
|
const metadata = await MetadataClient.retrieveAllMetadata(DANUBE_ISSUER_URL);
|
|
161
170
|
expect(metadata.credential_endpoint).toEqual('https://oidc4vc.uniissuer.io/credential');
|
|
162
171
|
expect(metadata.token_endpoint).toEqual('https://oidc4vc.uniissuer.io/token');
|
|
163
|
-
expect(metadata.
|
|
172
|
+
expect(metadata.credentialIssuerMetadata).toEqual(DANUBE_OIDC_METADATA);
|
|
164
173
|
});
|
|
165
174
|
|
|
166
175
|
it('Fail without OID4VCI', async () => {
|
|
@@ -170,7 +179,7 @@ describe('Metadataclient with Danubetech should', () => {
|
|
|
170
179
|
.reply(404, JSON.stringify({ error: 'does not exist' }));
|
|
171
180
|
|
|
172
181
|
await expect(() => MetadataClient.retrieveAllMetadata(SPRUCE_ISSUER_URL, { errorOnNotFound: true })).rejects.toThrowError(
|
|
173
|
-
'Could not deduce the
|
|
182
|
+
'Could not deduce the token_endpoint for https://ngi-oidc4vci-test.spruceid.xyz',
|
|
174
183
|
);
|
|
175
184
|
});
|
|
176
185
|
});
|
|
@@ -187,7 +196,7 @@ describe('Metadataclient with Walt-id should', () => {
|
|
|
187
196
|
const metadata = await MetadataClient.retrieveAllMetadata(WALT_ISSUER_URL);
|
|
188
197
|
expect(metadata.credential_endpoint).toEqual('https://jff.walt.id/issuer-api/oidc/credential');
|
|
189
198
|
expect(metadata.token_endpoint).toEqual('https://jff.walt.id/issuer-api/oidc/token');
|
|
190
|
-
expect(metadata.
|
|
199
|
+
expect(metadata.credentialIssuerMetadata).toEqual(WALT_OID4VCI_METADATA);
|
|
191
200
|
});
|
|
192
201
|
|
|
193
202
|
it('Fail without OID4VCI', async () => {
|
|
@@ -197,7 +206,7 @@ describe('Metadataclient with Walt-id should', () => {
|
|
|
197
206
|
.reply(404, JSON.stringify({ error: 'does not exist' }));
|
|
198
207
|
|
|
199
208
|
await expect(() => MetadataClient.retrieveAllMetadata(WALT_ISSUER_URL, { errorOnNotFound: true })).rejects.toThrowError(
|
|
200
|
-
'Could not deduce the
|
|
209
|
+
'Could not deduce the token_endpoint for https://jff.walt.id/issuer-api/oidc',
|
|
201
210
|
);
|
|
202
211
|
});
|
|
203
212
|
});
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import { AuthzFlowType, CodeChallengeMethod } from '@sphereon/oid4vci-common'
|
|
1
|
+
import { AuthzFlowType, CodeChallengeMethod, WellKnownEndpoints } from '@sphereon/oid4vci-common'
|
|
2
2
|
// eslint-disable-next-line @typescript-eslint/ban-ts-comment
|
|
3
3
|
// @ts-ignore
|
|
4
4
|
import nock from 'nock';
|
|
@@ -12,6 +12,8 @@ describe('OpenID4VCIClient should', () => {
|
|
|
12
12
|
|
|
13
13
|
beforeEach(async () => {
|
|
14
14
|
nock(MOCK_URL).get(/.*/).reply(200, {});
|
|
15
|
+
nock(MOCK_URL).get(WellKnownEndpoints.OAUTH_AS).reply(404, {});
|
|
16
|
+
nock(MOCK_URL).get(WellKnownEndpoints.OPENID_CONFIGURATION).reply(404, {});
|
|
15
17
|
client = await OpenID4VCIClient.fromURI({
|
|
16
18
|
uri: 'openid-initiate-issuance://?issuer=https://server.example.com&credential_type=TestCredential',
|
|
17
19
|
flowType: AuthzFlowType.AUTHORIZATION_CODE_FLOW,
|
|
@@ -25,7 +27,7 @@ describe('OpenID4VCIClient should', () => {
|
|
|
25
27
|
it('should create successfully construct an authorization request url', async () => {
|
|
26
28
|
// eslint-disable-next-line @typescript-eslint/ban-ts-comment
|
|
27
29
|
// @ts-ignore
|
|
28
|
-
client._endpointMetadata?.
|
|
30
|
+
client._endpointMetadata?.credentialIssuerMetadata.authorization_endpoint = `${MOCK_URL}v1/auth/authorize`;
|
|
29
31
|
const url = client.createAuthorizationRequestUrl({
|
|
30
32
|
clientId: 'test-client',
|
|
31
33
|
codeChallengeMethod: CodeChallengeMethod.SHA256,
|
|
@@ -53,7 +55,7 @@ describe('OpenID4VCIClient should', () => {
|
|
|
53
55
|
it("injects 'openid' as the first scope if not provided", async () => {
|
|
54
56
|
// eslint-disable-next-line @typescript-eslint/ban-ts-comment
|
|
55
57
|
// @ts-ignore
|
|
56
|
-
client._endpointMetadata?.
