@sphereon/oid4vci-client 0.8.2-unstable.43 → 0.8.2-unstable.49
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/OpenID4VCIClient.d.ts +5 -18
- package/dist/OpenID4VCIClient.d.ts.map +1 -1
- package/dist/OpenID4VCIClient.js +58 -91
- package/dist/OpenID4VCIClient.js.map +1 -1
- package/dist/functions/AuthorizationUtil.d.ts +3 -0
- package/dist/functions/AuthorizationUtil.d.ts.map +1 -0
- package/dist/functions/AuthorizationUtil.js +22 -0
- package/dist/functions/AuthorizationUtil.js.map +1 -0
- package/dist/types/index.d.ts +49 -0
- package/dist/types/index.d.ts.map +1 -0
- package/dist/types/index.js +17 -0
- package/dist/types/index.js.map +1 -0
- package/lib/OpenID4VCIClient.ts +34 -87
- package/lib/__tests__/AccessTokenClient.spec.ts +2 -0
- package/lib/__tests__/CredentialRequestClient.spec.ts +10 -2
- package/lib/__tests__/EBSIE2E.spec.test.ts +2 -4
- package/lib/__tests__/OpenID4VCIClient.spec.ts +32 -26
- package/lib/__tests__/OpenID4VCIClientPAR.spec.ts +19 -21
- package/lib/__tests__/SdJwt.spec.ts +2 -0
- package/lib/functions/AuthorizationUtil.ts +20 -0
- package/lib/types/index.ts +56 -0
- package/package.json +3 -3
|
@@ -1,27 +1,16 @@
|
|
|
1
|
-
import { AccessTokenResponse, Alg, AuthzFlowType,
|
|
1
|
+
import { AccessTokenResponse, Alg, AuthzFlowType, CredentialOfferRequestWithBaseUrl, CredentialResponse, CredentialSupported, EndpointMetadataResult, JWK, OID4VCICredentialFormat, OpenId4VCIVersion, ProofOfPossessionCallbacks } from '@sphereon/oid4vci-common';
|
|
2
2
|
import { CredentialFormat } from '@sphereon/ssi-types';
|
|
3
|
-
|
|
4
|
-
type: 'openid_credential' | string;
|
|
5
|
-
locations?: string | string[];
|
|
6
|
-
format: CredentialFormat | CredentialFormat[];
|
|
7
|
-
[s: string]: unknown;
|
|
8
|
-
}
|
|
9
|
-
interface AuthRequestOpts {
|
|
10
|
-
codeChallenge: string;
|
|
11
|
-
codeChallengeMethod?: CodeChallengeMethod;
|
|
12
|
-
authorizationDetails?: AuthDetails | AuthDetails[];
|
|
13
|
-
redirectUri: string;
|
|
14
|
-
scope?: string;
|
|
15
|
-
}
|
|
3
|
+
import { AuthDetails, AuthRequestOpts } from './types';
|
|
16
4
|
export declare class OpenID4VCIClient {
|
|
17
5
|
private readonly _credentialOffer?;
|
|
18
|
-
private _credentialIssuer;
|
|
6
|
+
private readonly _credentialIssuer;
|
|
19
7
|
private _clientId?;
|
|
20
8
|
private _kid;
|
|
21
9
|
private _jwk;
|
|
22
10
|
private _alg;
|
|
23
11
|
private _endpointMetadata;
|
|
24
12
|
private _accessTokenResponse;
|
|
13
|
+
private _pkce;
|
|
25
14
|
private constructor();
|
|
26
15
|
static fromCredentialIssuer({ kid, alg, retrieveServerMetadata, clientId, credentialIssuer, }: {
|
|
27
16
|
credentialIssuer: string;
|
|
@@ -39,8 +28,7 @@ export declare class OpenID4VCIClient {
|
|
|
39
28
|
clientId?: string;
|
|
40
29
|
}): Promise<OpenID4VCIClient>;
|
|
41
30
|
retrieveServerMetadata(): Promise<EndpointMetadataResult>;
|
|
42
|
-
createAuthorizationRequestUrl(
|
|
43
|
-
acquirePushedAuthorizationRequestURI({ codeChallengeMethod, codeChallenge, authorizationDetails, redirectUri, scope, }: AuthRequestOpts): Promise<string>;
|
|
31
|
+
createAuthorizationRequestUrl(opts: AuthRequestOpts): Promise<string>;
|
|
44
32
|
handleAuthorizationDetails(authorizationDetails?: AuthDetails | AuthDetails[]): AuthDetails | AuthDetails[] | undefined;
|
|
45
33
|
private handleLocations;
|
|
46
34
|
acquireAccessToken(opts?: {
|
|
@@ -80,5 +68,4 @@ export declare class OpenID4VCIClient {
|
|
|
80
68
|
private assertServerMetadata;
|
|
81
69
|
private assertAccessToken;
|
|
82
70
|
}
|
|
83
|
-
export {};
|
|
84
71
|
//# sourceMappingURL=OpenID4VCIClient.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"OpenID4VCIClient.d.ts","sourceRoot":"","sources":["../lib/OpenID4VCIClient.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,mBAAmB,EACnB,GAAG,EACH,aAAa,
|
|
1
|
+
{"version":3,"file":"OpenID4VCIClient.d.ts","sourceRoot":"","sources":["../lib/OpenID4VCIClient.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,mBAAmB,EACnB,GAAG,EACH,aAAa,EAGb,iCAAiC,EACjC,kBAAkB,EAClB,mBAAmB,EACnB,sBAAsB,EAKtB,GAAG,EAEH,uBAAuB,EACvB,iBAAiB,EACjB,0BAA0B,EAG3B,MAAM,0BAA0B,CAAC;AAClC,OAAO,EAAE,gBAAgB,EAAE,MAAM,qBAAqB,CAAC;AAUvD,OAAO,EAAE,WAAW,EAAE,eAAe,EAAqB,MAAM,SAAS,CAAC;AAI1E,qBAAa,gBAAgB;IAC3B,OAAO,CAAC,QAAQ,CAAC,gBAAgB,CAAC,CAAoC;IACtE,OAAO,CAAC,QAAQ,CAAC,iBAAiB,CAAS;IAC3C,OAAO,CAAC,SAAS,CAAC,CAAS;IAC3B,OAAO,CAAC,IAAI,CAAqB;IACjC,OAAO,CAAC,IAAI,CAAkB;IAC9B,OAAO,CAAC,IAAI,CAA2B;IACvC,OAAO,CAAC,iBAAiB,CAAqC;IAC9D,OAAO,CAAC,oBAAoB,CAAkC;IAC9D,OAAO,CAAC,KAAK,CAAgF;IAE7F,OAAO;WAwBa,oBAAoB,CAAC,EACvC,GAAG,EACH,GAAG,EACH,sBAAsB,EACtB,QAAQ,EACR,gBAAgB,GACjB,EAAE;QACD,gBAAgB,EAAE,MAAM,CAAC;QACzB,GAAG,CAAC,EAAE,MAAM,CAAC;QACb,GAAG,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC;QACnB,sBAAsB,CAAC,EAAE,OAAO,CAAC;QACjC,QAAQ,CAAC,EAAE,MAAM,CAAC;KACnB;WAQmB,OAAO,CAAC,EAC1B,GAAG,EACH,GAAG,EACH,GAAG,EACH,sBAAsB,EACtB,QAAQ,EACR,eAAe,GAChB,EAAE;QACD,GAAG,EAAE,MAAM,CAAC;QACZ,GAAG,CAAC,EAAE,MAAM,CAAC;QACb,GAAG,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC;QACnB,sBAAsB,CAAC,EAAE,OAAO,CAAC;QACjC,eAAe,CAAC,EAAE,OAAO,CAAC;QAC1B,QAAQ,CAAC,EAAE,MAAM,CAAC;KACnB,GAAG,OAAO,CAAC,gBAAgB,CAAC;IAchB,sBAAsB,IAAI,OAAO,CAAC,sBAAsB,CAAC;IAczD,6BAA6B,CAAC,IAAI,EAAE,eAAe,GAAG,OAAO,CAAC,MAAM,CAAC;IAoF3E,0BAA0B,CAAC,oBAAoB,CAAC,EAAE,WAAW,GAAG,WAAW,EAAE,GAAG,WAAW,GAAG,WAAW,EAAE,GAAG,SAAS;IAW9H,OAAO,CAAC,eAAe;IAkBV,kBAAkB,CAAC,IAAI,CAAC,EAAE;QACrC,GAAG,CAAC,EAAE,MAAM,CAAC;QACb,QAAQ,CAAC,EAAE,MAAM,CAAC;QAClB,YAAY,CAAC,EAAE,MAAM,CAAC;QACtB,IAAI,CAAC,EAAE,MAAM,CAAC;QACd,WAAW,CAAC,EAAE,MAAM,CAAC;KACtB,GAAG,OAAO,CAAC,mBAAmB,CAAC;IA6CnB,kBAAkB,CAAC,EAC9B,eAAe,EACf,cAAc,EACd,MAAM,EACN,GAAG,EACH,GAAG,EACH,GAAG,EACH,GAAG,EACH,uBAAuB,EACvB,8BAA8B,GAC/B,EAAE;QACD,eAAe,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;QACnC,cAAc,EAAE,0BAA0B,CAAC,GAAG,CAAC,CAAC;QAChD,MAAM,CAAC,EAAE,gBAAgB,GAAG,uBAAuB,CAAC;QACpD,GAAG,CAAC,EAAE,MAAM,CAAC;QACb,GAAG,CAAC,EAAE,GAAG,CAAC;QACV,GAAG,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC;QACnB,GAAG,CAAC,EAAE,MAAM,CAAC;QACb,uBAAuB,CAAC,EAAE,OAAO,CAAC;QAClC,8BAA8B,CAAC,EAAE,MAAM,CAAC;KACzC,GAAG,OAAO,CAAC,kBAAkB,CAAC;IAoG/B,uBAAuB,CACrB,yBAAyB,EAAE,OAAO,EAClC,MAAM,CAAC,EAAE,CAAC,uBAAuB,GAAG,MAAM,CAAC,GAAG,CAAC,uBAAuB,GAAG,MAAM,CAAC,EAAE,GACjF,mBAAmB,EAAE;IASxB,uBAAuB,IAAI,MAAM,EAAE,EAAE;IAwBrC,wBAAwB,IAAI,aAAa,EAAE;IAI3C,IAAI,eAAe,IAAI,iCAAiC,GAAG,SAAS,CAEnE;IAEM,OAAO,IAAI,iBAAiB;IAInC,IAAW,gBAAgB,IAAI,sBAAsB,CAIpD;IAED,IAAI,GAAG,IAAI,MAAM,CAMhB;IAED,IAAI,GAAG,IAAI,MAAM,CAMhB;IAED,IAAI,QAAQ,IAAI,MAAM,GAAG,SAAS,CAEjC;IAED,IAAI,mBAAmB,IAAI,mBAAmB,CAI7C;IAEM,SAAS,IAAI,MAAM;IAKnB,sBAAsB,IAAI,MAAM;IAOhC,qBAAqB,IAAI,MAAM;IAK/B,6BAA6B,IAAI,OAAO;IAIxC,6BAA6B,IAAI,MAAM;IAK9C,OAAO,CAAC,gBAAgB;IAQxB,OAAO,CAAC,oBAAoB;IAM5B,OAAO,CAAC,iBAAiB;CAK1B"}
|
package/dist/OpenID4VCIClient.js
CHANGED
|
@@ -21,9 +21,12 @@ const CredentialRequestClientBuilder_1 = require("./CredentialRequestClientBuild
|
|
|
21
21
|
const MetadataClient_1 = require("./MetadataClient");
|
|
22
22
|
const ProofOfPossessionBuilder_1 = require("./ProofOfPossessionBuilder");
|
|
23
23
|
const functions_1 = require("./functions");
|
|
24
|
+
const AuthorizationUtil_1 = require("./functions/AuthorizationUtil");
|
|
25
|
+
const types_1 = require("./types");
|
|
24
26
|
const debug = (0, debug_1.default)('sphereon:oid4vci');
|
|
25
27
|
class OpenID4VCIClient {
|
|
26
28
|
constructor({ credentialOffer, clientId, kid, alg, credentialIssuer, }) {
|
|
29
|
+
this._pkce = { disabled: false, codeChallengeMethod: oid4vci_common_1.CodeChallengeMethod.S256 };
|
|
27
30
|
this._credentialOffer = credentialOffer;
|
|
28
31
|
const issuer = credentialIssuer !== null && credentialIssuer !== void 0 ? credentialIssuer : (credentialOffer ? (0, oid4vci_common_1.getIssuerFromCredentialOfferPayload)(credentialOffer.credential_offer) : undefined);
|
|
29
32
|
if (!issuer) {
|
|
@@ -74,102 +77,71 @@ class OpenID4VCIClient {
|
|
|
74
77
|
return this.endpointMetadata;
|
|
75
78
|
});
|
|
76
79
|
}
|
|
77
|
-
|
|
78
|
-
|
|
79
|
-
var _a, _b;
|
|
80
|
-
// Scope and authorization_details can be used in the same authorization request
|
|
81
|
-
// https://datatracker.ietf.org/doc/html/draft-ietf-oauth-rar-23#name-relationship-to-scope-param
|
|
82
|
-
if (!scope && !authorizationDetails) {
|
|
83
|
-
if (!this.credentialOffer) {
|
|
84
|
-
throw Error('Please provide a scope or authorization_details');
|
|
85
|
-
}
|
|
86
|
-
const creds = this.credentialOffer.credential_offer.credentials;
|
|
87
|
-
authorizationDetails = creds
|
|
88
|
-
.flatMap((cred) => (typeof cred === 'string' ? this.getCredentialsSupported(true) : cred))
|
|
89
|
-
.map((cred) => {
|
|
90
|
-
return Object.assign(Object.assign({}, cred), { type: 'openid_credential', locations: [this._credentialIssuer], format: cred.format });
|
|
91
|
-
});
|
|
92
|
-
if (authorizationDetails.length === 0) {
|
|
93
|
-
throw Error(`Could not create authorization details from credential offer. Please pass in explicit details`);
|
|
94
|
-
}
|
|
95
|
-
}
|
|
96
|
-
// todo: Probably can go with current logic in MetadataClient who will always set the authorization_endpoint when found
|
|
97
|
-
// handling this because of the support for v1_0-08
|
|
98
|
-
if (this._endpointMetadata &&
|
|
99
|
-
this._endpointMetadata.credentialIssuerMetadata &&
|
|
100
|
-
'authorization_endpoint' in this._endpointMetadata.credentialIssuerMetadata) {
|
|
101
|
-
this._endpointMetadata.authorization_endpoint = this._endpointMetadata.credentialIssuerMetadata.authorization_endpoint;
|
|
102
|
-
}
|
|
103
|
-
if (!((_a = this._endpointMetadata) === null || _a === void 0 ? void 0 : _a.authorization_endpoint)) {
|
|
104
|
-
throw Error('Server metadata does not contain authorization endpoint');
|
|
105
|
-
}
|
|
106
|
-
// add 'openid' scope if not present
|
|
107
|
-
if (!(scope === null || scope === void 0 ? void 0 : scope.includes('openid'))) {
|
|
108
|
-
scope = ['openid', scope].filter((s) => !!s).join(' ');
|
|
109
|
-
}
|
|
110
|
-
const queryObj = {
|
|
111
|
-
response_type: oid4vci_common_1.ResponseType.AUTH_CODE,
|
|
112
|
-
code_challenge_method: codeChallengeMethod !== null && codeChallengeMethod !== void 0 ? codeChallengeMethod : oid4vci_common_1.CodeChallengeMethod.SHA256,
|
|
113
|
-
