@sphereon/oid4vci-client 0.8.1 → 0.8.2-next.26

package/lib/CredentialRequestClient.ts

@@ -1,6 +1,7 @@
 import {
-  CredentialRequestV1_0_08,
   CredentialResponse,
+  getCredentialRequestForVersion,
+  getUniformFormat,
   OID4VCICredentialFormat,
   OpenId4VCIVersion,
   OpenIDResponse,
@@ -53,33 +54,17 @@ export class CredentialRequestClient {
   }
 
   public async acquireCredentialsUsingRequest(uniformRequest: UniformCredentialRequest): Promise<OpenIDResponse<CredentialResponse>> {
-    let request: CredentialRequestV1_0_08 | UniformCredentialRequest = uniformRequest;
-    if (!this.isV11OrHigher()) {
-      let format: string = uniformRequest.format;
-      if (format === 'jwt_vc_json') {
-        format = 'jwt_vc';
-      } else if (format === 'jwt_vc_json-ld') {
-        format = 'ldp_vc';
-      }
-
-      request = {
-        format,
-        proof: uniformRequest.proof,
-        type:
-          'types' in uniformRequest
-            ? uniformRequest.types.filter((t) => t !== 'VerifiableCredential')[0]
-            : uniformRequest.credential_definition.types[0],
-      } as CredentialRequestV1_0_08;
-    }
+    const request = getCredentialRequestForVersion(uniformRequest, this.version());
     const credentialEndpoint: string = this.credentialRequestOpts.credentialEndpoint;
     if (!isValidURL(credentialEndpoint)) {
       debug(`Invalid credential endpoint: ${credentialEndpoint}`);
       throw new Error(URL_NOT_VALID);
     }
     debug(`Acquiring credential(s) from: ${credentialEndpoint}`);
+    debug(`request\n: ${JSON.stringify(request, null, 2)}`);
     const requestToken: string = this.credentialRequestOpts.token;
     const response: OpenIDResponse<CredentialResponse> = await post(credentialEndpoint, JSON.stringify(request), { bearerToken: requestToken });
-    debug(`Credential endpoint ${credentialEndpoint} response:\r\n${response}`);
+    debug(`Credential endpoint ${credentialEndpoint} response:\r\n${JSON.stringify(response, null, 2)}`);
     return response;
   }
 
@@ -92,20 +77,10 @@ export class CredentialRequestClient {
     const { proofInput } = opts;
     const formatSelection = opts.format ?? this.credentialRequestOpts.format;
 
-    let format: OID4VCICredentialFormat = formatSelection as OID4VCICredentialFormat;
-    if (opts.version < OpenId4VCIVersion.VER_1_0_11) {
-      if (formatSelection === 'jwt_vc' || formatSelection === 'jwt') {
-        format = 'jwt_vc_json';
-      } else if (formatSelection === 'ldp_vc' || formatSelection === 'ldp') {
-        format = 'jwt_vc_json-ld';
-      }
-    }
-
-    if (!format) {
+    if (!formatSelection) {
       throw Error(`Format of credential to be issued is missing`);
-    } else if (format !== 'jwt_vc_json-ld' && format !== 'jwt_vc_json' && format !== 'ldp_vc') {
-      throw Error(`Invalid format of credential to be issued: ${format}`);
     }
+    const format = getUniformFormat(formatSelection);
     const typesSelection =
       opts?.credentialTypes && (typeof opts.credentialTypes === 'string' || opts.credentialTypes.length > 0)
         ? opts.credentialTypes
@@ -113,7 +88,9 @@ export class CredentialRequestClient {
     const types = Array.isArray(typesSelection) ? typesSelection : [typesSelection];
     if (types.length === 0) {
       throw Error(`Credential type(s) need to be provided`);
-    } else if (!this.isV11OrHigher() && types.length !== 1) {
+    }
+    // FIXME: this is mixing up the type (as id) from v8/v9 and the types (from the vc.type) from v11
+    else if (!this.isV11OrHigher() && types.length !== 1) {
       throw Error('Only a single credential type is supported for V8/V9');
     }
 