|
|
58
|
+
client._endpointMetadata?.credentialIssuerMetadata.authorization_endpoint = `${MOCK_URL}v1/auth/authorize`;
|
|
57
59
|
|
|
58
60
|
const url = client.createAuthorizationRequestUrl({
|
|
59
61
|
clientId: 'test-client',
|
|
@@ -71,7 +73,7 @@ describe('OpenID4VCIClient should', () => {
|
|
|
71
73
|
it('throw an error if no scope and no authorization_details is provided', async () => {
|
|
72
74
|
// eslint-disable-next-line @typescript-eslint/ban-ts-comment
|
|
73
75
|
// @ts-ignore
|
|
74
|
-
client._endpointMetadata?.
|
|
76
|
+
client._endpointMetadata?.credentialIssuerMetadata.authorization_endpoint = `${MOCK_URL}v1/auth/authorize`;
|
|
75
77
|
|
|
76
78
|
expect(() => {
|
|
77
79
|
client.createAuthorizationRequestUrl({
|
|
@@ -85,7 +87,7 @@ describe('OpenID4VCIClient should', () => {
|
|
|
85
87
|
it('create an authorization request url with authorization_details array property', async () => {
|
|
86
88
|
// eslint-disable-next-line @typescript-eslint/ban-ts-comment
|
|
87
89
|
// @ts-ignore
|
|
88
|
-
client._endpointMetadata.
|
|
90
|
+
client._endpointMetadata?.credentialIssuerMetadata.authorization_endpoint = `${MOCK_URL}v1/auth/authorize`;
|
|
89
91
|
|
|
90
92
|
expect(
|
|
91
93
|
client.createAuthorizationRequestUrl({
|
|
@@ -116,7 +118,7 @@ describe('OpenID4VCIClient should', () => {
|
|
|
116
118
|
it('create an authorization request url with authorization_details object property', async () => {
|
|
117
119
|
// eslint-disable-next-line @typescript-eslint/ban-ts-comment
|
|
118
120
|
// @ts-ignore
|
|
119
|
-
client._endpointMetadata.
|
|
121
|
+
client._endpointMetadata?.credentialIssuerMetadata.authorization_endpoint = `${MOCK_URL}v1/auth/authorize`;
|
|
120
122
|
|
|
121
123
|
expect(
|
|
122
124
|
client.createAuthorizationRequestUrl({
|
|
@@ -140,7 +142,7 @@ describe('OpenID4VCIClient should', () => {
|
|
|
140
142
|
it('create an authorization request url with authorization_details and scope', async () => {
|
|
141
143
|
// eslint-disable-next-line @typescript-eslint/ban-ts-comment
|
|
142
144
|
// @ts-ignore
|
|
143
|
-
client._endpointMetadata.
|
|
145
|
+
client._endpointMetadata.credentialIssuerMetadata.authorization_endpoint = `${MOCK_URL}v1/auth/authorize`;
|
|
144
146
|
|
|
145
147
|
expect(
|
|
146
148
|
client.createAuthorizationRequestUrl({
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import { AuthzFlowType, CodeChallengeMethod,
|
|
1
|
+
import { AuthzFlowType, CodeChallengeMethod, WellKnownEndpoints } from '@sphereon/oid4vci-common'
|
|
2
2
|
import nock from 'nock';
|
|
3
3
|
|
|
4
4
|
import { OpenID4VCIClient } from '../OpenID4VCIClient';
|
|
@@ -9,6 +9,8 @@ describe('OpenID4VCIClient', () => {
|
|
|
9
9
|
|
|
10
10
|
beforeEach(async () => {
|
|
11
11
|
nock(MOCK_URL).get(/.*/).reply(200, {});
|
|
12
|
+
nock(MOCK_URL).get(WellKnownEndpoints.OAUTH_AS).reply(404, {});
|
|
13
|
+
nock(MOCK_URL).get(WellKnownEndpoints.OPENID_CONFIGURATION).reply(404, {});
|
|
12
14
|
nock(`${MOCK_URL}`).post('/v1/auth/par').reply(201, { request_uri: 'test_uri', expires_in: 90 });
|
|
13
15
|
client = await OpenID4VCIClient.fromURI({
|
|
14
16
|
uri: 'openid-initiate-issuance://?issuer=https://server.example.com&credential_type=TestCredential',
|
|
@@ -21,7 +23,9 @@ describe('OpenID4VCIClient', () => {
|
|
|
21
23
|
});
|
|
22
24
|
|
|
23
25
|
it('should successfully retrieve the authorization code using PAR', async () => {
|
|
24
|
-
(
|
|
26
|
+
(
|
|
27
|
+
client.endpointMetadata.credentialIssuerMetadata!