code_challenge: codeChallenge,
|
|
114
|
-
authorization_details: JSON.stringify(this.handleAuthorizationDetails(authorizationDetails)),
|
|
115
|
-
redirect_uri: redirectUri,
|
|
116
|
-
scope: scope,
|
|
117
|
-
};
|
|
118
|
-
if (this.clientId) {
|
|
119
|
-
queryObj['client_id'] = this.clientId;
|
|
120
|
-
}
|
|
121
|
-
if ((_b = this.credentialOffer) === null || _b === void 0 ? void 0 : _b.issuerState) {
|
|
122
|
-
queryObj['issuer_state'] = this.credentialOffer.issuerState;
|
|
123
|
-
}
|
|
124
|
-
return (0, functions_1.convertJsonToURI)(queryObj, {
|
|
125
|
-
baseUrl: this._endpointMetadata.authorization_endpoint,
|
|
126
|
-
uriTypeProperties: ['redirect_uri', 'scope', 'authorization_details', 'issuer_state'],
|
|
127
|
-
mode: oid4vci_common_1.JsonURIMode.X_FORM_WWW_URLENCODED,
|
|
128
|
-
// We do not add the version here, as this always needs to be form encoded
|
|
129
|
-
});
|
|
130
|
-
}
|
|
131
|
-
// todo: Unify this method with the create auth request url method
|
|
132
|
-
acquirePushedAuthorizationRequestURI({ codeChallengeMethod, codeChallenge, authorizationDetails, redirectUri, scope, }) {
|
|
133
|
-
var _a, _b, _c;
|
|
80
|
+
createAuthorizationRequestUrl(opts) {
|
|
81
|
+
var _a, _b, _c, _d, _e, _f, _g;
|
|
134
82
|
return __awaiter(this, void 0, void 0, function* () {
|
|
83
|
+
const { redirectUri } = opts;
|
|
84
|
+
let { scope, authorizationDetails } = opts;
|
|
85
|
+
const parMode = ((_b = (_a = this._endpointMetadata) === null || _a === void 0 ? void 0 : _a.credentialIssuerMetadata) === null || _b === void 0 ? void 0 : _b.require_pushed_authorization_requests)
|
|
86
|
+
? types_1.PARMode.REQUIRE
|
|
87
|
+
: (_c = opts.parMode) !== null && _c !== void 0 ? _c : types_1.PARMode.AUTO;
|
|
88
|
+
this._pkce = (0, AuthorizationUtil_1.createPKCEOpts)(Object.assign(Object.assign({}, this._pkce), opts.pkce));
|
|
135
89
|
// Scope and authorization_details can be used in the same authorization request
|
|
136
90
|
// https://datatracker.ietf.org/doc/html/draft-ietf-oauth-rar-23#name-relationship-to-scope-param
|
|
137
91
|
if (!scope && !authorizationDetails) {
|
|
138
|
-
|
|
92
|
+
if (!this.credentialOffer) {
|
|
93
|
+
throw Error('Please provide a scope or authorization_details');
|
|
94
|
+
}
|
|
95
|
+
const creds = this.credentialOffer.credential_offer.credentials;
|
|
96
|
+
authorizationDetails = creds
|
|
97
|
+
.flatMap((cred) => (typeof cred === 'string' ? this.getCredentialsSupported(true) : cred))
|
|
98
|
+
.map((cred) => {
|
|
99
|
+
return Object.assign(Object.assign({}, cred), { type: 'openid_credential', locations: [this._credentialIssuer], format: cred.format });
|
|
100
|
+
});
|
|
101
|
+
if (authorizationDetails.length === 0) {
|
|
102
|
+
throw Error(`Could not create authorization details from credential offer. Please pass in explicit details`);
|
|
103
|
+
}
|
|
139
104
|
}
|
|
140
|
-
//
|
|
141
|
-
//
|
|
142
|
-
|
|
143
|
-
|
|
144
|
-
|
|
145
|
-
|
|
146
|
-
typeof this._endpointMetadata.credentialIssuerMetadata.pushed_authorization_request_endpoint !== 'string') {
|
|
147
|
-
throw Error('Server metadata does not contain pushed authorization request endpoint');
|
|
105
|
+
// todo: Probably can go with current logic in MetadataClient who will always set the authorization_endpoint when found
|
|
106
|
+
// handling this because of the support for v1_0-08
|
|
107
|
+
if (this._endpointMetadata &&
|
|
108
|
+
this._endpointMetadata.credentialIssuerMetadata &&
|
|
109
|
+
'authorization_endpoint' in this._endpointMetadata.credentialIssuerMetadata) {
|
|
110
|
+
this._endpointMetadata.authorization_endpoint = this._endpointMetadata.credentialIssuerMetadata.authorization_endpoint;
|
|
148
111
|
}
|
|
149
|
-
|
|
112
|
+
if (!((_d = this._endpointMetadata) === null || _d === void 0 ? void 0 : _d.authorization_endpoint)) {
|
|
113
|
+
throw Error('Server metadata does not contain authorization endpoint');
|
|
114
|
+
}
|
|
115
|
+
const parEndpoint = (_e = this._endpointMetadata.credentialIssuerMetadata) === null || _e === void 0 ? void 0 : _e.pushed_authorization_request_endpoint;
|
|
150
116
|
// add 'openid' scope if not present
|
|
151
117
|
if (!(scope === null || scope === void 0 ? void 0 : scope.includes('openid'))) {
|
|
152
118
|
scope = ['openid', scope].filter((s) => !!s).join(' ');
|
|
153
119
|
}
|
|
154
|
-
|
|
155
|
-
|
|
156
|
-
|
|
157
|
-
|
|
158
|
-
authorization_details: JSON.stringify(this.handleAuthorizationDetails(authorizationDetails)),
|
|
159
|
-
redirect_uri: redirectUri,
|
|
160
|
-
scope: scope,
|
|
161
|
-
};
|
|
120
|
+
let queryObj = Object.assign(Object.assign({ response_type: oid4vci_common_1.ResponseType.AUTH_CODE }, (!this._pkce.disabled && {
|
|
121
|
+
code_challenge_method: (_f = this._pkce.codeChallengeMethod) !== null && _f !== void 0 ? _f : oid4vci_common_1.CodeChallengeMethod.S256,
|
|
122
|
+
code_challenge: this._pkce.codeChallenge,
|
|
123
|
+
})), { authorization_details: JSON.stringify(this.handleAuthorizationDetails(authorizationDetails)), redirect_uri: redirectUri, scope: scope });
|
|
162
124
|
if (this.clientId) {
|
|
163
125
|
queryObj['client_id'] = this.clientId;
|
|
164
126
|
}
|
|
165
|
-
if ((
|
|
127
|
+
if ((_g = this.credentialOffer) === null || _g === void 0 ? void 0 : _g.issuerState) {
|
|
166
128
|
queryObj['issuer_state'] = this.credentialOffer.issuerState;
|
|
167
129
|
}
|
|
168
|
-
|
|
169
|
-
|
|
170
|
-
|
|
171
|
-
|
|
130
|
+
if (!parEndpoint && parMode === types_1.PARMode.REQUIRE) {
|
|
131
|
+
throw Error(`PAR mode is set to required by Authorization Server does not support PAR!`);
|
|
132
|
+
}
|
|
133
|
+
else if (parEndpoint && parMode !== types_1.PARMode.NEVER) {
|
|
134
|
+
const parResponse = yield (0, functions_1.formPost)(parEndpoint, new URLSearchParams(queryObj));
|
|
135
|
+
if (parResponse.errorBody || !parResponse.successBody) {
|
|
136
|
+
throw Error(`PAR error`);
|
|
137
|
+
}
|
|
138
|
+
queryObj = { request_uri: parResponse.successBody.request_uri };
|
|
139
|
+
}
|
|
140
|
+
return (0, functions_1.convertJsonToURI)(queryObj, {
|
|
141
|
+
baseUrl: this._endpointMetadata.authorization_endpoint,
|
|
142
|
+
uriTypeProperties: ['request_uri', 'redirect_uri', 'scope', 'authorization_details', 'issuer_state'],
|
|
172
143
|
mode: oid4vci_common_1.JsonURIMode.X_FORM_WWW_URLENCODED,
|
|
144
|
+
// We do not add the version here, as this always needs to be form encoded
|
|
173
145
|
});
|
|
174
146
|
});
|
|
175
147
|
}
|
|
@@ -205,23 +177,18 @@ class OpenID4VCIClient {
|
|
|
205
177
|
acquireAccessToken(opts) {
|
|
206
178
|
var _a, _b;
|
|
207
179
|
return __awaiter(this, void 0, void 0, function* () {
|
|
208
|
-
const { pin, clientId,
|
|
180
|
+
const { pin, clientId, code, redirectUri } = opts !== null && opts !== void 0 ? opts : {};
|
|
181
|
+
if (opts === null || opts === void 0 ? void 0 : opts.codeVerifier) {
|
|
182
|
+
this._pkce.codeVerifier = opts.codeVerifier;
|
|
183
|
+
}
|
|
209
184
|
this.assertIssuerData();
|
|
210
185
|
if (clientId) {
|
|
211
186
|
this._clientId = clientId;
|
|
212
187
|
}
|
|
213
188
|
if (!this._accessTokenResponse) {
|
|
214
189
|
const accessTokenClient = new AccessTokenClient_1.AccessTokenClient();
|
|
215
|
-
const response = yield accessTokenClient.acquireAccessToken({
|
|
216
|
-
|
|
217
|
-
metadata: this.endpointMetadata,
|
|
218
|
-
credentialIssuer: this.getIssuer(),
|
|
219
|
-
pin,
|
|
220
|
-
codeVerifier,
|
|
221
|
-
code,
|
|
222
|
-
redirectUri,
|
|
223
|
-
asOpts: { clientId },
|
|
224
|
-
});
|
|
190
|
+
const response = yield accessTokenClient.acquireAccessToken(Object.assign(Object.assign({ credentialOffer: this.credentialOffer, metadata: this.endpointMetadata, credentialIssuer: this.getIssuer(), pin }, (!this._pkce.disabled && { codeVerifier: this._pkce.codeVerifier })), { code,
|
|
191
|
+
redirectUri, asOpts: { clientId } }));
|
|
225
192
|
if (response.errorBody) {
|
|
226
193
|
debug(`Access token error:\r\n${response.errorBody}`);
|
|
227
194
|
throw Error(`Retrieving an access token from ${(_a = this._endpointMetadata) === null || _a === void 0 ? void 0 : _a.token_endpoint} for issuer ${this.getIssuer()} failed with status: ${response.origResponse.status}`);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"OpenID4VCIClient.js","sourceRoot":"","sources":["../lib/OpenID4VCIClient.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,6DAqBkC;AAElC,kDAA0B;AAE1B,2DAAwD;AACxD,mEAAgE;AAChE,qFAAkF;AAClF,qDAAkD;AAClD,yEAAsE;AACtE,2CAAyD;AAEzD,MAAM,KAAK,GAAG,IAAA,eAAK,EAAC,kBAAkB,CAAC,CAAC;AAkBxC,MAAa,gBAAgB;IAU3B,YAAoB,EAClB,eAAe,EACf,QAAQ,EACR,GAAG,EACH,GAAG,EACH,gBAAgB,GAOjB;QACC,IAAI,CAAC,gBAAgB,GAAG,eAAe,CAAC;QACxC,MAAM,MAAM,GAAG,gBAAgB,aAAhB,gBAAgB,cAAhB,gBAAgB,GAAI,CAAC,eAAe,CAAC,CAAC,CAAC,IAAA,oDAAmC,EAAC,eAAe,CAAC,gBAAgB,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC;QACzI,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,MAAM,KAAK,CAAC,qDAAqD,CAAC,CAAC;QACrE,CAAC;QACD,IAAI,CAAC,iBAAiB,GAAG,MAAM,CAAC;QAChC,IAAI,CAAC,IAAI,GAAG,GAAG,CAAC;QAChB,IAAI,CAAC,IAAI,GAAG,GAAG,CAAC;QAChB,IAAI,CAAC,SAAS,GAAG,QAAQ,CAAC;IAC5B,CAAC;IAEM,MAAM,CAAO,oBAAoB,CAAC,EACvC,GAAG,EACH,GAAG,EACH,sBAAsB,EACtB,QAAQ,EACR,gBAAgB,GAOjB;;YACC,MAAM,MAAM,GAAG,IAAI,gBAAgB,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,QAAQ,EAAE,gBAAgB,EAAE,CAAC,CAAC;YAC9E,IAAI,sBAAsB,KAAK,SAAS,IAAI,sBAAsB,EAAE,CAAC;gBACnE,MAAM,MAAM,CAAC,sBAAsB,EAAE,CAAC;YACxC,CAAC;YACD,OAAO,MAAM,CAAC;QAChB,CAAC;KAAA;IAEM,MAAM,CAAO,OAAO,CAAC,EAC1B,GAAG,EACH,GAAG,EACH,GAAG,EACH,sBAAsB,EACtB,QAAQ,EACR,eAAe,GAQhB;;YACC,MAAM,MAAM,GAAG,IAAI,gBAAgB,CAAC;gBAClC,eAAe,EAAE,MAAM,6CAAqB,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,OAAO,EAAE,eAAe,EAAE,CAAC;gBACvF,GAAG;gBACH,GAAG;gBACH,QAAQ;aACT,CAAC,CAAC;YAEH,IAAI,sBAAsB,KAAK,SAAS,IAAI,sBAAsB,EAAE,CAAC;gBACnE,MAAM,MAAM,CAAC,sBAAsB,EAAE,CAAC;YACxC,CAAC;YACD,OAAO,MAAM,CAAC;QAChB,CAAC;KAAA;IAEY,sBAAsB;;YACjC,IAAI,CAAC,gBAAgB,EAAE,CAAC;YACxB,IAAI,CAAC,IAAI,CAAC,iBAAiB,EAAE,CAAC;gBAC5B,IAAI,IAAI,CAAC,eAAe,EAAE,CAAC;oBACzB,IAAI,CAAC,iBAAiB,GAAG,MAAM,+BAAc,CAAC,sCAAsC,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;gBAC7G,CAAC;qBAAM,IAAI,IAAI,CAAC,iBAAiB,EAAE,CAAC;oBAClC,IAAI,CAAC,iBAAiB,GAAG,MAAM,+BAAc,CAAC,mBAAmB,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC;gBAC5F,CAAC;qBAAM,CAAC;oBACN,MAAM,KAAK,CAAC,oFAAoF,CAAC,CAAC;gBACpG,CAAC;YACH,CAAC;YACD,OAAO,IAAI,CAAC,gBAAgB,CAAC;QAC/B,CAAC;KAAA;IAED,8CAA8C;IAEvC,6BAA6B,CAAC,EAAE,mBAAmB,EAAE,aAAa,EAAE,oBAAoB,EAAE,WAAW,EAAE,KAAK,EAAmB;;QACpI,gFAAgF;QAChF,iGAAiG;QACjG,IAAI,CAAC,KAAK,IAAI,CAAC,oBAAoB,EAAE,CAAC;YACpC,IAAI,CAAC,IAAI,CAAC,eAAe,EAAE,CAAC;gBAC1B,MAAM,KAAK,CAAC,iDAAiD,CAAC,CAAC;YACjE,CAAC;YACD,MAAM,KAAK,GAAG,IAAI,CAAC,eAAe,CAAC,gBAAgB,CAAC,WAAW,CAAC;YAEhE,oBAAoB,GAAG,KAAK;iBACzB,OAAO,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,OAAO,IAAI,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,uBAAuB,CAAC,IAAI,CAAC,CAAC,CAAC,CAAE,IAA4B,CAAC,CAAC;iBAClH,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE;gBACZ,OAAO,gCACF,IAAI,KACP,IAAI,EAAE,mBAAmB,EACzB,SAAS,EAAE,CAAC,IAAI,CAAC,iBAAiB,CAAC,EACnC,MAAM,EAAE,IAAI,CAAC,MAAM,GACE,CAAC;YAC1B,CAAC,CAAC,CAAC;YACL,IAAI,oBAAoB,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBACtC,MAAM,KAAK,CAAC,+FAA+F,CAAC,CAAC;YAC/G,CAAC;QACH,CAAC;QACD,uHAAuH;QACvH,oDAAoD;QACpD,IACE,IAAI,CAAC,iBAAiB;YACtB,IAAI,CAAC,iBAAiB,CAAC,wBAAwB;YAC/C,wBAAwB,IAAI,IAAI,CAAC,iBAAiB,CAAC,wBAAwB,EAC3E,CAAC;YACD,IAAI,CAAC,iBAAiB,CAAC,sBAAsB,GAAG,IAAI,CAAC,iBAAiB,CAAC,wBAAwB,CAAC,sBAAgC,CAAC;QACnI,CAAC;QACD,IAAI,CAAC,CAAA,MAAA,IAAI,CAAC,iBAAiB,0CAAE,sBAAsB,CAAA,EAAE,CAAC;YACpD,MAAM,KAAK,CAAC,yDAAyD,CAAC,CAAC;QACzE,CAAC;QAED,oCAAoC;QACpC,IAAI,CAAC,CAAA,KAAK,aAAL,KAAK,uBAAL,KAAK,CAAE,QAAQ,CAAC,QAAQ,CAAC,CAAA,EAAE,CAAC;YAC/B,KAAK,GAAG,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QACzD,CAAC;QAED,MAAM,QAAQ,GAA8B;YAC1C,aAAa,EAAE,6BAAY,CAAC,SAAS;YACrC,qBAAqB,EAAE,mBAAmB,aAAnB,mBAAmB,cAAnB,mBAAmB,GAAI,oCAAmB,CAAC,MAAM;YACxE,cAAc,EAAE,aAAa;YAC7B,qBAAqB,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,0BAA0B,CAAC,oBAAoB,CAAC,CAAC;YAC5F,YAAY,EAAE,WAAW;YACzB,KAAK,EAAE,KAAK;SACb,CAAC;QAEF,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;YAClB,QAAQ,CAAC,WAAW,CAAC,GAAG,IAAI,CAAC,QAAQ,CAAC;QACxC,CAAC;QAED,IAAI,MAAA,IAAI,CAAC,eAAe,0CAAE,WAAW,EAAE,CAAC;YACtC,QAAQ,CAAC,cAAc,CAAC,GAAG,IAAI,CAAC,eAAe,CAAC,WAAW,CAAC;QAC9D,CAAC;QAED,OAAO,IAAA,4BAAgB,EAAC,QAAQ,EAAE;YAChC,OAAO,EAAE,IAAI,CAAC,iBAAiB,CAAC,sBAAsB;YACtD,iBAAiB,EAAE,CAAC,cAAc,EAAE,OAAO,EAAE,uBAAuB,EAAE,cAAc,CAAC;YACrF,IAAI,EAAE,4BAAW,CAAC,qBAAqB;YACvC,0EAA0E;SAC3E,CAAC,CAAC;IACL,CAAC;IAED,kEAAkE;IACrD,oCAAoC,CAAC,EAChD,mBAAmB,EACnB,aAAa,EACb,oBAAoB,EACpB,WAAW,EACX,KAAK,GACW;;;YAChB,gFAAgF;YAChF,iGAAiG;YACjG,IAAI,CAAC,KAAK,IAAI,CAAC,oBAAoB,EAAE,CAAC;gBACpC,MAAM,KAAK,CAAC,iDAAiD,CAAC,CAAC;YACjE,CAAC;YAED,6JAA6J;YAC7J,wIAAwI;YACxI,iCAAiC;YACjC,0BAA0B;YAC1B,IACE,CAAC,CAAA,MAAA,IAAI,CAAC,iBAAiB,0CAAE,wBAAwB,CAAA;gBACjD,CAAC,CAAC,uCAAuC,IAAI,IAAI,CAAC,iBAAiB,CAAC,wBAAwB,CAAC;gBAC7F,OAAO,IAAI,CAAC,iBAAiB,CAAC,wBAAwB,CAAC,qCAAqC,KAAK,QAAQ,EACzG,CAAC;gBACD,MAAM,KAAK,CAAC,wEAAwE,CAAC,CAAC;YACxF,CAAC;YACD,MAAM,WAAW,GAAW,IAAI,CAAC,iBAAiB,CAAC,wBAAwB,CAAC,qCAAqC,CAAC;YAElH,oCAAoC;YACpC,IAAI,CAAC,CAAA,KAAK,aAAL,KAAK,uBAAL,KAAK,CAAE,QAAQ,CAAC,QAAQ,CAAC,CAAA,EAAE,CAAC;gBAC/B,KAAK,GAAG,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;YACzD,CAAC;YAED,MAAM,QAAQ,GAA8B;gBAC1C,aAAa,EAAE,6BAAY,CAAC,SAAS;gBACrC,qBAAqB,EAAE,mBAAmB,aAAnB,mBAAmB,cAAnB,mBAAmB,GAAI,oCAAmB,CAAC,MAAM;gBACxE,cAAc,EAAE,aAAa;gBAC7B,qBAAqB,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,0BAA0B,CAAC,oBAAoB,CAAC,CAAC;gBAC5F,YAAY,EAAE,WAAW;gBACzB,KAAK,EAAE,KAAK;aACb,CAAC;YAEF,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;gBAClB,QAAQ,CAAC,WAAW,CAAC,GAAG,IAAI,CAAC,QAAQ,CAAC;YACxC,CAAC;YAED,IAAI,MAAA,IAAI,CAAC,eAAe,0CAAE,WAAW,EAAE,CAAC;gBACtC,QAAQ,CAAC,cAAc,CAAC,GAAG,IAAI,CAAC,eAAe,CAAC,WAAW,CAAC;YAC9D,CAAC;YAED,MAAM,QAAQ,GAAG,MAAM,IAAA,oBAAQ,EAA8B,WAAW,EAAE,IAAI,eAAe,CAAC,QAAQ,CAAC,CAAC,CAAC;YAEzG,OAAO,IAAA,4BAAgB,EACrB,EAAE,WAAW,EAAE,MAAA,QAAQ,CAAC,WAAW,0CAAE,WAAW,EAAE,EAClD;gBACE,OAAO,EAAE,IAAI,CAAC,iBAAiB,CAAC,wBAAwB,CAAC,sBAAsB;gBAC/E,iBAAiB,EAAE,CAAC,aAAa,CAAC;gBAClC,IAAI,EAAE,4BAAW,CAAC,qBAAqB;aACxC,CACF,CAAC;;KACH;IAEM,0BAA0B,CAAC,oBAAkD;QAClF,IAAI,oBAAoB,EAAE,CAAC;YACzB,IAAI,KAAK,CAAC,OAAO,CAAC,oBAAoB,CAAC,EAAE,CAAC;gBACxC,OAAO,oBAAoB,CAAC,GAAG,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,IAAI,CAAC,eAAe,mBAAM,KAAK,EAAG,CAAC,CAAC;YACjF,CAAC;iBAAM,CAAC;gBACN,OAAO,IAAI,CAAC,eAAe,mBAAM,oBAAoB,EAAG,CAAC;YAC3D,CAAC;QACH,CAAC;QACD,OAAO,oBAAoB,CAAC;IAC9B,CAAC;IAEO,eAAe,CAAC,oBAAiC;;QACvD,IACE,oBAAoB;YACpB,CAAC,CAAA,MAAA,IAAI,CAAC,gBAAgB,CAAC,wBAAwB,0CAAE,oBAAoB,KAAI,IAAI,CAAC,gBAAgB,CAAC,sBAAsB,CAAC,EACtH,CAAC;YACD,IAAI,oBAAoB,CAAC,SAAS,EAAE,CAAC;gBACnC,IAAI,KAAK,CAAC,OAAO,CAAC,oBAAoB,CAAC,SAAS,CAAC,EAAE,CAAC;oBACjD,oBAAoB,CAAC,SAAsB,CAAC,IAAI,CAAC,IAAI,CAAC,gBAAgB,CAAC,MAAM,CAAC,CAAC;gBAClF,CAAC;qBAAM,CAAC;oBACN,oBAAoB,CAAC,SAAS,GAAG,CAAC,oBAAoB,CAAC,SAAmB,EAAE,IAAI,CAAC,gBAAgB,CAAC,MAAM,CAAC,CAAC;gBAC5G,CAAC;YACH,CAAC;iBAAM,CAAC;gBACN,oBAAoB,CAAC,SAAS,GAAG,IAAI,CAAC,gBAAgB,CAAC,MAAM,CAAC;YAChE,CAAC;QACH,CAAC;QACD,OAAO,oBAAoB,CAAC;IAC9B,CAAC;IAEY,kBAAkB,CAAC,IAM/B;;;YACC,MAAM,EAAE,GAAG,EAAE,QAAQ,EAAE,YAAY,EAAE,IAAI,EAAE,WAAW,EAAE,GAAG,IAAI,aAAJ,IAAI,cAAJ,IAAI,GAAI,EAAE,CAAC;YAEtE,IAAI,CAAC,gBAAgB,EAAE,CAAC;YAExB,IAAI,QAAQ,EAAE,CAAC;gBACb,IAAI,CAAC,SAAS,GAAG,QAAQ,CAAC;YAC5B,CAAC;YACD,IAAI,CAAC,IAAI,CAAC,oBAAoB,EAAE,CAAC;gBAC/B,MAAM,iBAAiB,GAAG,IAAI,qCAAiB,EAAE,CAAC;gBAElD,MAAM,QAAQ,GAAG,MAAM,iBAAiB,CAAC,kBAAkB,CAAC;oBAC1D,eAAe,EAAE,IAAI,CAAC,eAAe;oBACrC,QAAQ,EAAE,IAAI,CAAC,gBAAgB;oBAC/B,gBAAgB,EAAE,IAAI,CAAC,SAAS,EAAE;oBAClC,GAAG;oBACH,YAAY;oBACZ,IAAI;oBACJ,WAAW;oBACX,MAAM,EAAE,EAAE,QAAQ,EAAE;iBACrB,CAAC,CAAC;gBAEH,IAAI,QAAQ,CAAC,SAAS,EAAE,CAAC;oBACvB,KAAK,CAAC,0BAA0B,QAAQ,CAAC,SAAS,EAAE,CAAC,CAAC;oBACtD,MAAM,KAAK,CACT,mCAAmC,MAAA,IAAI,CAAC,iBAAiB,0CAAE,cAAc,eAAe,IAAI,CAAC,SAAS,EAAE,wBACtG,QAAQ,CAAC,YAAY,CAAC,MACxB,EAAE,CACH,CAAC;gBACJ,CAAC;qBAAM,IAAI,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC;oBACjC,KAAK,CAAC,qCAAqC,CAAC,CAAC;oBAC7C,MAAM,KAAK,CACT,mCAAmC,MAAA,IAAI,CAAC,iBAAiB,0CACrD,cAAc,eAAe,IAAI,CAAC,SAAS,EAAE,+CAA+C,CACjG,CAAC;gBACJ,CAAC;gBACD,IAAI,CAAC,oBAAoB,GAAG,QAAQ,CAAC,WAAW,CAAC;YACnD,CAAC;YAED,OAAO,IAAI,CAAC,mBAAmB,CAAC;;KACjC;IAEY,kBAAkB,CAAC,EAC9B,eAAe,EACf,cAAc,EACd,MAAM,EACN,GAAG,EACH,GAAG,EACH,GAAG,EACH,GAAG,EACH,uBAAuB,EACvB,8BAA8B,GAW/B;;;YACC,IAAI,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,KAAK,SAAS,CAAC,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBACzD,MAAM,IAAI,KAAK,CAAC,kCAAiB,GAAG,UAAU,GAAG,KAAK,SAAS,UAAU,GAAG,KAAK,SAAS,EAAE,CAAC,CAAC;YAChG,CAAC;YAED,IAAI,GAAG;gBAAE,IAAI,CAAC,IAAI,GAAG,GAAG,CAAC;YACzB,IAAI,GAAG;gBAAE,IAAI,CAAC,IAAI,GAAG,GAAG,CAAC;YACzB,IAAI,GAAG;gBAAE,IAAI,CAAC,IAAI,GAAG,GAAG,CAAC;YAEzB,MAAM,cAAc,GAAG,IAAI,CAAC,eAAe;gBACzC,CAAC,CAAC,+DAA8B,CAAC,mBAAmB,CAAC;oBACjD,eAAe,EAAE,IAAI,CAAC,eAAe;oBACrC,QAAQ,EAAE,IAAI,CAAC,gBAAgB;iBAChC,CAAC;gBACJ,CAAC,CAAC,+DAA8B,CAAC,oBAAoB,CAAC;oBAClD,gBAAgB,EAAE,IAAI,CAAC,SAAS,EAAE;oBAClC,eAAe;oBACf,QAAQ,EAAE,IAAI,CAAC,gBAAgB;oBAC/B,OAAO,EAAE,IAAI,CAAC,OAAO,EAAE;iBACxB,CAAC,CAAC;YAEP,cAAc,CAAC,qBAAqB,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;YAC/D,cAAc,CAAC,2BAA2B,CAAC,uBAAuB,aAAvB,uBAAuB,cAAvB,uBAAuB,GAAI,KAAK,EAAE,8BAA8B,CAAC,CAAC;YAC7G,IAAI,MAAA,IAAI,CAAC,gBAAgB,0CAAE,wBAAwB,EAAE,CAAC;gBACpD,MAAM,QAAQ,GAAG,IAAI,CAAC,gBAAgB,CAAC,wBAAwB,CAAC;gBAChE,MAAM,KAAK,GAAG,KAAK,CAAC,OAAO,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,eAAe,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,eAAe,CAAC,CAAC;gBAE/F,IAAI,QAAQ,CAAC,qBAAqB,IAAI,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,qBAAqB,CAAC,EAAE,CAAC;oBACpF,IAAI,aAAa,GAAG,KAAK,CAAC;oBAE1B,QAAQ,CAAC,qBAAqB,CAAC,OAAO,CAAC,CAAC,mBAAmB,EAAE,EAAE;wBAC7D,MAAM,QAAQ,GAAG,IAAA,gDAA+B,EAAC,mBAAmB,CAAC,CAAC;wBACtE,IACE,QAAQ,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC;4BAC/C,CAAC,KAAK,CAAC,MAAM,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,KAAK,mBAAmB,CAAC,EAAE,IAAI,QAAQ,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAC5F,CAAC;4BACD,aAAa,GAAG,IAAI,CAAC;wBACvB,CAAC;oBACH,CAAC,CAAC,CAAC;oBAEH,IAAI,CAAC,aAAa,EAAE,CAAC;wBACnB,OAAO,CAAC,GAAG,CAAC,4BAA4B,IAAI,CAAC,SAAS,CAAC,eAAe,CAAC,gCAAgC,IAAI,CAAC,SAAS,EAAE,EAAE,CAAC,CAAC;wBAC3H,0HAA0H;oBAC5H,CAAC;gBACH,CAAC;qBAAM,IAAI,QAAQ,CAAC,qBAAqB,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,qBAAqB,CAAC,EAAE,CAAC;oBAC5F,MAAM,oBAAoB,GAAG,QAAQ,CAAC,qBAAqB,CAAC;oBAC5D,IAAI,KAAK,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,QAAQ,CAAC,qBAAqB,IAAI,CAAC,oBAAoB,CAAC,IAAI,CAAC,CAAC,EAAE,CAAC;wBACzF,MAAM,KAAK,CAAC,4BAA4B,IAAI,CAAC,SAAS,CAAC,eAAe,CAAC,4BAA4B,IAAI,CAAC,SAAS,EAAE,EAAE,CAAC,CAAC;oBACzH,CAAC;gBACH,CAAC;gBACD,4GAA4G;YAC9G,CAAC;YACD,MAAM,uBAAuB,GAAG,cAAc,CAAC,KAAK,EAAE,CAAC;YACvD,MAAM,YAAY,GAAG,mDAAwB,CAAC,uBAAuB,CAAC;gBACpE,mBAAmB,EAAE,IAAI,CAAC,mBAAmB;gBAC7C,SAAS,EAAE,cAAc;gBACzB,OAAO,EAAE,IAAI,CAAC,OAAO,EAAE;aACxB,CAAC;iBACC,UAAU,CAAC,IAAI,CAAC,SAAS,EAAE,CAAC;iBAC5B,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;YAErB,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC;gBACd,YAAY,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAClC,CAAC;YACD,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC;gBACd,YAAY,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAClC,CAAC;YAED,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;gBAClB,YAAY,CAAC,YAAY,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;YAC3C,CAAC;YACD,IAAI,GAAG,EAAE,CAAC;gBACR,YAAY,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;YAC5B,CAAC;YACD,MAAM,QAAQ,GAAG,MAAM,uBAAuB,CAAC,4BAA4B,CAAC;gBAC1E,UAAU,EAAE,YAAY;gBACxB,eAAe,EAAE,eAAe;gBAChC,MAAM;aACP,CAAC,CAAC;YACH,IAAI,QAAQ,CAAC,SAAS,EAAE,CAAC;gBACvB,KAAK,CAAC,gCAAgC,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,SAAS,CAAC,EAAE,CAAC,CAAC;gBAC5E,MAAM,KAAK,CACT,gCAAgC,MAAA,IAAI,CAAC,iBAAiB,0CAAE,mBAAmB,eAAe,IAAI,CAAC,SAAS,EAAE,wBACxG,QAAQ,CAAC,YAAY,CAAC,MACxB,EAAE,CACH,CAAC;YACJ,CAAC;iBAAM,IAAI,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC;gBACjC,KAAK,CAAC,2CAA2C,CAAC,CAAC;gBACnD,MAAM,KAAK,CACT,gCAAgC,MAAA,IAAI,CAAC,iBAAiB,0CAClD,mBAAmB,eAAe,IAAI,CAAC,SAAS,EAAE,+CAA+C,CACtG,CAAC;YACJ,CAAC;YACD,OAAO,QAAQ,CAAC,WAAW,CAAC;;KAC7B;IAED,oHAAoH;IACpH,6DAA6D;IAC7D,mEAAmE;IACnE,iDAAiD;IACjD,uBAAuB,CACrB,yBAAkC,EAClC,MAAkF;QAElF,OAAO,IAAA,wCAAuB,EAAC;YAC7B,cAAc,EAAE,IAAI,CAAC,gBAAgB,CAAC,wBAAwB;YAC9D,OAAO,EAAE,IAAI,CAAC,OAAO,EAAE;YACvB,MAAM,EAAE,MAAM;YACd,KAAK,EAAE,yBAAyB,CAAC,CAAC,CAAC,IAAI,CAAC,uBAAuB,EAAE,CAAC,CAAC,CAAC,SAAS;SAC9E,CAAC,CAAC;IACL,CAAC;IAED,uBAAuB;QACrB,IAAI,CAAC,IAAI,CAAC,eAAe,EAAE,CAAC;YAC1B,OAAO,EAAE,CAAC;QACZ,CAAC;aAAM,IAAI,IAAI,CAAC,eAAe,CAAC,OAAO,GAAG,kCAAiB,CAAC,UAAU,EAAE,CAAC;YACvE,MAAM,IAAI,GAAG,IAAI,CAAC,eAAe,CAAC,yBAA0D,CAAC;YAC7F,MAAM,KAAK,GAAa,OAAO,IAAI,CAAC,eAAe,KAAK,QAAQ,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,eAAe,CAAC;YACjH,MAAM,MAAM,GAAe,EAAE,CAAC;YAC9B,MAAM,CAAC,CAAC,CAAC,GAAG,KAAK,CAAC;YAClB,OAAO,MAAM,CAAC;QAChB,CAAC;aAAM,CAAC;YACN,OAAO,IAAI,CAAC,eAAe,CAAC,gBAAgB,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE;gBACjE,IAAI,OAAO,CAAC,KAAK,QAAQ,EAAE,CAAC;oBAC1B,OAAO,CAAC,CAAC,CAAC,CAAC;gBACb,CAAC;qBAAM,IAAI,OAAO,IAAI,CAAC,EAAE,CAAC;oBACxB,OAAO,CAAC,CAAC,KAAK,CAAC;gBACjB,CAAC;qBAAM,IAAI,KAAK,IAAI,CAAC,EAAE,CAAC;oBACtB,OAAO,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;gBACjB,CAAC;qBAAM,CAAC;oBACN,OAAO,CAAC,CAAC,qBAAqB,CAAC,KAAK,CAAC;gBACvC,CAAC;YACH,CAAC,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,wBAAwB;;QACtB,OAAO,MAAA,MAAA,IAAI,CAAC,eAAe,0CAAE,cAAc,mCAAI,CAAC,8BAAa,CAAC,uBAAuB,CAAC,CAAC;IACzF,CAAC;IAED,IAAI,eAAe;QACjB,OAAO,IAAI,CAAC,gBAAgB,CAAC;IAC/B,CAAC;IAEM,OAAO;;QACZ,OAAO,MAAA,MAAA,IAAI,CAAC,eAAe,0CAAE,OAAO,mCAAI,kCAAiB,CAAC,UAAU,CAAC;IACvE,CAAC;IAED,IAAW,gBAAgB;QACzB,IAAI,CAAC,oBAAoB,EAAE,CAAC;QAC5B,oEAAoE;QACpE,OAAO,IAAI,CAAC,iBAAkB,CAAC;IACjC,CAAC;IAED,IAAI,GAAG;QACL,IAAI,CAAC,gBAAgB,EAAE,CAAC;QACxB,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC;YACf,MAAM,IAAI,KAAK,CAAC,8BAA8B,CAAC,CAAC;QAClD,CAAC;QACD,OAAO,IAAI,CAAC,IAAI,CAAC;IACnB,CAAC;IAED,IAAI,GAAG;QACL,IAAI,CAAC,gBAAgB,EAAE,CAAC;QACxB,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC;YACf,MAAM,IAAI,KAAK,CAAC,8BAA8B,CAAC,CAAC;QAClD,CAAC;QACD,OAAO,IAAI,CAAC,IAAI,CAAC;IACnB,CAAC;IAED,IAAI,QAAQ;QACV,OAAO,IAAI,CAAC,SAAS,CAAC;IACxB,CAAC;IAED,IAAI,mBAAmB;QACrB,IAAI,CAAC,iBAAiB,EAAE,CAAC;QACzB,oEAAoE;QACpE,OAAO,IAAI,CAAC,oBAAqB,CAAC;IACpC,CAAC;IAEM,SAAS;QACd,IAAI,CAAC,gBAAgB,EAAE,CAAC;QACxB,OAAO,IAAI,CAAC,iBAAkB,CAAC;IACjC,CAAC;IAEM,sBAAsB;QAC3B,IAAI,CAAC,gBAAgB,EAAE,CAAC;QACxB,OAAO,IAAI,CAAC,gBAAgB;YAC1B,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC,cAAc;YACtC,CAAC,CAAC,qCAAiB,CAAC,iBAAiB,CAAC,EAAE,UAAU,EAAE,EAAE,MAAM,EAAE,IAAI,CAAC,SAAS,EAAE,EAAE,EAAE,CAAC,CAAC;IACxF,CAAC;IAEM,qBAAqB;QAC1B,IAAI,CAAC,gBAAgB,EAAE,CAAC;QACxB,OAAO,IAAI,CAAC,gBAAgB,CAAC,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC,mBAAmB,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,SAAS,EAAE,aAAa,CAAC;IAC9G,CAAC;IAEM,6BAA6B;QAClC,OAAO,CAAC,CAAC,IAAI,CAAC,sBAAsB,EAAE,CAAC;IACzC,CAAC;IACM,6BAA6B;QAClC,IAAI,CAAC,gBAAgB,EAAE,CAAC;QACxB,OAAO,IAAI,CAAC,gBAAgB,CAAC,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC,mBAAmB,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,SAAS,EAAE,aAAa,CAAC;IAC9G,CAAC;IACO,gBAAgB;QACtB,IAAI,CAAC,IAAI,CAAC,gBAAgB,IAAI,IAAI,CAAC,wBAAwB,EAAE,CAAC,QAAQ,CAAC,8BAAa,CAAC,wBAAwB,CAAC,EAAE,CAAC;YAC/G,MAAM,KAAK,CAAC,oDAAoD,CAAC,CAAC;QACpE,CAAC;aAAM,IAAI,CAAC,IAAI,CAAC,iBAAiB,EAAE,CAAC;YACnC,MAAM,KAAK,CAAC,oCAAoC,CAAC,CAAC;QACpD,CAAC;IACH,CAAC;IAEO,oBAAoB;QAC1B,IAAI,CAAC,IAAI,CAAC,iBAAiB,EAAE,CAAC;YAC5B,MAAM,KAAK,CAAC,oBAAoB,CAAC,CAAC;QACpC,CAAC;IACH,CAAC;IAEO,iBAAiB;QACvB,IAAI,CAAC,IAAI,CAAC,oBAAoB,EAAE,CAAC;YAC/B,MAAM,KAAK,CAAC,yBAAyB,CAAC,CAAC;QACzC,CAAC;IACH,CAAC;CACF;AAjiBD,4CAiiBC"}
|
|
1
|
+
{"version":3,"file":"OpenID4VCIClient.js","sourceRoot":"","sources":["../lib/OpenID4VCIClient.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,6DAqBkC;AAElC,kDAA0B;AAE1B,2DAAwD;AACxD,mEAAgE;AAChE,qFAAkF;AAClF,qDAAkD;AAClD,yEAAsE;AACtE,2CAAyD;AACzD,qEAA+D;AAC/D,mCAA0E;AAE1E,MAAM,KAAK,GAAG,IAAA,eAAK,EAAC,kBAAkB,CAAC,CAAC;AAExC,MAAa,gBAAgB;IAW3B,YAAoB,EAClB,eAAe,EACf,QAAQ,EACR,GAAG,EACH,GAAG,EACH,gBAAgB,GAOjB;QAdO,UAAK,GAAa,EAAE,QAAQ,EAAE,KAAK,EAAE,mBAAmB,EAAE,oCAAmB,CAAC,IAAI,EAAE,CAAC;QAe3F,IAAI,CAAC,gBAAgB,GAAG,eAAe,CAAC;QACxC,MAAM,MAAM,GAAG,gBAAgB,aAAhB,gBAAgB,cAAhB,gBAAgB,GAAI,CAAC,eAAe,CAAC,CAAC,CAAC,IAAA,oDAAmC,EAAC,eAAe,CAAC,gBAAgB,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC;QACzI,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,MAAM,KAAK,CAAC,qDAAqD,CAAC,CAAC;QACrE,CAAC;QACD,IAAI,CAAC,iBAAiB,GAAG,MAAM,CAAC;QAChC,IAAI,CAAC,IAAI,GAAG,GAAG,CAAC;QAChB,IAAI,CAAC,IAAI,GAAG,GAAG,CAAC;QAChB,IAAI,CAAC,SAAS,GAAG,QAAQ,CAAC;IAC5B,CAAC;IAEM,MAAM,CAAO,oBAAoB,CAAC,EACvC,GAAG,EACH,GAAG,EACH,sBAAsB,EACtB,QAAQ,EACR,gBAAgB,GAOjB;;YACC,MAAM,MAAM,GAAG,IAAI,gBAAgB,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,QAAQ,EAAE,gBAAgB,EAAE,CAAC,CAAC;YAC9E,IAAI,sBAAsB,KAAK,SAAS,IAAI,sBAAsB,EAAE,CAAC;gBACnE,MAAM,MAAM,CAAC,sBAAsB,EAAE,CAAC;YACxC,CAAC;YACD,OAAO,MAAM,CAAC;QAChB,CAAC;KAAA;IAEM,MAAM,CAAO,OAAO,CAAC,EAC1B,GAAG,EACH,GAAG,EACH,GAAG,EACH,sBAAsB,EACtB,QAAQ,EACR,eAAe,GAQhB;;YACC,MAAM,MAAM,GAAG,IAAI,gBAAgB,CAAC;gBAClC,eAAe,EAAE,MAAM,6CAAqB,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,OAAO,EAAE,eAAe,EAAE,CAAC;gBACvF,GAAG;gBACH,GAAG;gBACH,QAAQ;aACT,CAAC,CAAC;YAEH,IAAI,sBAAsB,KAAK,SAAS,IAAI,sBAAsB,EAAE,CAAC;gBACnE,MAAM,MAAM,CAAC,sBAAsB,EAAE,CAAC;YACxC,CAAC;YACD,OAAO,MAAM,CAAC;QAChB,CAAC;KAAA;IAEY,sBAAsB;;YACjC,IAAI,CAAC,gBAAgB,EAAE,CAAC;YACxB,IAAI,CAAC,IAAI,CAAC,iBAAiB,EAAE,CAAC;gBAC5B,IAAI,IAAI,CAAC,eAAe,EAAE,CAAC;oBACzB,IAAI,CAAC,iBAAiB,GAAG,MAAM,+BAAc,CAAC,sCAAsC,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;gBAC7G,CAAC;qBAAM,IAAI,IAAI,CAAC,iBAAiB,EAAE,CAAC;oBAClC,IAAI,CAAC,iBAAiB,GAAG,MAAM,+BAAc,CAAC,mBAAmB,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC;gBAC5F,CAAC;qBAAM,CAAC;oBACN,MAAM,KAAK,CAAC,oFAAoF,CAAC,CAAC;gBACpG,CAAC;YACH,CAAC;YACD,OAAO,IAAI,CAAC,gBAAgB,CAAC;QAC/B,CAAC;KAAA;IAEY,6BAA6B,CAAC,IAAqB;;;YAC9D,MAAM,EAAE,WAAW,EAAE,GAAG,IAAI,CAAC;YAC7B,IAAI,EAAE,KAAK,EAAE,oBAAoB,EAAE,GAAG,IAAI,CAAC;YAC3C,MAAM,OAAO,GAAG,CAAA,MAAA,MAAA,IAAI,CAAC,iBAAiB,0CAAE,wBAAwB,0CAAE,qCAAqC;gBACrG,CAAC,CAAC,eAAO,CAAC,OAAO;gBACjB,CAAC,CAAC,MAAA,IAAI,CAAC,OAAO,mCAAI,eAAO,CAAC,IAAI,CAAC;YACjC,IAAI,CAAC,KAAK,GAAG,IAAA,kCAAc,kCAAM,IAAI,CAAC,KAAK,GAAK,IAAI,CAAC,IAAI,EAAG,CAAC;YAC7D,gFAAgF;YAChF,iGAAiG;YACjG,IAAI,CAAC,KAAK,IAAI,CAAC,oBAAoB,EAAE,CAAC;gBACpC,IAAI,CAAC,IAAI,CAAC,eAAe,EAAE,CAAC;oBAC1B,MAAM,KAAK,CAAC,iDAAiD,CAAC,CAAC;gBACjE,CAAC;gBACD,MAAM,KAAK,GAAG,IAAI,CAAC,eAAe,CAAC,gBAAgB,CAAC,WAAW,CAAC;gBAEhE,oBAAoB,GAAG,KAAK;qBACzB,OAAO,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,OAAO,IAAI,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,uBAAuB,CAAC,IAAI,CAAC,CAAC,CAAC,CAAE,IAA4B,CAAC,CAAC;qBAClH,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE;oBACZ,OAAO,gCACF,IAAI,KACP,IAAI,EAAE,mBAAmB,EACzB,SAAS,EAAE,CAAC,IAAI,CAAC,iBAAiB,CAAC,EACnC,MAAM,EAAE,IAAI,CAAC,MAAM,GACE,CAAC;gBAC1B,CAAC,CAAC,CAAC;gBACL,IAAI,oBAAoB,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;oBACtC,MAAM,KAAK,CAAC,+FAA+F,CAAC,CAAC;gBAC/G,CAAC;YACH,CAAC;YACD,uHAAuH;YACvH,oDAAoD;YACpD,IACE,IAAI,CAAC,iBAAiB;gBACtB,IAAI,CAAC,iBAAiB,CAAC,wBAAwB;gBAC/C,wBAAwB,IAAI,IAAI,CAAC,iBAAiB,CAAC,wBAAwB,EAC3E,CAAC;gBACD,IAAI,CAAC,iBAAiB,CAAC,sBAAsB,GAAG,IAAI,CAAC,iBAAiB,CAAC,wBAAwB,CAAC,sBAAgC,CAAC;YACnI,CAAC;YACD,IAAI,CAAC,CAAA,MAAA,IAAI,CAAC,iBAAiB,0CAAE,sBAAsB,CAAA,EAAE,CAAC;gBACpD,MAAM,KAAK,CAAC,yDAAyD,CAAC,CAAC;YACzE,CAAC;YACD,MAAM,WAAW,GAAG,MAAA,IAAI,CAAC,iBAAiB,CAAC,wBAAwB,0CAAE,qCAAqC,CAAC;YAE3G,oCAAoC;YACpC,IAAI,CAAC,CAAA,KAAK,aAAL,KAAK,uBAAL,KAAK,CAAE,QAAQ,CAAC,QAAQ,CAAC,CAAA,EAAE,CAAC;gBAC/B,KAAK,GAAG,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;YACzD,CAAC;YAED,IAAI,QAAQ,iCACV,aAAa,EAAE,6BAAY,CAAC,SAAS,IAClC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,QAAQ,IAAI;gBAC1B,qBAAqB,EAAE,MAAA,IAAI,CAAC,KAAK,CAAC,mBAAmB,mCAAI,oCAAmB,CAAC,IAAI;gBACjF,cAAc,EAAE,IAAI,CAAC,KAAK,CAAC,aAAa;aACzC,CAAC,KACF,qBAAqB,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,0BAA0B,CAAC,oBAAoB,CAAC,CAAC,EAC5F,YAAY,EAAE,WAAW,EACzB,KAAK,EAAE,KAAK,GACb,CAAC;YAEF,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;gBAClB,QAAQ,CAAC,WAAW,CAAC,GAAG,IAAI,CAAC,QAAQ,CAAC;YACxC,CAAC;YAED,IAAI,MAAA,IAAI,CAAC,eAAe,0CAAE,WAAW,EAAE,CAAC;gBACtC,QAAQ,CAAC,cAAc,CAAC,GAAG,IAAI,CAAC,eAAe,CAAC,WAAW,CAAC;YAC9D,CAAC;YACD,IAAI,CAAC,WAAW,IAAI,OAAO,KAAK,eAAO,CAAC,OAAO,EAAE,CAAC;gBAChD,MAAM,KAAK,CAAC,2EAA2E,CAAC,CAAC;YAC3F,CAAC;iBAAM,IAAI,WAAW,IAAI,OAAO,KAAK,eAAO,CAAC,KAAK,EAAE,CAAC;gBACpD,MAAM,WAAW,GAAG,MAAM,IAAA,oBAAQ,EAA8B,WAAW,EAAE,IAAI,eAAe,CAAC,QAAQ,CAAC,CAAC,CAAC;gBAC5G,IAAI,WAAW,CAAC,SAAS,IAAI,CAAC,WAAW,CAAC,WAAW,EAAE,CAAC;oBACtD,MAAM,KAAK,CAAC,WAAW,CAAC,CAAC;gBAC3B,CAAC;gBACD,QAAQ,GAAG,EAAE,WAAW,EAAE,WAAW,CAAC,WAAW,CAAC,WAAW,EAAE,CAAC;YAClE,CAAC;YAED,OAAO,IAAA,4BAAgB,EAAC,QAAQ,EAAE;gBAChC,OAAO,EAAE,IAAI,CAAC,iBAAiB,CAAC,sBAAsB;gBACtD,iBAAiB,EAAE,CAAC,aAAa,EAAE,cAAc,EAAE,OAAO,EAAE,uBAAuB,EAAE,cAAc,CAAC;gBACpG,IAAI,EAAE,4BAAW,CAAC,qBAAqB;gBACvC,0EAA0E;aAC3E,CAAC,CAAC;;KACJ;IAEM,0BAA0B,CAAC,oBAAkD;QAClF,IAAI,oBAAoB,EAAE,CAAC;YACzB,IAAI,KAAK,CAAC,OAAO,CAAC,oBAAoB,CAAC,EAAE,CAAC;gBACxC,OAAO,oBAAoB,CAAC,GAAG,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,IAAI,CAAC,eAAe,mBAAM,KAAK,EAAG,CAAC,CAAC;YACjF,CAAC;iBAAM,CAAC;gBACN,OAAO,IAAI,CAAC,eAAe,mBAAM,oBAAoB,EAAG,CAAC;YAC3D,CAAC;QACH,CAAC;QACD,OAAO,oBAAoB,CAAC;IAC9B,CAAC;IAEO,eAAe,CAAC,oBAAiC;;QACvD,IACE,oBAAoB;YACpB,CAAC,CAAA,MAAA,IAAI,CAAC,gBAAgB,CAAC,wBAAwB,0CAAE,oBAAoB,KAAI,IAAI,CAAC,gBAAgB,CAAC,sBAAsB,CAAC,EACtH,CAAC;YACD,IAAI,oBAAoB,CAAC,SAAS,EAAE,CAAC;gBACnC,IAAI,KAAK,CAAC,OAAO,CAAC,oBAAoB,CAAC,SAAS,CAAC,EAAE,CAAC;oBACjD,oBAAoB,CAAC,SAAsB,CAAC,IAAI,CAAC,IAAI,CAAC,gBAAgB,CAAC,MAAM,CAAC,CAAC;gBAClF,CAAC;qBAAM,CAAC;oBACN,oBAAoB,CAAC,SAAS,GAAG,CAAC,oBAAoB,CAAC,SAAmB,EAAE,IAAI,CAAC,gBAAgB,CAAC,MAAM,CAAC,CAAC;gBAC5G,CAAC;YACH,CAAC;iBAAM,CAAC;gBACN,oBAAoB,CAAC,SAAS,GAAG,IAAI,CAAC,gBAAgB,CAAC,MAAM,CAAC;YAChE,CAAC;QACH,CAAC;QACD,OAAO,oBAAoB,CAAC;IAC9B,CAAC;IAEY,kBAAkB,CAAC,IAM/B;;;YACC,MAAM,EAAE,GAAG,EAAE,QAAQ,EAAE,IAAI,EAAE,WAAW,EAAE,GAAG,IAAI,aAAJ,IAAI,cAAJ,IAAI,GAAI,EAAE,CAAC;YAExD,IAAI,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,YAAY,EAAE,CAAC;gBACvB,IAAI,CAAC,KAAK,CAAC,YAAY,GAAG,IAAI,CAAC,YAAY,CAAC;YAC9C,CAAC;YACD,IAAI,CAAC,gBAAgB,EAAE,CAAC;YAExB,IAAI,QAAQ,EAAE,CAAC;gBACb,IAAI,CAAC,SAAS,GAAG,QAAQ,CAAC;YAC5B,CAAC;YACD,IAAI,CAAC,IAAI,CAAC,oBAAoB,EAAE,CAAC;gBAC/B,MAAM,iBAAiB,GAAG,IAAI,qCAAiB,EAAE,CAAC;gBAElD,MAAM,QAAQ,GAAG,MAAM,iBAAiB,CAAC,kBAAkB,+BACzD,eAAe,EAAE,IAAI,CAAC,eAAe,EACrC,QAAQ,EAAE,IAAI,CAAC,gBAAgB,EAC/B,gBAAgB,EAAE,IAAI,CAAC,SAAS,EAAE,EAClC,GAAG,IACA,