@@ -121,16 +98,43 @@ export class CredentialRequestClient {
       'proof_type' in proofInput
         ? await ProofOfPossessionBuilder.fromProof(proofInput as ProofOfPossession, opts.version).build()
         : await proofInput.build();
-    return {
-      types,
-      format,
-      proof,
-    } as UniformCredentialRequest;
+
+    // TODO: we should move format specific logic
+    if (format === 'jwt_vc_json' || format === 'jwt_vc') {
+      return {
+        types,
+        format,
+        proof,
+      };
+    } else if (format === 'jwt_vc_json-ld' || format === 'ldp_vc') {
+      return {
+        format,
+        proof,
+        credential_definition: {
+          types,
+          // FIXME: this was not included in the original code, but it is required
+          '@context': [],
+        },
+      };
+    } else if (format === 'vc+sd-jwt') {
+      if (types.length > 1) {
+        throw Error(`Only a single credential type is supported for ${format}`);
+      }
+
+      return {
+        format,
+        proof,
+        vct: types[0],
+      };
+    }
+
+    throw new Error(`Unsupported format: ${format}`);
   }
 
   private version(): OpenId4VCIVersion {
     return this.credentialRequestOpts?.version ?? OpenId4VCIVersion.VER_1_0_11;
   }
+
   private isV11OrHigher(): boolean {
     return this.version() >= OpenId4VCIVersion.VER_1_0_11;
   }

package/lib/CredentialRequestClientBuilder.ts

@@ -6,6 +6,7 @@ import {
   determineSpecVersionFromOffer,
   EndpointMetadata,
   getIssuerFromCredentialOfferPayload,
+  getTypesFromOffer,
   OID4VCICredentialFormat,
   OpenId4VCIVersion,
   UniformCredentialOfferRequest,
@@ -22,6 +23,25 @@ export class CredentialRequestClientBuilder {
   token?: string;
   version?: OpenId4VCIVersion;
 
+  public static fromCredentialIssuer({
+    credentialIssuer,
+    metadata,
+    version,
+    credentialTypes,
+  }: {
+    credentialIssuer: string;
+    metadata?: EndpointMetadata;
+    version?: OpenId4VCIVersion;
+    credentialTypes: string | string[];
+  }): CredentialRequestClientBuilder {
+    const issuer = credentialIssuer;
+    const builder = new CredentialRequestClientBuilder();
+    builder.withVersion(version ?? OpenId4VCIVersion.VER_1_0_11);
+    builder.withCredentialEndpoint(metadata?.credential_endpoint ?? (issuer.endsWith('/') ? `${issuer}credential` : `${issuer}/credential`));
+    builder.withCredentialType(credentialTypes);
+    return builder;
+  }
+
   public static async fromURI({ uri, metadata }: { uri: string; metadata?: EndpointMetadata }): Promise<CredentialRequestClientBuilder> {
     const offer = await CredentialOfferClient.fromURI(uri);
     return CredentialRequestClientBuilder.fromCredentialOfferRequest({ request: offer, ...offer, metadata, version: offer.version });
@@ -46,7 +66,7 @@ export class CredentialRequestClientBuilder {
       builder.withCredentialType((request.original_credential_offer as CredentialOfferPayloadV1_0_08).credential_type);
     } else {
       // todo: look whether this is correct
-      builder.withCredentialType(request.credential_offer.credentials.flatMap((c) => (typeof c === 'string' ? c : c.types)));
+      builder.withCredentialType(getTypesFromOffer(request.credential_offer));
     }
 
     return builder;

package/lib/OpenID4VCIClient.ts

@@ -8,15 +8,18 @@ import {
   CredentialResponse,
   CredentialSupported,
   EndpointMetadataResult,
+  getIssuerFromCredentialOfferPayload,
+  getSupportedCredentials,
+  getTypesFromCredentialSupported,
   JsonURIMode,
+  JWK,
+  KID_JWK_X5C_ERROR,
   OID4VCICredentialFormat,
   OpenId4VCIVersion,
   ProofOfPossessionCallbacks,
   PushedAuthorizationResponse,
   ResponseType,
 } from '@sphereon/oid4vci-common';
-import { getSupportedCredentials } from '@sphereon/oid4vci-common/dist/functions/IssuerMetadataUtils';
-import { CredentialSupportedTypeV1_0_08 } from '@sphereon/oid4vci-common/dist/types/v1_0_08.types';
 import { CredentialFormat } from '@sphereon/ssi-types';
 import Debug from 'debug';
 