|
|
28
|
+
).pushed_authorization_request_endpoint = `${MOCK_URL}v1/auth/par`;
|
|
25
29
|
const actual = await client.acquirePushedAuthorizationRequestURI({
|
|
26
30
|
clientId: 'test-client',
|
|
27
31
|
codeChallengeMethod: CodeChallengeMethod.SHA256,
|
|
@@ -56,7 +60,9 @@ describe('OpenID4VCIClient', () => {
|
|
|
56
60
|
});
|
|
57
61
|
|
|
58
62
|
it('should not fail when only authorization_details is present', async () => {
|
|
59
|
-
(
|
|
63
|
+
(
|
|
64
|
+
client.endpointMetadata.credentialIssuerMetadata!
|
|
65
|
+
).pushed_authorization_request_endpoint = `${MOCK_URL}v1/auth/par`;
|
|
60
66
|
const actual = await client.acquirePushedAuthorizationRequestURI({
|
|
61
67
|
clientId: 'test-client',
|
|
62
68
|
codeChallengeMethod: CodeChallengeMethod.SHA256,
|
|
@@ -77,7 +83,9 @@ describe('OpenID4VCIClient', () => {
|
|
|
77
83
|
});
|
|
78
84
|
|
|
79
85
|
it('should not fail when only scope is present', async () => {
|
|
80
|
-
(
|
|
86
|
+
(
|
|
87
|
+
client.endpointMetadata.credentialIssuerMetadata!
|
|
88
|
+
).pushed_authorization_request_endpoint = `${MOCK_URL}v1/auth/par`;
|
|
81
89
|
const actual = await client.acquirePushedAuthorizationRequestURI({
|
|
82
90
|
clientId: 'test-client',
|
|
83
91
|
codeChallengeMethod: CodeChallengeMethod.SHA256,
|
|
@@ -89,7 +97,9 @@ describe('OpenID4VCIClient', () => {
|
|
|
89
97
|
});
|
|
90
98
|
|
|
91
99
|
it('should not fail when both authorization_details and scope are present', async () => {
|
|
92
|
-
(
|
|
100
|
+
(
|
|
101
|
+
client.endpointMetadata.credentialIssuerMetadata!
|
|
102
|
+
).pushed_authorization_request_endpoint = `${MOCK_URL}v1/auth/par`;
|
|
93
103
|
const actual = await client.acquirePushedAuthorizationRequestURI({
|
|
94
104
|
clientId: 'test-client',
|
|
95
105
|
codeChallengeMethod: CodeChallengeMethod.SHA256,
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@sphereon/oid4vci-client",
|
|
3
|
-
"version": "0.
|
|
3
|
+
"version": "0.7.1-next.7+5b8552f",
|
|
4
4
|
"description": "OpenID for Verifiable Credential Issuance (OpenID4VCI) client",
|
|
5
5
|
"source": "lib/index.ts",
|
|
6
6
|
"main": "dist/index.js",
|
|
@@ -15,15 +15,14 @@
|
|
|
15
15
|
"build": "tsc"
|
|
16
16
|
},
|
|
17
17
|
"dependencies": {
|
|
18
|
-
"@sphereon/oid4vci-common": "0.
|
|
18
|
+
"@sphereon/oid4vci-common": "0.7.1-next.7+5b8552f",
|
|
19
19
|
"@sphereon/ssi-types": "^0.15.1",
|
|
20
20
|
"cross-fetch": "^3.1.8",
|
|
21
|
-
"debug": "^4.3.4"
|
|
22
|
-
"uint8arrays": "^4.0.6"
|
|
21
|
+
"debug": "^4.3.4"
|
|
23
22
|
},
|
|
24
23
|
"devDependencies": {
|
|
25
24
|
"@types/jest": "^29.5.3",
|
|
26
|
-
"@types/node": "^18.17.
|
|
25
|
+
"@types/node": "^18.17.4",
|
|
27
26
|
"@typescript-eslint/eslint-plugin": "^5.62.0",
|
|
28
27
|
"@typescript-eslint/parser": "^5.62.0",
|
|
29
28
|
"codecov": "^3.8.3",
|
|
@@ -40,7 +39,8 @@
|
|
|
40
39
|
"open-cli": "^7.2.0",
|
|
41
40
|
"ts-jest": "^29.1.1",
|
|
42
41
|
"ts-node": "^10.9.1",
|
|
43
|
-
"typescript": "4.9.5"
|
|
42
|
+
"typescript": "4.9.5",
|
|
43
|
+
"uint8arrays": "3.1.1"
|
|
44
44
|
},
|
|
45
45
|
"engines": {
|
|
46
46
|
"node": ">=16"
|
|
@@ -64,5 +64,5 @@
|
|
|
64
64
|
"OIDC4VCI",
|
|
65
65
|
"OID4VCI"
|
|
66
66
|
],
|
|
67
|
-
"gitHead": "
|
|
67
|
+
"gitHead": "5b8552f1844e4b97156c49e464693952fd0b63f0"
|
|
68
68
|
}
|