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,QAAQ,IAAI,EAAE,YAAY,EAAE,IAAI,CAAC,KAAK,CAAC,YAAY,EAAE,CAAC,KACtE,IAAI;oBACJ,WAAW,EACX,MAAM,EAAE,EAAE,QAAQ,EAAE,IACpB,CAAC;gBAEH,IAAI,QAAQ,CAAC,SAAS,EAAE,CAAC;oBACvB,KAAK,CAAC,0BAA0B,QAAQ,CAAC,SAAS,EAAE,CAAC,CAAC;oBACtD,MAAM,KAAK,CACT,mCAAmC,MAAA,IAAI,CAAC,iBAAiB,0CAAE,cAAc,eAAe,IAAI,CAAC,SAAS,EAAE,wBACtG,QAAQ,CAAC,YAAY,CAAC,MACxB,EAAE,CACH,CAAC;gBACJ,CAAC;qBAAM,IAAI,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC;oBACjC,KAAK,CAAC,qCAAqC,CAAC,CAAC;oBAC7C,MAAM,KAAK,CACT,mCAAmC,MAAA,IAAI,CAAC,iBAAiB,0CACrD,cAAc,eAAe,IAAI,CAAC,SAAS,EAAE,+CAA+C,CACjG,CAAC;gBACJ,CAAC;gBACD,IAAI,CAAC,oBAAoB,GAAG,QAAQ,CAAC,WAAW,CAAC;YACnD,CAAC;YAED,OAAO,IAAI,CAAC,mBAAmB,CAAC;;KACjC;IAEY,kBAAkB,CAAC,EAC9B,eAAe,EACf,cAAc,EACd,MAAM,EACN,GAAG,EACH,GAAG,EACH,GAAG,EACH,GAAG,EACH,uBAAuB,EACvB,8BAA8B,GAW/B;;;YACC,IAAI,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,KAAK,SAAS,CAAC,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBACzD,MAAM,IAAI,KAAK,CAAC,kCAAiB,GAAG,UAAU,GAAG,KAAK,SAAS,UAAU,GAAG,KAAK,SAAS,EAAE,CAAC,CAAC;YAChG,CAAC;YAED,IAAI,GAAG;gBAAE,IAAI,CAAC,IAAI,GAAG,GAAG,CAAC;YACzB,IAAI,GAAG;gBAAE,IAAI,CAAC,IAAI,GAAG,GAAG,CAAC;YACzB,IAAI,GAAG;gBAAE,IAAI,CAAC,IAAI,GAAG,GAAG,CAAC;YAEzB,MAAM,cAAc,GAAG,IAAI,CAAC,eAAe;gBACzC,CAAC,CAAC,+DAA8B,CAAC,mBAAmB,CAAC;oBACjD,eAAe,EAAE,IAAI,CAAC,eAAe;oBACrC,QAAQ,EAAE,IAAI,CAAC,gBAAgB;iBAChC,CAAC;gBACJ,CAAC,CAAC,+DAA8B,CAAC,oBAAoB,CAAC;oBAClD,gBAAgB,EAAE,IAAI,CAAC,SAAS,EAAE;oBAClC,eAAe;oBACf,QAAQ,EAAE,IAAI,CAAC,gBAAgB;oBAC/B,OAAO,EAAE,IAAI,CAAC,OAAO,EAAE;iBACxB,CAAC,CAAC;YAEP,cAAc,CAAC,qBAAqB,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;YAC/D,cAAc,CAAC,2BAA2B,CAAC,uBAAuB,aAAvB,uBAAuB,cAAvB,uBAAuB,GAAI,KAAK,EAAE,8BAA8B,CAAC,CAAC;YAC7G,IAAI,MAAA,IAAI,CAAC,gBAAgB,0CAAE,wBAAwB,EAAE,CAAC;gBACpD,MAAM,QAAQ,GAAG,IAAI,CAAC,gBAAgB,CAAC,wBAAwB,CAAC;gBAChE,MAAM,KAAK,GAAG,KAAK,CAAC,OAAO,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,eAAe,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,eAAe,CAAC,CAAC;gBAE/F,IAAI,QAAQ,CAAC,qBAAqB,IAAI,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,qBAAqB,CAAC,EAAE,CAAC;oBACpF,IAAI,aAAa,GAAG,KAAK,CAAC;oBAE1B,QAAQ,CAAC,qBAAqB,CAAC,OAAO,CAAC,CAAC,mBAAmB,EAAE,EAAE;wBAC7D,MAAM,QAAQ,GAAG,IAAA,gDAA+B,EAAC,mBAAmB,CAAC,CAAC;wBACtE,IACE,QAAQ,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC;4BAC/C,CAAC,KAAK,CAAC,MAAM,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,KAAK,mBAAmB,CAAC,EAAE,IAAI,QAAQ,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAC5F,CAAC;4BACD,aAAa,GAAG,IAAI,CAAC;wBACvB,CAAC;oBACH,CAAC,CAAC,CAAC;oBAEH,IAAI,CAAC,aAAa,EAAE,CAAC;wBACnB,OAAO,CAAC,GAAG,CAAC,4BAA4B,IAAI,CAAC,SAAS,CAAC,eAAe,CAAC,gCAAgC,IAAI,CAAC,SAAS,EAAE,EAAE,CAAC,CAAC;wBAC3H,0HAA0H;oBAC5H,CAAC;gBACH,CAAC;qBAAM,IAAI,QAAQ,CAAC,qBAAqB,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,qBAAqB,CAAC,EAAE,CAAC;oBAC5F,MAAM,oBAAoB,GAAG,QAAQ,CAAC,qBAAqB,CAAC;oBAC5D,IAAI,KAAK,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,QAAQ,CAAC,qBAAqB,IAAI,CAAC,oBAAoB,CAAC,IAAI,CAAC,CAAC,EAAE,CAAC;wBACzF,MAAM,KAAK,CAAC,4BAA4B,IAAI,CAAC,SAAS,CAAC,eAAe,CAAC,4BAA4B,IAAI,CAAC,SAAS,EAAE,EAAE,CAAC,CAAC;oBACzH,CAAC;gBACH,CAAC;gBACD,4GAA4G;YAC9G,CAAC;YACD,MAAM,uBAAuB,GAAG,cAAc,CAAC,KAAK,EAAE,CAAC;YACvD,MAAM,YAAY,GAAG,mDAAwB,CAAC,uBAAuB,CAAC;gBACpE,mBAAmB,EAAE,IAAI,CAAC,mBAAmB;gBAC7C,SAAS,EAAE,cAAc;gBACzB,OAAO,EAAE,IAAI,CAAC,OAAO,EAAE;aACxB,CAAC;iBACC,UAAU,CAAC,IAAI,CAAC,SAAS,EAAE,CAAC;iBAC5B,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;YAErB,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC;gBACd,YAAY,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAClC,CAAC;YACD,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC;gBACd,YAAY,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAClC,CAAC;YAED,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;gBAClB,YAAY,CAAC,YAAY,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;YAC3C,CAAC;YACD,IAAI,GAAG,EAAE,CAAC;gBACR,YAAY,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;YAC5B,CAAC;YACD,MAAM,QAAQ,GAAG,MAAM,uBAAuB,CAAC,4BAA4B,CAAC;gBAC1E,UAAU,EAAE,YAAY;gBACxB,eAAe,EAAE,eAAe;gBAChC,MAAM;aACP,CAAC,CAAC;YACH,IAAI,QAAQ,CAAC,SAAS,EAAE,CAAC;gBACvB,KAAK,CAAC,gCAAgC,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,SAAS,CAAC,EAAE,CAAC,CAAC;gBAC5E,MAAM,KAAK,CACT,gCAAgC,MAAA,IAAI,CAAC,iBAAiB,0CAAE,mBAAmB,eAAe,IAAI,CAAC,SAAS,EAAE,wBACxG,QAAQ,CAAC,YAAY,CAAC,MACxB,EAAE,CACH,CAAC;YACJ,CAAC;iBAAM,IAAI,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC;gBACjC,KAAK,CAAC,2CAA2C,CAAC,CAAC;gBACnD,MAAM,KAAK,CACT,gCAAgC,MAAA,IAAI,CAAC,iBAAiB,0CAClD,mBAAmB,eAAe,IAAI,CAAC,SAAS,EAAE,+CAA+C,CACtG,CAAC;YACJ,CAAC;YACD,OAAO,QAAQ,CAAC,WAAW,CAAC;;KAC7B;IAED,oHAAoH;IACpH,6DAA6D;IAC7D,mEAAmE;IACnE,iDAAiD;IACjD,uBAAuB,CACrB,yBAAkC,EAClC,MAAkF;QAElF,OAAO,IAAA,wCAAuB,EAAC;YAC7B,cAAc,EAAE,IAAI,CAAC,gBAAgB,CAAC,wBAAwB;YAC9D,OAAO,EAAE,IAAI,CAAC,OAAO,EAAE;YACvB,MAAM,EAAE,MAAM;YACd,KAAK,EAAE,yBAAyB,CAAC,CAAC,CAAC,IAAI,CAAC,uBAAuB,EAAE,CAAC,CAAC,CAAC,SAAS;SAC9E,CAAC,CAAC;IACL,CAAC;IAED,uBAAuB;QACrB,IAAI,CAAC,IAAI,CAAC,eAAe,EAAE,CAAC;YAC1B,OAAO,EAAE,CAAC;QACZ,CAAC;aAAM,IAAI,IAAI,CAAC,eAAe,CAAC,OAAO,GAAG,kCAAiB,CAAC,UAAU,EAAE,CAAC;YACvE,MAAM,IAAI,GAAG,IAAI,CAAC,eAAe,CAAC,yBAA0D,CAAC;YAC7F,MAAM,KAAK,GAAa,OAAO,IAAI,CAAC,eAAe,KAAK,QAAQ,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,eAAe,CAAC;YACjH,MAAM,MAAM,GAAe,EAAE,CAAC;YAC9B,MAAM,CAAC,CAAC,CAAC,GAAG,KAAK,CAAC;YAClB,OAAO,MAAM,CAAC;QAChB,CAAC;aAAM,CAAC;YACN,OAAO,IAAI,CAAC,eAAe,CAAC,gBAAgB,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE;gBACjE,IAAI,OAAO,CAAC,KAAK,QAAQ,EAAE,CAAC;oBAC1B,OAAO,CAAC,CAAC,CAAC,CAAC;gBACb,CAAC;qBAAM,IAAI,OAAO,IAAI,CAAC,EAAE,CAAC;oBACxB,OAAO,CAAC,CAAC,KAAK,CAAC;gBACjB,CAAC;qBAAM,IAAI,KAAK,IAAI,CAAC,EAAE,CAAC;oBACtB,OAAO,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;gBACjB,CAAC;qBAAM,CAAC;oBACN,OAAO,CAAC,CAAC,qBAAqB,CAAC,KAAK,CAAC;gBACvC,CAAC;YACH,CAAC,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,wBAAwB;;QACtB,OAAO,MAAA,MAAA,IAAI,CAAC,eAAe,0CAAE,cAAc,mCAAI,CAAC,8BAAa,CAAC,uBAAuB,CAAC,CAAC;IACzF,CAAC;IAED,IAAI,eAAe;QACjB,OAAO,IAAI,CAAC,gBAAgB,CAAC;IAC/B,CAAC;IAEM,OAAO;;QACZ,OAAO,MAAA,MAAA,IAAI,CAAC,eAAe,0CAAE,OAAO,mCAAI,kCAAiB,CAAC,UAAU,CAAC;IACvE,CAAC;IAED,IAAW,gBAAgB;QACzB,IAAI,CAAC,oBAAoB,EAAE,CAAC;QAC5B,oEAAoE;QACpE,OAAO,IAAI,CAAC,iBAAkB,CAAC;IACjC,CAAC;IAED,IAAI,GAAG;QACL,IAAI,CAAC,gBAAgB,EAAE,CAAC;QACxB,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC;YACf,MAAM,IAAI,KAAK,CAAC,8BAA8B,CAAC,CAAC;QAClD,CAAC;QACD,OAAO,IAAI,CAAC,IAAI,CAAC;IACnB,CAAC;IAED,IAAI,GAAG;QACL,IAAI,CAAC,gBAAgB,EAAE,CAAC;QACxB,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC;YACf,MAAM,IAAI,KAAK,CAAC,8BAA8B,CAAC,CAAC;QAClD,CAAC;QACD,OAAO,IAAI,CAAC,IAAI,CAAC;IACnB,CAAC;IAED,IAAI,QAAQ;QACV,OAAO,IAAI,CAAC,SAAS,CAAC;IACxB,CAAC;IAED,IAAI,mBAAmB;QACrB,IAAI,CAAC,iBAAiB,EAAE,CAAC;QACzB,oEAAoE;QACpE,OAAO,IAAI,CAAC,oBAAqB,CAAC;IACpC,CAAC;IAEM,SAAS;QACd,IAAI,CAAC,gBAAgB,EAAE,CAAC;QACxB,OAAO,IAAI,CAAC,iBAAkB,CAAC;IACjC,CAAC;IAEM,sBAAsB;QAC3B,IAAI,CAAC,gBAAgB,EAAE,CAAC;QACxB,OAAO,IAAI,CAAC,gBAAgB;YAC1B,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC,cAAc;YACtC,CAAC,CAAC,qCAAiB,CAAC,iBAAiB,CAAC,EAAE,UAAU,EAAE,EAAE,MAAM,EAAE,IAAI,CAAC,SAAS,EAAE,EAAE,EAAE,CAAC,CAAC;IACxF,CAAC;IAEM,qBAAqB;QAC1B,IAAI,CAAC,gBAAgB,EAAE,CAAC;QACxB,OAAO,IAAI,CAAC,gBAAgB,CAAC,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC,mBAAmB,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,SAAS,EAAE,aAAa,CAAC;IAC9G,CAAC;IAEM,6BAA6B;QAClC,OAAO,CAAC,CAAC,IAAI,CAAC,sBAAsB,EAAE,CAAC;IACzC,CAAC;IAEM,6BAA6B;QAClC,IAAI,CAAC,gBAAgB,EAAE,CAAC;QACxB,OAAO,IAAI,CAAC,gBAAgB,CAAC,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC,mBAAmB,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,SAAS,EAAE,aAAa,CAAC;IAC9G,CAAC;IAEO,gBAAgB;QACtB,IAAI,CAAC,IAAI,CAAC,gBAAgB,IAAI,IAAI,CAAC,wBAAwB,EAAE,CAAC,QAAQ,CAAC,8BAAa,CAAC,wBAAwB,CAAC,EAAE,CAAC;YAC/G,MAAM,KAAK,CAAC,oDAAoD,CAAC,CAAC;QACpE,CAAC;aAAM,IAAI,CAAC,IAAI,CAAC,iBAAiB,EAAE,CAAC;YACnC,MAAM,KAAK,CAAC,oCAAoC,CAAC,CAAC;QACpD,CAAC;IACH,CAAC;IAEO,oBAAoB;QAC1B,IAAI,CAAC,IAAI,CAAC,iBAAiB,EAAE,CAAC;YAC5B,MAAM,KAAK,CAAC,oBAAoB,CAAC,CAAC;QACpC,CAAC;IACH,CAAC;IAEO,iBAAiB;QACvB,IAAI,CAAC,IAAI,CAAC,oBAAoB,EAAE,CAAC;YAC/B,MAAM,KAAK,CAAC,yBAAyB,CAAC,CAAC;QACzC,CAAC;IACH,CAAC;CACF;AA1fD,4CA0fC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"AuthorizationUtil.d.ts","sourceRoot":"","sources":["../../lib/functions/AuthorizationUtil.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,QAAQ,EAAE,MAAM,UAAU,CAAC;AAEpC,eAAO,MAAM,cAAc,SAAU,QAAQ,aAe5C,CAAC"}
|
|
@@ -0,0 +1,22 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.createPKCEOpts = void 0;
|
|
4
|
+
const oid4vci_common_1 = require("@sphereon/oid4vci-common");
|
|
5
|
+
const createPKCEOpts = (pkce) => {
|
|
6
|
+
if (pkce.disabled) {
|
|
7
|
+
return pkce;
|
|
8
|
+
}
|
|
9
|
+
if (!pkce.codeChallengeMethod) {
|
|
10
|
+
pkce.codeChallengeMethod = oid4vci_common_1.CodeChallengeMethod.S256;
|
|
11
|
+
}
|
|
12
|
+
if (!pkce.codeVerifier) {
|
|
13
|
+
pkce.codeVerifier = (0, oid4vci_common_1.generateCodeVerifier)();
|
|
14
|
+
}
|
|
15
|
+
(0, oid4vci_common_1.assertValidCodeVerifier)(pkce.codeVerifier);
|
|
16
|
+
if (!pkce.codeChallenge) {
|
|
17
|
+
pkce.codeChallenge = (0, oid4vci_common_1.createCodeChallenge)(pkce.codeVerifier, pkce.codeChallengeMethod);
|
|
18
|
+
}
|
|
19
|
+
return pkce;
|
|
20
|
+
};
|
|
21
|
+
exports.createPKCEOpts = createPKCEOpts;
|
|
22
|
+
//# sourceMappingURL=AuthorizationUtil.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"AuthorizationUtil.js","sourceRoot":"","sources":["../../lib/functions/AuthorizationUtil.ts"],"names":[],"mappings":";;;AAAA,6DAAmI;AAI5H,MAAM,cAAc,GAAG,CAAC,IAAc,EAAE,EAAE;IAC/C,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;QAClB,OAAO,IAAI,CAAC;IACd,CAAC;IACD,IAAI,CAAC,IAAI,CAAC,mBAAmB,EAAE,CAAC;QAC9B,IAAI,CAAC,mBAAmB,GAAG,oCAAmB,CAAC,IAAI,CAAC;IACtD,CAAC;IACD,IAAI,CAAC,IAAI,CAAC,YAAY,EAAE,CAAC;QACvB,IAAI,CAAC,YAAY,GAAG,IAAA,qCAAoB,GAAE,CAAC;IAC7C,CAAC;IACD,IAAA,wCAAuB,EAAC,IAAI,CAAC,YAAY,CAAC,CAAC;IAC3C,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE,CAAC;QACxB,IAAI,CAAC,aAAa,GAAG,IAAA,oCAAmB,EAAC,IAAI,CAAC,YAAY,EAAE,IAAI,CAAC,mBAAmB,CAAC,CAAC;IACxF,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC,CAAC;AAfW,QAAA,cAAc,kBAezB"}
|
|
@@ -0,0 +1,49 @@