@@ -39,27 +42,66 @@ interface AuthDetails {
 
 interface AuthRequestOpts {
   codeChallenge: string;
-  codeChallengeMethod: CodeChallengeMethod;
+  codeChallengeMethod?: CodeChallengeMethod;
   authorizationDetails?: AuthDetails | AuthDetails[];
   redirectUri: string;
   scope?: string;
 }
 
 export class OpenID4VCIClient {
-  private readonly _credentialOffer: CredentialOfferRequestWithBaseUrl;
+  private readonly _credentialOffer?: CredentialOfferRequestWithBaseUrl;
+  private _credentialIssuer: string;
   private _clientId?: string;
   private _kid: string | undefined;
+  private _jwk: JWK | undefined;
   private _alg: Alg | string | undefined;
   private _endpointMetadata: EndpointMetadataResult | undefined;
   private _accessTokenResponse: AccessTokenResponse | undefined;
 
-  private constructor(credentialOffer: CredentialOfferRequestWithBaseUrl, kid?: string, alg?: Alg | string, clientId?: string) {
+  private constructor({
+    credentialOffer,
+    clientId,
+    kid,
+    alg,
+    credentialIssuer,
+  }: {
+    credentialOffer?: CredentialOfferRequestWithBaseUrl;
+    kid?: string;
+    alg?: Alg | string;
+    clientId?: string;
+    credentialIssuer?: string;
+  }) {
     this._credentialOffer = credentialOffer;
+    const issuer = credentialIssuer ?? (credentialOffer ? getIssuerFromCredentialOfferPayload(credentialOffer.credential_offer) : undefined);
+    if (!issuer) {
+      throw Error('No credential issuer supplied or deduced from offer');
+    }
+    this._credentialIssuer = issuer;
     this._kid = kid;
     this._alg = alg;
     this._clientId = clientId;
   }
 
+  public static async fromCredentialIssuer({
+    kid,
+    alg,
+    retrieveServerMetadata,
+    clientId,
+    credentialIssuer,
+  }: {
+    credentialIssuer: string;
+    kid?: string;
+    alg?: Alg | string;
+    retrieveServerMetadata?: boolean;
+    clientId?: string;
+  }) {
+    const client = new OpenID4VCIClient({ kid, alg, clientId, credentialIssuer });
+    if (retrieveServerMetadata === undefined || retrieveServerMetadata) {
+      await client.retrieveServerMetadata();
+    }
+    return client;
+  }
+
   public static async fromURI({
     uri,
     kid,
@@ -75,7 +117,12 @@ export class OpenID4VCIClient {
     resolveOfferUri?: boolean;
     clientId?: string;
   }): Promise<OpenID4VCIClient> {
-    const client = new OpenID4VCIClient(await CredentialOfferClient.fromURI(uri, { resolve: resolveOfferUri }), kid, alg, clientId);
+    const client = new OpenID4VCIClient({
+      credentialOffer: await CredentialOfferClient.fromURI(uri, { resolve: resolveOfferUri }),
+      kid,
+      alg,
+      clientId,
+    });
 
     if (retrieveServerMetadata === undefined || retrieveServerMetadata) {
       await client.retrieveServerMetadata();
@@ -86,16 +133,41 @@ export class OpenID4VCIClient {
   public async retrieveServerMetadata(): Promise<EndpointMetadataResult> {
     this.assertIssuerData();
     if (!this._endpointMetadata) {
-      this._endpointMetadata = await MetadataClient.retrieveAllMetadataFromCredentialOffer(this.credentialOffer);
+      if (this.credentialOffer) {
+        this._endpointMetadata = await MetadataClient.retrieveAllMetadataFromCredentialOffer(this.credentialOffer);
+      } else if (this._credentialIssuer) {
+        this._endpointMetadata = await MetadataClient.retrieveAllMetadata(this._credentialIssuer);
+      } else {
+        throw Error(`Cannot retrieve issuer metadata without either a credential offer, or issuer value`);
+      }
     }
     return this.endpointMetadata;
   }
 