|
|
|
1
|
+
import { CodeChallengeMethod } from '@sphereon/oid4vci-common';
|
|
2
|
+
import { CredentialFormat } from '@sphereon/ssi-types';
|
|
3
|
+
export interface AuthDetails {
|
|
4
|
+
type: 'openid_credential' | string;
|
|
5
|
+
locations?: string | string[];
|
|
6
|
+
format: CredentialFormat | CredentialFormat[];
|
|
7
|
+
[s: string]: unknown;
|
|
8
|
+
}
|
|
9
|
+
/**
|
|
10
|
+
* Determinse whether PAR should be used when supported
|
|
11
|
+
*
|
|
12
|
+
* REQUIRE: Require PAR, if AS does not support it throw an error
|
|
13
|
+
* AUTO: Use PAR is the AS supports it, otherwise construct a reqular URI,
|
|
14
|
+
* NEVER: Do not use PAR even if the AS supports it (not recommended)
|
|
15
|
+
*/
|
|
16
|
+
export declare enum PARMode {
|
|
17
|
+
REQUIRE = 0,
|
|
18
|
+
AUTO = 1,
|
|
19
|
+
NEVER = 2
|
|
20
|
+
}
|
|
21
|
+
export interface AuthRequestOpts {
|
|
22
|
+
pkce?: PKCEOpts;
|
|
23
|
+
parMode?: PARMode;
|
|
24
|
+
authorizationDetails?: AuthDetails | AuthDetails[];
|
|
25
|
+
redirectUri: string;
|
|
26
|
+
scope?: string;
|
|
27
|
+
}
|
|
28
|
+
/**
|
|
29
|
+
* Optional options to provide PKCE params like code verifier and challenge yourself, or to disable PKCE altogether. If not provide PKCE will still be used! If individual params are not provide, they will be generated/calculated
|
|
30
|
+
*/
|
|
31
|
+
export interface PKCEOpts {
|
|
32
|
+
/**
|
|
33
|
+
* PKCE is enabled by default even if you do not provide these options. Set this to true to disable PKCE
|
|
34
|
+
*/
|
|
35
|
+
disabled?: boolean;
|
|
36
|
+
/**
|
|
37
|
+
* Provide a code_challenge, otherwise it will be calculated using the code_verifier and method
|
|
38
|
+
*/
|
|
39
|
+
codeChallenge?: string;
|
|
40
|
+
/**
|
|
41
|
+
* The code_challenge_method, should always by S256
|
|
42
|
+
*/
|
|
43
|
+
codeChallengeMethod?: CodeChallengeMethod;
|
|
44
|
+
/**
|
|
45
|
+
* Provide a code_verifier, otherwise it will be generated
|
|
46
|
+
*/
|
|
47
|
+
codeVerifier?: string;
|
|
48
|
+
}
|
|
49
|
+
//# sourceMappingURL=index.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../lib/types/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,mBAAmB,EAAE,MAAM,0BAA0B,CAAC;AAC/D,OAAO,EAAE,gBAAgB,EAAE,MAAM,qBAAqB,CAAC;AAEvD,MAAM,WAAW,WAAW;IAC1B,IAAI,EAAE,mBAAmB,GAAG,MAAM,CAAC;IACnC,SAAS,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;IAC9B,MAAM,EAAE,gBAAgB,GAAG,gBAAgB,EAAE,CAAC;IAE9C,CAAC,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC;CACtB;AAED;;;;;;GAMG;AACH,oBAAY,OAAO;IACjB,OAAO,IAAA;IACP,IAAI,IAAA;IACJ,KAAK,IAAA;CACN;AAED,MAAM,WAAW,eAAe;IAC9B,IAAI,CAAC,EAAE,QAAQ,CAAC;IAChB,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,oBAAoB,CAAC,EAAE,WAAW,GAAG,WAAW,EAAE,CAAC;IACnD,WAAW,EAAE,MAAM,CAAC;IACpB,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED;;GAEG;AACH,MAAM,WAAW,QAAQ;IACvB;;OAEG;IACH,QAAQ,CAAC,EAAE,OAAO,CAAC;IAEnB;;OAEG;IACH,aAAa,CAAC,EAAE,MAAM,CAAC;IAEvB;;OAEG;IACH,mBAAmB,CAAC,EAAE,mBAAmB,CAAC;IAE1C;;OAEG;IACH,YAAY,CAAC,EAAE,MAAM,CAAC;CACvB"}
|
|
@@ -0,0 +1,17 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.PARMode = void 0;
|
|
4
|
+
/**
|
|
5
|
+
* Determinse whether PAR should be used when supported
|
|
6
|
+
*
|
|
7
|
+
* REQUIRE: Require PAR, if AS does not support it throw an error
|
|
8
|
+
* AUTO: Use PAR is the AS supports it, otherwise construct a reqular URI,
|
|
9
|
+
* NEVER: Do not use PAR even if the AS supports it (not recommended)
|
|
10
|
+
*/
|
|
11
|
+
var PARMode;
|
|
12
|
+
(function (PARMode) {
|
|
13
|
+
PARMode[PARMode["REQUIRE"] = 0] = "REQUIRE";
|
|
14
|
+
PARMode[PARMode["AUTO"] = 1] = "AUTO";
|
|
15
|
+
PARMode[PARMode["NEVER"] = 2] = "NEVER";
|
|
16
|
+
})(PARMode || (exports.PARMode = PARMode = {}));
|
|
17
|
+
//# sourceMappingURL=index.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../lib/types/index.ts"],"names":[],"mappings":";;;AAWA;;;;;;GAMG;AACH,IAAY,OAIX;AAJD,WAAY,OAAO;IACjB,2CAAO,CAAA;IACP,qCAAI,CAAA;IACJ,uCAAK,CAAA;AACP,CAAC,EAJW,OAAO,uBAAP,OAAO,QAIlB"}
|
package/lib/OpenID4VCIClient.ts
CHANGED
|
@@ -29,34 +29,21 @@ import { CredentialRequestClientBuilder } from './CredentialRequestClientBuilder
|
|
|
29
29
|
import { MetadataClient } from './MetadataClient';
|
|
30
30
|
import { ProofOfPossessionBuilder } from './ProofOfPossessionBuilder';
|
|
31
31
|
import { convertJsonToURI, formPost } from './functions';
|
|
32
|
+
import { createPKCEOpts } from './functions/AuthorizationUtil';
|
|
33
|
+
import { AuthDetails, AuthRequestOpts, PARMode, PKCEOpts } from './types';
|
|
32
34
|
|
|
33
35
|
const debug = Debug('sphereon:oid4vci');
|
|
34
36
|
|
|
35
|
-
interface AuthDetails {
|
|
36
|
-
type: 'openid_credential' | string;
|
|
37
|
-
locations?: string | string[];
|
|
38
|
-
format: CredentialFormat | CredentialFormat[];
|
|
39
|
-
|
|
40
|
-
[s: string]: unknown;
|
|
41
|
-
}
|
|
42
|
-
|
|
43
|
-
interface AuthRequestOpts {
|
|
44
|
-
codeChallenge: string;
|
|
45
|
-
codeChallengeMethod?: CodeChallengeMethod;
|
|
46
|
-
authorizationDetails?: AuthDetails | AuthDetails[];
|
|
47
|
-
redirectUri: string;
|
|
48
|
-
scope?: string;
|
|
49
|
-
}
|
|
50
|
-
|
|
51
37
|
export class OpenID4VCIClient {
|
|
52
38
|
private readonly _credentialOffer?: CredentialOfferRequestWithBaseUrl;
|
|
53
|
-
private _credentialIssuer: string;
|
|
39
|
+
private readonly _credentialIssuer: string;
|
|
54
40
|
private _clientId?: string;
|
|
55
41
|
private _kid: string | undefined;
|
|
56
42
|
private _jwk: JWK | undefined;
|
|
57
43
|
private _alg: Alg | string | undefined;
|
|
58
44
|
private _endpointMetadata: EndpointMetadataResult | undefined;
|
|
59
45
|
private _accessTokenResponse: AccessTokenResponse | undefined;
|
|
46
|
+
private _pkce: PKCEOpts = { disabled: false, codeChallengeMethod: CodeChallengeMethod.S256 };
|
|
60
47
|
|
|
61
48
|
private constructor({
|
|
62
49
|
credentialOffer,
|
|
@@ -144,9 +131,13 @@ export class OpenID4VCIClient {
|
|
|
144
131
|
return this.endpointMetadata;
|
|
145
132
|
}
|
|
146
133
|
|
|
147
|
-
|
|
148
|
-
|
|
149
|
-
|
|
134
|
+
public async createAuthorizationRequestUrl(opts: AuthRequestOpts): Promise<string> {
|
|
135
|
+
const { redirectUri } = opts;
|
|
136
|
+
let { scope, authorizationDetails } = opts;
|
|
137
|
+
const parMode = this._endpointMetadata?.credentialIssuerMetadata?.require_pushed_authorization_requests
|
|
138
|
+
? PARMode.REQUIRE
|
|
139
|
+
: opts.parMode ?? PARMode.AUTO;
|
|
140
|
+
this._pkce = createPKCEOpts({ ...this._pkce, ...opts.pkce });
|
|
150
141
|
// Scope and authorization_details can be used in the same authorization request
|
|
151
142
|
// https://datatracker.ietf.org/doc/html/draft-ietf-oauth-rar-23#name-relationship-to-scope-param
|
|
152
143
|
if (!scope && !authorizationDetails) {
|
|
@@ -181,16 +172,19 @@ export class OpenID4VCIClient {
|
|
|
181
172
|
if (!this._endpointMetadata?.authorization_endpoint) {
|
|
182
173
|
throw Error('Server metadata does not contain authorization endpoint');
|
|
183
174
|
}
|
|
175
|
+
const parEndpoint = this._endpointMetadata.credentialIssuerMetadata?.pushed_authorization_request_endpoint;
|
|
184
176
|
|
|
185
177
|
// add 'openid' scope if not present
|
|
186
178
|
if (!scope?.includes('openid')) {
|
|
187
179
|
scope = ['openid', scope].filter((s) => !!s).join(' ');
|
|
188
180
|
}
|
|
189
181
|
|
|
190
|
-
|
|
182
|
+
let queryObj: { [key: string]: string } | PushedAuthorizationResponse = {
|
|
191
183
|
response_type: ResponseType.AUTH_CODE,
|
|
192
|
-
|
|
193
|
-
|
|
184
|
+
...(!this._pkce.disabled && {
|
|
185
|
+
code_challenge_method: this._pkce.codeChallengeMethod ?? CodeChallengeMethod.S256,
|
|
186
|
+
code_challenge: this._pkce.codeChallenge,
|
|
187
|
+
}),
|
|
194
188
|
authorization_details: JSON.stringify(this.handleAuthorizationDetails(authorizationDetails)),
|
|
195
189
|
redirect_uri: redirectUri,
|
|
196
190
|
scope: scope,
|
|
@@ -203,76 +197,24 @@ export class OpenID4VCIClient {
|
|
|
203
197
|
if (this.credentialOffer?.issuerState) {
|
|
204
198
|
queryObj['issuer_state'] = this.credentialOffer.issuerState;
|
|
205
199
|
}
|
|
200
|
+
if (!parEndpoint && parMode === PARMode.REQUIRE) {
|
|
201
|
+
throw Error(`PAR mode is set to required by Authorization Server does not support PAR!`);
|
|
202
|
+
} else if (parEndpoint && parMode !== PARMode.NEVER) {
|
|
203
|
+
const parResponse = await formPost<PushedAuthorizationResponse>(parEndpoint, new URLSearchParams(queryObj));
|
|
204
|
+
if (parResponse.errorBody || !parResponse.successBody) {
|
|
205
|
+
throw Error(`PAR error`);
|
|
206
|
+
}
|
|
207
|
+
queryObj = { request_uri: parResponse.successBody.request_uri };
|
|
208
|
+
}
|
|
206
209
|
|
|
207
210
|
return convertJsonToURI(queryObj, {
|
|
208
211
|
baseUrl: this._endpointMetadata.authorization_endpoint,
|
|
209
|
-
uriTypeProperties: ['redirect_uri', 'scope', 'authorization_details', 'issuer_state'],
|
|
212
|
+
uriTypeProperties: ['request_uri', 'redirect_uri', 'scope', 'authorization_details', 'issuer_state'],
|
|
210
213
|
mode: JsonURIMode.X_FORM_WWW_URLENCODED,
|
|
211
214
|
// We do not add the version here, as this always needs to be form encoded
|
|
212
215
|
});
|
|
213
216
|
}
|
|
214
217
|
|
|
215
|
-
// todo: Unify this method with the create auth request url method
|
|
216
|
-
public async acquirePushedAuthorizationRequestURI({
|
|
217
|
-
codeChallengeMethod,
|
|
218
|
-
codeChallenge,
|
|
219
|
-
authorizationDetails,
|
|
220
|
-
redirectUri,
|
|
221
|
-
scope,
|
|
222
|
-
}: AuthRequestOpts): Promise<string> {
|
|
223
|
-
// Scope and authorization_details can be used in the same authorization request
|
|
224
|
-
// https://datatracker.ietf.org/doc/html/draft-ietf-oauth-rar-23#name-relationship-to-scope-param
|
|
225
|
-
if (!scope && !authorizationDetails) {
|
|
226
|
-
throw Error('Please provide a scope or authorization_details');
|
|
227
|
-
}
|
|
228
|
-
|
|
229
|
-
// Authorization servers supporting PAR SHOULD include the URL of their pushed authorization request endpoint in their authorization server metadata document
|
|
230
|
-
// Note that the presence of pushed_authorization_request_endpoint is sufficient for a client to determine that it may use the PAR flow.
|
|
231
|
-
// What happens if it doesn't ???
|
|
232
|
-
// let parEndpoint: string
|
|
233
|
-
if (
|
|
234
|
-
!this._endpointMetadata?.credentialIssuerMetadata ||
|
|
235
|
-
!('pushed_authorization_request_endpoint' in this._endpointMetadata.credentialIssuerMetadata) ||
|
|
236
|
-
typeof this._endpointMetadata.credentialIssuerMetadata.pushed_authorization_request_endpoint !== 'string'
|
|
237
|
-
) {
|
|
238
|
-
throw Error('Server metadata does not contain pushed authorization request endpoint');
|
|
239
|
-
}
|
|
240
|
-
const parEndpoint: string = this._endpointMetadata.credentialIssuerMetadata.pushed_authorization_request_endpoint;
|
|
241
|
-
|
|
242
|
-
// add 'openid' scope if not present
|
|
243
|
-
if (!scope?.includes('openid')) {
|
|
244
|
-
scope = ['openid', scope].filter((s) => !!s).join(' ');
|
|
245
|
-
}
|
|
246
|
-
|
|
247
|
-
const queryObj: { [key: string]: string } = {
|
|
248
|
-
response_type: ResponseType.AUTH_CODE,
|
|
249
|
-
code_challenge_method: codeChallengeMethod ?? CodeChallengeMethod.SHA256,
|
|
250
|
-
code_challenge: codeChallenge,
|
|
251
|
-
authorization_details: JSON.stringify(this.handleAuthorizationDetails(authorizationDetails)),
|
|
252
|
-
redirect_uri: redirectUri,
|
|
253
|
-
scope: scope,
|
|
254
|
-
};
|
|
255
|
-
|
|
256
|
-
if (this.clientId) {
|
|
257
|
-
queryObj['client_id'] = this.clientId;
|
|
258
|
-
}
|
|
259
|
-
|
|
260
|
-
if (this.credentialOffer?.issuerState) {
|
|
261
|
-
queryObj['issuer_state'] = this.credentialOffer.issuerState;
|
|
262
|
-
}
|
|
263
|
-
|
|
264
|
-
const response = await formPost<PushedAuthorizationResponse>(parEndpoint, new URLSearchParams(queryObj));
|
|
265
|
-
|
|
266
|
-
return convertJsonToURI(
|
|
267
|
-
{ request_uri: response.successBody?.request_uri },
|
|
268
|
-
{
|
|
269
|
-
baseUrl: this._endpointMetadata.credentialIssuerMetadata.authorization_endpoint,
|
|
270
|
-
uriTypeProperties: ['request_uri'],
|
|
271
|
-
mode: JsonURIMode.X_FORM_WWW_URLENCODED,
|
|
272
|
-
},
|
|
273
|
-
);
|
|
274
|
-
}
|
|
275
|
-
|
|
276
218
|
public handleAuthorizationDetails(authorizationDetails?: AuthDetails | AuthDetails[]): AuthDetails | AuthDetails[] | undefined {
|
|
277
219
|
if (authorizationDetails) {
|
|
278
220
|
if (Array.isArray(authorizationDetails)) {
|
|
@@ -309,8 +251,11 @@ export class OpenID4VCIClient {
|
|
|
309
251
|
code?: string;
|
|
310
252
|
redirectUri?: string;
|
|
311
253
|
}): Promise<AccessTokenResponse> {
|
|
312
|
-
const { pin, clientId,
|
|
254
|
+
const { pin, clientId, code, redirectUri } = opts ?? {};
|
|
313
255
|
|
|
256
|
+
if (opts?.codeVerifier) {
|
|
257
|
+
this._pkce.codeVerifier = opts.codeVerifier;
|
|
258
|
+
}
|
|
314
259
|
this.assertIssuerData();
|
|
315
260
|
|
|
316
261
|
if (clientId) {
|
|
@@ -324,7 +269,7 @@ export class OpenID4VCIClient {
|
|
|
324
269
|
metadata: this.endpointMetadata,
|
|
325
270
|
credentialIssuer: this.getIssuer(),
|
|
326
271
|
pin,
|
|
327
|
-
codeVerifier,
|
|
272
|
+
...(!this._pkce.disabled && { codeVerifier: this._pkce.codeVerifier }),
|
|
328
273
|
code,
|
|
329
274
|
redirectUri,
|
|
330
275
|
asOpts: { clientId },
|
|
@@ -570,10 +515,12 @@ export class OpenID4VCIClient {
|
|
|
570
515
|
public hasDeferredCredentialEndpoint(): boolean {
|
|
571
516
|
return !!this.getAccessTokenEndpoint();
|
|
572
517
|
}
|
|
518
|
+
|
|
573
519
|
public getDeferredCredentialEndpoint(): string {
|
|
574
520
|
this.assertIssuerData();
|
|
575
521
|
return this.endpointMetadata ? this.endpointMetadata.credential_endpoint : `${this.getIssuer()}/credential`;
|
|
576
522
|
}
|
|
523
|
+
|
|
577
524
|
private assertIssuerData(): void {
|
|
578
525
|
if (!this._credentialOffer && this.issuerSupportedFlowTypes().includes(AuthzFlowType.PRE_AUTHORIZED_CODE_FLOW)) {
|
|
579
526
|
throw Error(`No issuance initiation or credential offer present`);
|
|
@@ -1,4 +1,6 @@
|
|
|
1
1
|
import { AccessTokenRequest, AccessTokenResponse, GrantTypes, OpenIDResponse, WellKnownEndpoints } from '@sphereon/oid4vci-common';
|
|
2
|
+
// eslint-disable-next-line @typescript-eslint/ban-ts-comment
|
|
3
|
+
// @ts-ignore
|
|
2
4
|
import nock from 'nock';
|
|
3
5
|
|
|
4
6
|
import { AccessTokenClient } from '../AccessTokenClient';
|
|
@@ -157,7 +157,7 @@ describe('Credential Request Client ', () => {
|
|
|
157
157
|
});
|
|
158
158
|
|
|
159
159
|
describe('Credential Request Client with Walt.id ', () => {
|
|
160
|
-
|
|
160
|
+
beforeEach(() => {
|
|
161
161
|
nock.cleanAll();
|
|
162
162
|
});
|
|
163
163
|
|
|
@@ -165,7 +165,7 @@ describe('Credential Request Client with Walt.id ', () => {
|
|
|
165
165
|
nock.cleanAll();
|
|
166
166
|
});
|
|
167
167
|
it('should have correct metadata endpoints', async function () {
|
|
168
|
-
|
|
168
|
+
nock.cleanAll();
|
|
169
169
|
const WALT_IRR_URI =
|
|
170
170
|
'openid-initiate-issuance://?issuer=https%3A%2F%2Fjff.walt.id%2Fissuer-api%2Foidc%2F&credential_type=OpenBadgeCredential&pre-authorized_code=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJhOTUyZjUxNi1jYWVmLTQ4YjMtODIxYy00OTRkYzgyNjljZjAiLCJwcmUtYXV0aG9yaXplZCI6dHJ1ZX0.YE5DlalcLC2ChGEg47CQDaN1gTxbaQqSclIVqsSAUHE&user_pin_required=false';
|
|
171
171
|
const credentialOffer = await CredentialOfferClient.fromURI(WALT_IRR_URI);
|
|
@@ -184,6 +184,13 @@ describe('Credential Request Client with Walt.id ', () => {
|
|
|
184
184
|
});
|
|
185
185
|
|
|
186
186
|
describe('Credential Request Client with different issuers ', () => {
|
|
187
|
+
beforeEach(() => {
|
|
188
|
+
nock.cleanAll();
|
|
189
|
+
});
|
|
190
|
+
|
|
191
|
+
afterEach(() => {
|
|
192
|
+
nock.cleanAll();
|
|
193
|
+
});
|
|
187
194
|
it('should create correct CredentialRequest for Spruce', async () => {
|
|
188
195
|
const IRR_URI =
|
|
189
196
|
'openid-initiate-issuance://?issuer=https%3A%2F%2Fngi%2Doidc4vci%2Dtest%2Espruceid%2Exyz&credential_type=OpenBadgeCredential&pre-authorized_code=eyJhbGciOiJFUzI1NiJ9.eyJjcmVkZW50aWFsX3R5cGUiOlsiT3BlbkJhZGdlQ3JlZGVudGlhbCJdLCJleHAiOiIyMDIzLTA0LTIwVDA5OjA0OjM2WiIsIm5vbmNlIjoibWFibmVpT0VSZVB3V3BuRFFweEt3UnRsVVRFRlhGUEwifQ.qOZRPN8sTv_knhp7WaWte2-aDULaPZX--2i9unF6QDQNUllqDhvxgIHMDCYHCV8O2_Gj-T2x1J84fDMajE3asg&user_pin_required=false';
|
|
@@ -208,6 +215,7 @@ describe('Credential Request Client with different issuers ', () => {
|
|
|
208
215
|
});
|
|
209
216
|
|
|
210
217
|
it('should create correct CredentialRequest for Walt', async () => {
|
|
218
|
+
nock.cleanAll();
|
|
211
219
|
const IRR_URI =
|
|
212
220
|
'openid-initiate-issuance://?issuer=https%3A%2F%2Fjff.walt.id%2Fissuer-api%2Fdefault%2Foidc%2F&credential_type=OpenBadgeCredential&pre-authorized_code=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdWIiOiIwMTc4OTNjYy04ZTY3LTQxNzItYWZlOS1lODcyYmYxNDBlNWMiLCJwcmUtYXV0aG9yaXplZCI6dHJ1ZX0.ODfq2AIhOcB61dAb3zMrXBJjPJaf53zkeHh_AssYyYA&user_pin_required=false';
|
|
213
221
|
const credentialOffer = await (
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import { Alg,
|
|
1
|
+
import { Alg, Jwt } from '@sphereon/oid4vci-common';
|
|
2
2
|
import { toJwk } from '@sphereon/ssi-sdk-ext.key-utils';
|
|
3
3
|
import { CredentialMapper } from '@sphereon/ssi-types';
|
|
4
4
|
// eslint-disable-next-line @typescript-eslint/ban-ts-comment
|
|
@@ -68,10 +68,8 @@ describe('OID4VCI-Client using Sphereon issuer should', () => {
|
|
|
68
68
|
expect(client.getAccessTokenEndpoint()).toEqual(`${AUTH_URL}/token`);
|
|
69
69
|
|
|
70
70
|
if (credentialType !== 'CTWalletCrossPreAuthorisedInTime') {
|
|
71
|
-
const url = client.createAuthorizationRequestUrl({
|
|
71
|
+
const url = await client.createAuthorizationRequestUrl({
|
|
72
72
|
redirectUri: 'openid4vc%3A',
|
|
73
|
-
codeChallenge: 'mE2kPHmIprOqtkaYmESWj35yz-PB5vzdiSu0tAZ8sqs',
|
|
74
|
-
codeChallengeMethod: CodeChallengeMethod.SHA256,
|
|
75
73
|
});
|
|
76
74
|
const result = await fetch(url);
|
|
77
75
|
console.log(result.text());
|
|
@@ -24,13 +24,11 @@ describe('OpenID4VCIClient should', () => {
|
|
|
24
24
|
nock.cleanAll();
|
|
25
25
|
});
|
|
26
26
|
|
|
27
|
-
it('should
|
|
27
|
+
it('should successfully construct an authorization request url', async () => {
|
|
28
28
|
// eslint-disable-next-line @typescript-eslint/ban-ts-comment
|
|
29
29
|
// @ts-ignore
|
|
30
30
|
client._endpointMetadata?.credentialIssuerMetadata.authorization_endpoint = `${MOCK_URL}v1/auth/authorize`;
|
|
31
|
-
const url = client.createAuthorizationRequestUrl({
|
|
32
|
-
codeChallengeMethod: CodeChallengeMethod.SHA256,
|
|
33
|
-
codeChallenge: 'mE2kPHmIprOqtkaYmESWj35yz-PB5vzdiSu0tAZ8sqs',
|
|
31
|
+
const url = await client.createAuthorizationRequestUrl({
|
|
34
32
|
scope: 'openid TestCredential',
|
|
35
33
|
redirectUri: 'http://localhost:8881/cb',
|
|
36
34
|
});
|
|
@@ -41,23 +39,23 @@ describe('OpenID4VCIClient should', () => {
|
|
|
41
39
|
expect(scope?.[0]).toBe('openid');
|
|
42
40
|
});
|
|
43
41
|
it('throw an error if authorization endpoint is not set in server metadata', async () => {
|
|
44
|
-
expect(
|
|
42
|
+
await expect(
|
|
45
43
|
client.createAuthorizationRequestUrl({
|
|
46
|
-
codeChallengeMethod: CodeChallengeMethod.SHA256,
|
|
47
|
-
codeChallenge: 'mE2kPHmIprOqtkaYmESWj35yz-PB5vzdiSu0tAZ8sqs',
|
|
48
44
|
scope: 'openid TestCredential',
|
|
49
45
|
redirectUri: 'http://localhost:8881/cb',
|
|
50
|
-
})
|
|
51
|
-
|
|
46
|
+
}),
|
|
47
|
+
).rejects.toThrow(Error('Server metadata does not contain authorization endpoint'));
|
|
52
48
|
});
|
|
53
49
|
it("injects 'openid' as the first scope if not provided", async () => {
|
|
54
50
|
// eslint-disable-next-line @typescript-eslint/ban-ts-comment
|
|
55
51
|
// @ts-ignore
|
|
56
52
|
client._endpointMetadata?.credentialIssuerMetadata.authorization_endpoint = `${MOCK_URL}v1/auth/authorize`;
|
|
57
53
|
|
|
58
|
-
const url = client.createAuthorizationRequestUrl({
|
|
59
|
-
|
|
60
|
-
|
|
54
|
+
const url = await client.createAuthorizationRequestUrl({
|
|
55
|
+
pkce: {
|
|
56
|
+
codeChallengeMethod: CodeChallengeMethod.S256,
|
|
57
|
+
codeChallenge: 'mE2kPHmIprOqtkaYmESWj35yz-PB5vzdiSu0tAZ8sqs',
|
|
58
|
+
},
|
|
61
59
|
scope: 'TestCredential',
|
|
62
60
|
redirectUri: 'http://localhost:8881/cb',
|
|
63
61
|
});
|
|
@@ -77,13 +75,15 @@ describe('OpenID4VCIClient should', () => {
|
|
|
77
75
|
// @ts-ignore
|
|
78
76
|
client._endpointMetadata?.credentialIssuerMetadata.authorization_endpoint = `${MOCK_URL}v1/auth/authorize`;
|
|
79
77
|
|
|
80
|
-
expect(
|
|
78
|
+
await expect(
|
|
81
79
|
client.createAuthorizationRequestUrl({
|
|
82
|
-
|
|
83
|
-
|
|
80
|
+
pkce: {
|
|
81
|
+
codeChallengeMethod: CodeChallengeMethod.S256,
|
|
82
|
+
codeChallenge: 'mE2kPHmIprOqtkaYmESWj35yz-PB5vzdiSu0tAZ8sqs',
|
|
83
|
+
},
|
|
84
84
|
redirectUri: 'http://localhost:8881/cb',
|
|
85
|
-
})
|
|
86
|
-
|
|
85
|
+
}),
|
|
86
|
+
).rejects.toThrow(Error('Please provide a scope or authorization_details'));
|
|
87
87
|
});
|
|
88
88
|
it('create an authorization request url with authorization_details array property', async () => {
|
|
89
89
|
// eslint-disable-next-line @typescript-eslint/ban-ts-comment
|
|
@@ -92,8 +92,10 @@ describe('OpenID4VCIClient should', () => {
|
|
|
92
92
|
|
|
93
93
|
expect(
|
|
94
94
|
client.createAuthorizationRequestUrl({
|
|
95
|
-
|
|
96
|
-
|
|
95
|
+
pkce: {
|
|
96
|
+
codeChallengeMethod: CodeChallengeMethod.S256,
|
|
97
|
+
codeChallenge: 'mE2kPHmIprOqtkaYmESWj35yz-PB5vzdiSu0tAZ8sqs',
|
|
98
|
+
},
|
|
97
99
|
authorizationDetails: [
|
|
98
100
|
{
|
|
99
101
|
type: 'openid_credential',
|
|
@@ -111,7 +113,7 @@ describe('OpenID4VCIClient should', () => {
|
|
|
111
113
|
],
|
|
112
114
|
redirectUri: 'http://localhost:8881/cb',
|
|
113
115
|
}),
|
|
114
|
-
).toEqual(
|
|
116
|
+
).resolves.toEqual(
|
|
115
117
|