+  // todo: Unify this method with the par method
+
   public createAuthorizationRequestUrl({ codeChallengeMethod, codeChallenge, authorizationDetails, redirectUri, scope }: AuthRequestOpts): string {
     // Scope and authorization_details can be used in the same authorization request
     // https://datatracker.ietf.org/doc/html/draft-ietf-oauth-rar-23#name-relationship-to-scope-param
     if (!scope && !authorizationDetails) {
-      throw Error('Please provide a scope or authorization_details');
+      if (!this.credentialOffer) {
+        throw Error('Please provide a scope or authorization_details');
+      }
+      const creds = this.credentialOffer.credential_offer.credentials;
+
+      authorizationDetails = creds
+        .flatMap((cred) => (typeof cred === 'string' ? this.getCredentialsSupported(true) : (cred as CredentialSupported)))
+        .map((cred) => {
+          return {
+            ...cred,
+            type: 'openid_credential',
+            locations: [this._credentialIssuer],
+            format: cred.format,
+          } satisfies AuthDetails;
+        });
+      if (authorizationDetails.length === 0) {
+        throw Error(`Could not create authorization details from credential offer. Please pass in explicit details`);
+      }
     }
     // todo: Probably can go with current logic in MetadataClient who will always set the authorization_endpoint when found
     //  handling this because of the support for v1_0-08
@@ -117,7 +189,7 @@ export class OpenID4VCIClient {
 
     const queryObj: { [key: string]: string } = {
       response_type: ResponseType.AUTH_CODE,
-      code_challenge_method: codeChallengeMethod,
+      code_challenge_method: codeChallengeMethod ?? CodeChallengeMethod.SHA256,
       code_challenge: codeChallenge,
       authorization_details: JSON.stringify(this.handleAuthorizationDetails(authorizationDetails)),
       redirect_uri: redirectUri,
@@ -128,7 +200,7 @@ export class OpenID4VCIClient {
       queryObj['client_id'] = this.clientId;
     }
 
-    if (this.credentialOffer.issuerState) {
+    if (this.credentialOffer?.issuerState) {
       queryObj['issuer_state'] = this.credentialOffer.issuerState;
     }
 
@@ -140,6 +212,7 @@ export class OpenID4VCIClient {
     });
   }
 
+  // todo: Unify this method with the create auth request url method
   public async acquirePushedAuthorizationRequestURI({
     codeChallengeMethod,
     codeChallenge,
@@ -173,7 +246,7 @@ export class OpenID4VCIClient {
 
     const queryObj: { [key: string]: string } = {
       response_type: ResponseType.AUTH_CODE,
-      code_challenge_method: codeChallengeMethod,
+      code_challenge_method: codeChallengeMethod ?? CodeChallengeMethod.SHA256,
       code_challenge: codeChallenge,
       authorization_details: JSON.stringify(this.handleAuthorizationDetails(authorizationDetails)),
       redirect_uri: redirectUri,
@@ -184,7 +257,7 @@ export class OpenID4VCIClient {
       queryObj['client_id'] = this.clientId;
     }
 
-    if (this.credentialOffer.issuerState) {
+    if (this.credentialOffer?.issuerState) {
       queryObj['issuer_state'] = this.credentialOffer.issuerState;
     }
 
@@ -249,6 +322,7 @@ export class OpenID4VCIClient {
       const response = await accessTokenClient.acquireAccessToken({
         credentialOffer: this.credentialOffer,
         metadata: this.endpointMetadata,
+        credentialIssuer: this.getIssuer(),
         pin,
         codeVerifier,
         code,
@@ -281,6 +355,7 @@ export class OpenID4VCIClient {
     proofCallbacks,
     format,
     kid,
+    jwk,
     alg,
     jti,
   }: {
@@ -288,46 +363,54 @@ export class OpenID4VCIClient {
     proofCallbacks: ProofOfPossessionCallbacks<any>;
     format?: CredentialFormat | OID4VCICredentialFormat;
     kid?: string;
+    jwk?: JWK;
     alg?: Alg | string;
     jti?: string;
   }): Promise<CredentialResponse> {
-    if (alg) {
-      this._alg = alg;
-    }
-    if (kid) {
-      this._kid = kid;
+    if ([jwk, kid].filter((v) => v !== undefined).length > 1) {
+      throw new Error(KID_JWK_X5C_ERROR + `. jwk: ${jwk !== undefined}, kid: ${kid !== undefined}`);
     }
 