'https://server.example.com/v1/auth/authorize?response_type=code&code_challenge_method=S256&code_challenge=mE2kPHmIprOqtkaYmESWj35yz-PB5vzdiSu0tAZ8sqs&authorization_details=%5B%7B%22type%22%3A%22openid_credential%22%2C%22format%22%3A%22ldp_vc%22%2C%22credential_definition%22%3A%7B%22%40context%22%3A%5B%22https%3A%2F%2Fwww%2Ew3%2Eorg%2F2018%2Fcredentials%2Fv1%22%2C%22https%3A%2F%2Fwww%2Ew3%2Eorg%2F2018%2Fcredentials%2Fexamples%2Fv1%22%5D%2C%22types%22%3A%5B%22VerifiableCredential%22%2C%22UniversityDegreeCredential%22%5D%7D%2C%22locations%22%3A%22https%3A%2F%2Fserver%2Eexample%2Ecom%22%7D%2C%7B%22type%22%3A%22openid_credential%22%2C%22format%22%3A%22mso_mdoc%22%2C%22doctype%22%3A%22org%2Eiso%2E18013%2E5%2E1%2EmDL%22%2C%22locations%22%3A%22https%3A%2F%2Fserver%2Eexample%2Ecom%22%7D%5D&redirect_uri=http%3A%2F%2Flocalhost%3A8881%2Fcb&scope=openid&client_id=test-client',
|
|
116
118
|
);
|
|
117
119
|
});
|
|
@@ -122,8 +124,10 @@ describe('OpenID4VCIClient should', () => {
|
|
|
122
124
|
|
|
123
125
|
expect(
|
|
124
126
|
client.createAuthorizationRequestUrl({
|
|
125
|
-
|
|
126
|
-
|
|
127
|
+
pkce: {
|
|
128
|
+
codeChallengeMethod: CodeChallengeMethod.S256,
|
|
129
|
+
codeChallenge: 'mE2kPHmIprOqtkaYmESWj35yz-PB5vzdiSu0tAZ8sqs',
|
|
130
|
+
},
|
|
127
131
|
authorizationDetails: {
|
|
128
132
|
type: 'openid_credential',
|
|
129
133
|
format: 'ldp_vc',
|
|
@@ -134,7 +138,7 @@ describe('OpenID4VCIClient should', () => {
|
|
|
134
138
|
},
|
|
135
139
|
redirectUri: 'http://localhost:8881/cb',
|
|
136
140
|
}),
|
|
137
|
-
).toEqual(
|
|
141
|
+
).resolves.toEqual(
|
|
138
142
|
'https://server.example.com/v1/auth/authorize?response_type=code&code_challenge_method=S256&code_challenge=mE2kPHmIprOqtkaYmESWj35yz-PB5vzdiSu0tAZ8sqs&authorization_details=%7B%22type%22%3A%22openid_credential%22%2C%22format%22%3A%22ldp_vc%22%2C%22credential_definition%22%3A%7B%22%40context%22%3A%5B%22https%3A%2F%2Fwww%2Ew3%2Eorg%2F2018%2Fcredentials%2Fv1%22%2C%22https%3A%2F%2Fwww%2Ew3%2Eorg%2F2018%2Fcredentials%2Fexamples%2Fv1%22%5D%2C%22types%22%3A%5B%22VerifiableCredential%22%2C%22UniversityDegreeCredential%22%5D%7D%2C%22locations%22%3A%22https%3A%2F%2Fserver%2Eexample%2Ecom%22%7D&redirect_uri=http%3A%2F%2Flocalhost%3A8881%2Fcb&scope=openid&client_id=test-client',
|
|
139
143
|
);
|
|
140
144
|
});
|
|
@@ -145,8 +149,10 @@ describe('OpenID4VCIClient should', () => {
|
|
|
145
149
|
|
|
146
150
|
expect(
|
|
147
151
|
client.createAuthorizationRequestUrl({
|
|
148
|
-
|
|
149
|
-
|
|
152
|
+
pkce: {
|
|
153
|
+
codeChallengeMethod: CodeChallengeMethod.S256,
|
|
154
|
+
codeChallenge: 'mE2kPHmIprOqtkaYmESWj35yz-PB5vzdiSu0tAZ8sqs',
|
|
155
|
+
},
|
|
150
156
|
authorizationDetails: {
|
|
151
157
|
type: 'openid_credential',
|
|
152
158
|
format: 'ldp_vc',
|
|
@@ -159,7 +165,7 @@ describe('OpenID4VCIClient should', () => {
|
|
|
159
165
|
scope: 'openid',
|
|
160
166
|
redirectUri: 'http://localhost:8881/cb',
|
|
161
167
|
}),
|
|
162
|
-
).toEqual(
|
|
168
|
+
).resolves.toEqual(
|
|
163
169
|
'https://server.example.com/v1/auth/authorize?response_type=code&code_challenge_method=S256&code_challenge=mE2kPHmIprOqtkaYmESWj35yz-PB5vzdiSu0tAZ8sqs&authorization_details=%7B%22type%22%3A%22openid_credential%22%2C%22format%22%3A%22ldp_vc%22%2C%22locations%22%3A%5B%22https%3A%2F%2Ftest%2Ecom%22%2C%22https%3A%2F%2Fserver%2Eexample%2Ecom%22%5D%2C%22credential_definition%22%3A%7B%22%40context%22%3A%5B%22https%3A%2F%2Fwww%2Ew3%2Eorg%2F2018%2Fcredentials%2Fv1%22%2C%22https%3A%2F%2Fwww%2Ew3%2Eorg%2F2018%2Fcredentials%2Fexamples%2Fv1%22%5D%2C%22types%22%3A%5B%22VerifiableCredential%22%2C%22UniversityDegreeCredential%22%5D%7D%7D&redirect_uri=http%3A%2F%2Flocalhost%3A8881%2Fcb&scope=openid&client_id=test-client',
|
|
164
170
|
);
|
|
165
171
|
});
|
|
@@ -1,7 +1,10 @@
|
|
|
1
|
-
import {
|
|
1
|
+
import { WellKnownEndpoints } from '@sphereon/oid4vci-common';
|
|
2
|
+
// eslint-disable-next-line @typescript-eslint/ban-ts-comment
|
|
3
|
+
// @ts-ignore
|
|
2
4
|
import nock from 'nock';
|
|
3
5
|
|
|
4
6
|
import { OpenID4VCIClient } from '../OpenID4VCIClient';
|
|
7
|
+
import { PARMode } from '../types';
|
|
5
8
|
|
|
6
9
|
const MOCK_URL = 'https://server.example.com/';
|
|
7
10
|
describe('OpenID4VCIClient', () => {
|
|
@@ -25,9 +28,8 @@ describe('OpenID4VCIClient', () => {
|
|
|
25
28
|
it('should successfully retrieve the authorization code using PAR', async () => {
|
|
26
29
|
client.endpointMetadata.credentialIssuerMetadata!.pushed_authorization_request_endpoint = `${MOCK_URL}v1/auth/par`;
|
|
27
30
|
client.endpointMetadata.credentialIssuerMetadata!.authorization_endpoint = `${MOCK_URL}v1/auth/authorize`;
|
|
28
|
-
const actual = await client.
|
|
29
|
-
|
|
30
|
-
codeChallenge: 'mE2kPHmIprOqtkaYmESWj35yz-PB5vzdiSu0tAZ8sqs',
|
|
31
|
+
const actual = await client.createAuthorizationRequestUrl({
|
|
32
|
+
parMode: PARMode.REQUIRE,
|
|
31
33
|
scope: 'openid TestCredential',
|
|
32
34
|
redirectUri: 'http://localhost:8881/cb',
|
|
33
35
|
});
|
|
@@ -35,32 +37,30 @@ describe('OpenID4VCIClient', () => {
|
|
|
35
37
|
});
|
|
36
38
|
|
|
37
39
|
it('should fail when pushed_authorization_request_endpoint is not present', async () => {
|
|
40
|
+
client.endpointMetadata.credentialIssuerMetadata!.authorization_endpoint = `${MOCK_URL}v1/auth/authorize`;
|
|
38
41
|
await expect(() =>
|
|
39
|
-
client.
|
|
40
|
-
|
|
41
|
-
codeChallenge: 'mE2kPHmIprOqtkaYmESWj35yz-PB5vzdiSu0tAZ8sqs',
|
|
42
|
+
client.createAuthorizationRequestUrl({
|
|
43
|
+
parMode: PARMode.REQUIRE,
|
|
42
44
|
scope: 'openid TestCredential',
|
|
43
45
|
redirectUri: 'http://localhost:8881/cb',
|
|
44
46
|
}),
|
|
45
|
-
).rejects.toThrow(Error('
|
|
47
|
+
).rejects.toThrow(Error('PAR mode is set to required by Authorization Server does not support PAR!'));
|
|
46
48
|
});
|
|
47
49
|
|
|
48
50
|
it('should fail when authorization_details and scope are not present', async () => {
|
|
49
51
|
await expect(() =>
|
|
50
|
-
client.
|
|
51
|
-
|
|
52
|
-
codeChallenge: 'mE2kPHmIprOqtkaYmESWj35yz-PB5vzdiSu0tAZ8sqs',
|
|
52
|
+
client.createAuthorizationRequestUrl({
|
|
53
|
+
parMode: PARMode.REQUIRE,
|
|
53
54
|
redirectUri: 'http://localhost:8881/cb',
|
|
54
55
|
}),
|
|
55
|
-
).rejects.toThrow(Error('Please
|
|
56
|
+
).rejects.toThrow(Error('Could not create authorization details from credential offer. Please pass in explicit details'));
|
|
56
57
|
});
|
|
57
58
|
|
|
58
59
|
it('should not fail when only authorization_details is present', async () => {
|
|
59
60
|
client.endpointMetadata.credentialIssuerMetadata!.pushed_authorization_request_endpoint = `${MOCK_URL}v1/auth/par`;
|
|
60
61
|
client.endpointMetadata.credentialIssuerMetadata!.authorization_endpoint = `${MOCK_URL}v1/auth/authorize`;
|
|
61
|
-
const actual = await client.
|
|
62
|
-
|
|
63
|
-
codeChallenge: 'mE2kPHmIprOqtkaYmESWj35yz-PB5vzdiSu0tAZ8sqs',
|
|
62
|
+
const actual = await client.createAuthorizationRequestUrl({
|
|
63
|
+
parMode: PARMode.REQUIRE,
|
|
64
64
|
authorizationDetails: [
|
|
65
65
|
{
|
|
66
66
|
type: 'openid_credential',
|
|
@@ -79,9 +79,8 @@ describe('OpenID4VCIClient', () => {
|
|
|
79
79
|
it('should not fail when only scope is present', async () => {
|
|
80
80
|
client.endpointMetadata.credentialIssuerMetadata!.pushed_authorization_request_endpoint = `${MOCK_URL}v1/auth/par`;
|
|
81
81
|
client.endpointMetadata.credentialIssuerMetadata!.authorization_endpoint = `${MOCK_URL}v1/auth/authorize`;
|
|
82
|
-
const actual = await client.
|
|
83
|
-
|
|
84
|
-
codeChallenge: 'mE2kPHmIprOqtkaYmESWj35yz-PB5vzdiSu0tAZ8sqs',
|
|
82
|
+
const actual = await client.createAuthorizationRequestUrl({
|
|
83
|
+
parMode: PARMode.REQUIRE,
|
|
85
84
|
scope: 'openid TestCredential',
|
|
86
85
|
redirectUri: 'http://localhost:8881/cb',
|
|
87
86
|
});
|
|
@@ -91,9 +90,8 @@ describe('OpenID4VCIClient', () => {
|
|
|
91
90
|
it('should not fail when both authorization_details and scope are present', async () => {
|
|
92
91
|
client.endpointMetadata.credentialIssuerMetadata!.pushed_authorization_request_endpoint = `${MOCK_URL}v1/auth/par`;
|
|
93
92
|
client.endpointMetadata.credentialIssuerMetadata!.authorization_endpoint = `${MOCK_URL}v1/auth/authorize`;
|
|
94
|
-
const actual = await client.
|
|
95
|
-
|
|
96
|
-
codeChallenge: 'mE2kPHmIprOqtkaYmESWj35yz-PB5vzdiSu0tAZ8sqs',
|
|
93
|
+
const actual = await client.createAuthorizationRequestUrl({
|
|
94
|
+
parMode: PARMode.REQUIRE,
|
|
97
95
|
authorizationDetails: [
|
|
98
96
|
{
|
|
99
97
|
type: 'openid_credential',
|
|
@@ -0,0 +1,20 @@
|
|
|
1
|
+
import { assertValidCodeVerifier, CodeChallengeMethod, createCodeChallenge, generateCodeVerifier } from '@sphereon/oid4vci-common';
|
|
2
|
+
|
|
3
|
+
import { PKCEOpts } from '../types';
|
|
4
|
+
|
|
5
|
+
export const createPKCEOpts = (pkce: PKCEOpts) => {
|
|
6
|
+
if (pkce.disabled) {
|
|
7
|
+
return pkce;
|
|
8
|
+
}
|
|
9
|
+
if (!pkce.codeChallengeMethod) {
|
|
10
|
+
pkce.codeChallengeMethod = CodeChallengeMethod.S256;
|
|
11
|
+
}
|
|
12
|
+
if (!pkce.codeVerifier) {
|
|
13
|
+
pkce.codeVerifier = generateCodeVerifier();
|
|
14
|
+
}
|
|
15
|
+
assertValidCodeVerifier(pkce.codeVerifier);
|
|
16
|
+
if (!pkce.codeChallenge) {
|
|
17
|
+
pkce.codeChallenge = createCodeChallenge(pkce.codeVerifier, pkce.codeChallengeMethod);
|
|
18
|
+
}
|
|
19
|
+
return pkce;
|
|
20
|
+
};
|
|
@@ -0,0 +1,56 @@
|
|
|
1
|
+
import { CodeChallengeMethod } from '@sphereon/oid4vci-common';
|
|
2
|
+
import { CredentialFormat } from '@sphereon/ssi-types';
|
|
3
|
+
|
|
4
|
+
export interface AuthDetails {
|
|
5
|
+
type: 'openid_credential' | string;
|
|
6
|
+
locations?: string | string[];
|
|
7
|
+
format: CredentialFormat | CredentialFormat[];
|
|
8
|
+
|
|
9
|
+
[s: string]: unknown;
|
|
10
|
+
}
|
|
11
|
+
|
|
12
|
+
/**
|
|
13
|
+
* Determinse whether PAR should be used when supported
|
|
14
|
+
*
|
|
15
|
+
* REQUIRE: Require PAR, if AS does not support it throw an error
|
|
16
|
+
* AUTO: Use PAR is the AS supports it, otherwise construct a reqular URI,
|
|
17
|
+
* NEVER: Do not use PAR even if the AS supports it (not recommended)
|
|
18
|
+
*/
|
|
19
|
+
export enum PARMode {
|
|
20
|
+
REQUIRE,
|
|
21
|
+
AUTO,
|
|
22
|
+
NEVER,
|
|
23
|
+
}
|
|
24
|
+
|
|
25
|
+
export interface AuthRequestOpts {
|
|
26
|
+
pkce?: PKCEOpts;
|
|
27
|
+
parMode?: PARMode;
|
|
28
|
+
authorizationDetails?: AuthDetails | AuthDetails[];
|
|
29
|
+
redirectUri: string;
|
|
30
|
+
scope?: string;
|
|
31
|
+
}
|
|
32
|
+
|
|
33
|
+
/**
|
|
34
|
+
* Optional options to provide PKCE params like code verifier and challenge yourself, or to disable PKCE altogether. If not provide PKCE will still be used! If individual params are not provide, they will be generated/calculated
|
|
35
|
+
*/
|
|
36
|
+
export interface PKCEOpts {
|
|
37
|
+
/**
|
|
38
|
+
* PKCE is enabled by default even if you do not provide these options. Set this to true to disable PKCE
|
|
39
|
+
*/
|
|
40
|
+
disabled?: boolean;
|
|
41
|
+
|
|
42
|
+
/**
|
|
43
|
+
* Provide a code_challenge, otherwise it will be calculated using the code_verifier and method
|
|
44
|
+
*/
|
|
45
|
+
codeChallenge?: string;
|
|
46
|
+
|
|
47
|
+
/**
|
|
48
|
+
* The code_challenge_method, should always by S256
|
|
49
|
+
*/
|
|
50
|
+
codeChallengeMethod?: CodeChallengeMethod;
|
|
51
|
+
|
|
52
|
+
/**
|
|
53
|
+
* Provide a code_verifier, otherwise it will be generated
|
|
54
|
+
*/
|
|
55
|
+
codeVerifier?: string;
|
|
56
|
+
}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@sphereon/oid4vci-client",
|
|
3
|
-
"version": "0.8.2-unstable.
|
|
3
|
+
"version": "0.8.2-unstable.49+ea31c2b",
|
|
4
4
|
"description": "OpenID for Verifiable Credential Issuance (OpenID4VCI) client",
|
|
5
5
|
"source": "lib/index.ts",
|
|
6
6
|
"main": "dist/index.js",
|
|
@@ -15,7 +15,7 @@
|
|
|
15
15
|
"build": "tsc"
|
|
16
16
|
},
|
|
17
17
|
"dependencies": {
|
|
18
|
-
"@sphereon/oid4vci-common": "0.8.2-unstable.
|
|
18
|
+
"@sphereon/oid4vci-common": "0.8.2-unstable.49+ea31c2b",
|
|
19
19
|
"@sphereon/ssi-types": "^0.18.1",
|
|
20
20
|
"cross-fetch": "^3.1.8",
|
|
21
21
|
"debug": "^4.3.4"
|
|
@@ -69,5 +69,5 @@
|
|
|
69
69
|
"OIDC4VCI",
|
|
70
70
|
"OID4VCI"
|
|
71
71
|
],
|
|
72
|
-
"gitHead": "
|
|
72
|
+
"gitHead": "ea31c2b1a21d95ca4db407cde19b7041e06f063b"
|
|
73
73
|
}
|