-    const requestBuilder = CredentialRequestClientBuilder.fromCredentialOffer({
-      credentialOffer: this.credentialOffer,
-      metadata: this.endpointMetadata,
-    });
+    if (alg) this._alg = alg;
+    if (jwk) this._jwk = jwk;
+    if (kid) this._kid = kid;
+
+    const requestBuilder = this.credentialOffer
+      ? CredentialRequestClientBuilder.fromCredentialOffer({
+          credentialOffer: this.credentialOffer,
+          metadata: this.endpointMetadata,
+        })
+      : CredentialRequestClientBuilder.fromCredentialIssuer({
+          credentialIssuer: this.getIssuer(),
+          credentialTypes,
+          metadata: this.endpointMetadata,
+          version: this.version(),
+        });
 
     requestBuilder.withTokenFromResponse(this.accessTokenResponse);
     if (this.endpointMetadata?.credentialIssuerMetadata) {
       const metadata = this.endpointMetadata.credentialIssuerMetadata;
-      const types = Array.isArray(credentialTypes) ? credentialTypes.sort() : [credentialTypes];
+      const types = Array.isArray(credentialTypes) ? [...credentialTypes].sort() : [credentialTypes];
 
       if (metadata.credentials_supported && Array.isArray(metadata.credentials_supported)) {
         let typeSupported = false;
 
         metadata.credentials_supported.forEach((supportedCredential) => {
-          if (!supportedCredential.types || supportedCredential.types.length === 0) {
-            throw Error('types is required in the credentials supported');
-          }
+          const subTypes = getTypesFromCredentialSupported(supportedCredential);
           if (
-            supportedCredential.types.sort().every((t, i) => types[i] === t) ||
-            (types.length === 1 && (types[0] === supportedCredential.id || supportedCredential.types.includes(types[0])))
+            subTypes.sort().every((t, i) => types[i] === t) ||
+            (types.length === 1 && (types[0] === supportedCredential.id || subTypes.includes(types[0])))
           ) {
             typeSupported = true;
           }
         });
 
         if (!typeSupported) {
-          throw Error(`Not all credential types ${JSON.stringify(credentialTypes)} are supported by issuer ${this.getIssuer()}`);
+          console.log(`Not all credential types ${JSON.stringify(credentialTypes)} are present in metadata for ${this.getIssuer()}`);
+          // throw Error(`Not all credential types ${JSON.stringify(credentialTypes)} are supported by issuer ${this.getIssuer()}`);
         }
       } else if (metadata.credentials_supported && !Array.isArray(metadata.credentials_supported)) {
-        const credentialsSupported = metadata.credentials_supported as CredentialSupportedTypeV1_0_08;
+        const credentialsSupported = metadata.credentials_supported;
         if (types.some((type) => !metadata.credentials_supported || !credentialsSupported[type])) {
           throw Error(`Not all credential types ${JSON.stringify(credentialTypes)} are supported by issuer ${this.getIssuer()}`);
         }
@@ -341,8 +424,14 @@ export class OpenID4VCIClient {
       version: this.version(),
     })
       .withIssuer(this.getIssuer())
-      .withAlg(this.alg)
-      .withKid(this.kid);
+      .withAlg(this.alg);
+
+    if (this._jwk) {
+      proofBuilder.withJWK(this._jwk);
+    }
+    if (this._kid) {
+      proofBuilder.withKid(this._kid);
+    }
 
     if (this.clientId) {
       proofBuilder.withClientId(this.clientId);
@@ -356,7 +445,7 @@ export class OpenID4VCIClient {
       format,
     });
     if (response.errorBody) {
-      debug(`Credential request error:\r\n${response.errorBody}`);
+      debug(`Credential request error:\r\n${JSON.stringify(response.errorBody)}`);
       throw Error(
         `Retrieving a credential from ${this._endpointMetadata?.credential_endpoint} for issuer ${this.getIssuer()} failed with status: ${
           response.origResponse.status
@@ -389,7 +478,9 @@ export class OpenID4VCIClient {
   }
 
   getCredentialOfferTypes(): string[][] {
-    if (this.credentialOffer.version < OpenId4VCIVersion.VER_1_0_11) {
+    if (!this.credentialOffer) {
+      return [];
+    } else if (this.credentialOffer.version < OpenId4VCIVersion.VER_1_0_11) {
       const orig = this.credentialOffer.original_credential_offer as CredentialOfferPayloadV1_0_08;
       const types: string[] = typeof orig.credential_type === 'string' ? [orig.credential_type] : orig.credential_type;
       const result: string[][] = [];
@@ -397,21 +488,29 @@ export class OpenID4VCIClient {
       return result;
     } else {
       return this.credentialOffer.credential_offer.credentials.map((c) => {
-        return typeof c === 'string' ? [c] : c.types;
+        if (typeof c === 'string') {
+          return [c];
+        } else if ('types' in c) {
+          return c.types;
+        } else if ('vct' in c) {
+          return [c.vct];
+        } else {
+          return c.credential_definition.types;
+        }
       });
     }
   }
 
   issuerSupportedFlowTypes(): AuthzFlowType[] {
-    return this.credentialOffer.supportedFlows;
+    return this.credentialOffer?.supportedFlows ?? [AuthzFlowType.AUTHORIZATION_CODE_FLOW];
   }
 
-  get credentialOffer(): CredentialOfferRequestWithBaseUrl {
+  get credentialOffer(): CredentialOfferRequestWithBaseUrl | undefined {
     return this._credentialOffer;
   }
 
   public version(): OpenId4VCIVersion {
-    return this.credentialOffer.version;
+    return this.credentialOffer?.version ?? OpenId4VCIVersion.VER_1_0_11;
   }
 
   public get endpointMetadata(): EndpointMetadataResult {
@@ -437,9 +536,6 @@ export class OpenID4VCIClient {
   }
 
   get clientId(): string | undefined {
-    /*if (!this._clientId) {
-      throw Error('No client id present');
-    }*/
     return this._clientId;
   }
 
@@ -451,7 +547,7 @@ export class OpenID4VCIClient {
 
   public getIssuer(): string {
     this.assertIssuerData();
-    return this._endpointMetadata ? this.endpointMetadata.issuer : this.getIssuer();
+    return this._credentialIssuer!;
   }
 
   public getAccessTokenEndpoint(): string {
@@ -467,8 +563,10 @@ export class OpenID4VCIClient {
   }
 
   private assertIssuerData(): void {
-    if (!this._credentialOffer) {
+    if (!this._credentialOffer && this.issuerSupportedFlowTypes().includes(AuthzFlowType.PRE_AUTHORIZED_CODE_FLOW)) {
       throw Error(`No issuance initiation or credential offer present`);
+    } else if (!this._credentialIssuer) {
+      throw Error(`No credential issuer value present`);
     }
   }
 

package/lib/ProofOfPossessionBuilder.ts

@@ -2,6 +2,7 @@ import {
   AccessTokenResponse,
   Alg,
   EndpointMetadata,
+  JWK,
   Jwt,
   NO_JWT_PROVIDED,
   OpenId4VCIVersion,
@@ -19,6 +20,7 @@ export class ProofOfPossessionBuilder<DIDDoc> {
   private readonly version: OpenId4VCIVersion;
 
   private kid?: string;
+  private jwk?: JWK;
   private clientId?: string;
   private issuer?: string;
   private jwt?: Jwt;
@@ -91,6 +93,11 @@ export class ProofOfPossessionBuilder<DIDDoc> {
     return this;
   }
 
+  withJWK(jwk: JWK): this {
+    this.jwk = jwk;
+    return this;
+  }
+
   withIssuer(issuer: string): this {
     this.issuer = issuer;
     return this;
@@ -182,6 +189,7 @@ export class ProofOfPossessionBuilder<DIDDoc> {
         {
           typ: this.typ ?? (this.version < OpenId4VCIVersion.VER_1_0_11 ? 'jwt' : 'openid4vci-proof+jwt'),
           kid: this.kid,
+          jwk: this.jwk,
           jti: this.jti,
           alg: this.alg,
           issuer: this.issuer,

package/lib/__tests__/CredentialRequestClient.spec.ts

@@ -3,6 +3,7 @@ import { KeyObject } from 'crypto';
 import {
   Alg,
   EndpointMetadata,
+  getCredentialRequestForVersion,
   getIssuerFromCredentialOfferPayload,
   Jwt,
   OpenId4VCIVersion,
@@ -127,7 +128,7 @@ describe('Credential Request Client ', () => {
       version: OpenId4VCIVersion.VER_1_0_08,
     });
     expect(credentialRequest.proof?.jwt?.includes(partialJWT)).toBeTruthy();
-    expect(credentialRequest.format).toEqual('jwt_vc_json');
+    expect(credentialRequest.format).toEqual('jwt_vc');
     const result = await credReqClient.acquireCredentialsUsingRequest(credentialRequest);
     expect(result?.successBody?.credential).toEqual(mockedVC);
   });
@@ -149,17 +150,22 @@ describe('Credential Request Client ', () => {
       .withKid(kid)
       .withClientId('sphereon:wallet')
       .build();
-    // eslint-disable-next-line @typescript-eslint/ban-ts-comment
-    // @ts-ignore
-    await expect(credReqClient.acquireCredentialsUsingRequest({ format: 'jwt_vc_json-ld', types: ['random'], proof })).rejects.toThrow(
+    await expect(credReqClient.acquireCredentialsUsingRequest({ format: 'jwt_vc_json', types: ['random'], proof })).rejects.toThrow(
       Error(URL_NOT_VALID),
     );
   });
 });
 
 describe('Credential Request Client with Walt.id ', () => {
-  it('should have correct metadata endpoints', async function () {
+  beforeAll(() => {
     nock.cleanAll();
+  });
+
+  afterEach(() => {
+    nock.cleanAll();
+  });
+  it('should have correct metadata endpoints', async function () {
+    // nock.cleanAll();
     const WALT_IRR_URI =
       'openid-initiate-issuance://?issuer=https%3A%2F%2Fjff.walt.id%2Fissuer-api%2Foidc%2F&credential_type=OpenBadgeCredential&pre-authorized_code=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJhOTUyZjUxNi1jYWVmLTQ4YjMtODIxYy00OTRkYzgyNjljZjAiLCJwcmUtYXV0aG9yaXplZCI6dHJ1ZX0.YE5DlalcLC2ChGEg47CQDaN1gTxbaQqSclIVqsSAUHE&user_pin_required=false';
     const credentialOffer = await CredentialOfferClient.fromURI(WALT_IRR_URI);
@@ -194,10 +200,11 @@ describe('Credential Request Client with different issuers ', () => {
           jwt: getMockData('spruce')?.credential.request.proof.jwt as string,
         },
         credentialTypes: ['OpenBadgeCredential'],
-        format: 'jwt_vc_json-ld',
+        format: 'jwt_vc',
         version: OpenId4VCIVersion.VER_1_0_08,
       });
-    expect(credentialRequest).toEqual(getMockData('spruce')?.credential.request);
+    const draft8CredentialRequest = getCredentialRequestForVersion(credentialRequest, OpenId4VCIVersion.VER_1_0_08);
+    expect(draft8CredentialRequest).toEqual(getMockData('spruce')?.credential.request);
   });
 
   it('should create correct CredentialRequest for Walt', async () => {
@@ -264,7 +271,8 @@ describe('Credential Request Client with different issuers ', () => {
         format: 'ldp_vc',
         version: OpenId4VCIVersion.VER_1_0_08,
       });
-    expect(credentialOffer).toEqual(getMockData('mattr')?.credential.request);
+    const credentialRequest = getCredentialRequestForVersion(credentialOffer, OpenId4VCIVersion.VER_1_0_08);
+    expect(credentialRequest).toEqual(getMockData('mattr')?.credential.request);
   });
 
   it('should create correct CredentialRequest for diwala', async () => {
@@ -286,6 +294,10 @@ describe('Credential Request Client with different issuers ', () => {
         format: 'ldp_vc',
         version: OpenId4VCIVersion.VER_1_0_08,
       });
-    expect(credentialOffer).toEqual(getMockData('diwala')?.credential.request);
+
+    // createCredentialRequest returns uniform format in draft 11
+    const credentialRequest = getCredentialRequestForVersion(credentialOffer, OpenId4VCIVersion.VER_1_0_08);
+
+    expect(credentialRequest).toEqual(getMockData('diwala')?.credential.request);
   });
 });