@sphereon/oid4vci-client 0.8.2-unstable.57 → 0.8.2-unstable.61
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/AuthorizationCodeClient.d.ts.map +1 -1
- package/dist/AuthorizationCodeClient.js +6 -2
- package/dist/AuthorizationCodeClient.js.map +1 -1
- package/dist/OpenID4VCIClient.d.ts +12 -4
- package/dist/OpenID4VCIClient.d.ts.map +1 -1
- package/dist/OpenID4VCIClient.js +28 -18
- package/dist/OpenID4VCIClient.js.map +1 -1
- package/lib/AuthorizationCodeClient.ts +7 -3
- package/lib/OpenID4VCIClient.ts +216 -204
- package/lib/__tests__/EBSIE2E.spec.test.ts +2 -2
- package/package.json +3 -3
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"AuthorizationCodeClient.d.ts","sourceRoot":"","sources":["../lib/AuthorizationCodeClient.ts"],"names":[],"mappings":"AAAA,OAAO,EAEL,wBAAwB,EAGxB,iCAAiC,EACjC,mBAAmB,EACnB,sBAAsB,EAGtB,QAAQ,EAGT,MAAM,0BAA0B,CAAC;AAGlC,eAAO,MAAM,6BAA6B;UAOlC,QAAQ;sBACI,sBAAsB;0BAClB,wBAAwB;;;MAG5C,QAAQ,MAAM,
|
|
1
|
+
{"version":3,"file":"AuthorizationCodeClient.d.ts","sourceRoot":"","sources":["../lib/AuthorizationCodeClient.ts"],"names":[],"mappings":"AAAA,OAAO,EAEL,wBAAwB,EAGxB,iCAAiC,EACjC,mBAAmB,EACnB,sBAAsB,EAGtB,QAAQ,EAGT,MAAM,0BAA0B,CAAC;AAGlC,eAAO,MAAM,6BAA6B;UAOlC,QAAQ;sBACI,sBAAsB;0BAClB,wBAAwB;;;MAG5C,QAAQ,MAAM,CAqFjB,CAAC"}
|
|
@@ -53,7 +53,7 @@ const createAuthorizationRequestUrl = ({ pkce, endpointMetadata, authorizationRe
|
|
|
53
53
|
let queryObj = Object.assign(Object.assign({ response_type: oid4vci_common_1.ResponseType.AUTH_CODE }, (!pkce.disabled && {
|
|
54
54
|
code_challenge_method: (_d = pkce.codeChallengeMethod) !== null && _d !== void 0 ? _d : oid4vci_common_1.CodeChallengeMethod.S256,
|
|
55
55
|
code_challenge: pkce.codeChallenge,
|
|
56
|
-
})), { authorization_details: JSON.stringify(handleAuthorizationDetails(endpointMetadata, authorizationDetails)), redirect_uri: redirectUri, scope
|
|
56
|
+
})), { authorization_details: JSON.stringify(handleAuthorizationDetails(endpointMetadata, authorizationDetails)), redirect_uri: redirectUri, scope });
|
|
57
57
|
if (authorizationRequest.clientId) {
|
|
58
58
|
queryObj['client_id'] = authorizationRequest.clientId;
|
|
59
59
|
}
|
|
@@ -64,15 +64,19 @@ const createAuthorizationRequestUrl = ({ pkce, endpointMetadata, authorizationRe
|
|
|
64
64
|
throw Error(`PAR mode is set to required by Authorization Server does not support PAR!`);
|
|
65
65
|
}
|
|
66
66
|
else if (parEndpoint && parMode !== oid4vci_common_1.PARMode.NEVER) {
|
|
67
|
+
console.log(`USING PAR with endpoint ${parEndpoint}`);
|
|
67
68
|
const parResponse = yield (0, oid4vci_common_2.formPost)(parEndpoint, new URLSearchParams(queryObj));
|
|
68
69
|
if (parResponse.errorBody || !parResponse.successBody) {
|
|
69
70
|
throw Error(`PAR error`);
|
|
70
71
|
}
|
|
72
|
+
console.log(`PAR response: ${(parResponse.successBody, null, 2)}`);
|
|
71
73
|
queryObj = { request_uri: parResponse.successBody.request_uri };
|
|
72
74
|
}
|
|
75
|
+
console.log(`QUERY obj: ` + JSON.stringify(queryObj, null, 2));
|
|
73
76
|
const url = (0, oid4vci_common_1.convertJsonToURI)(queryObj, {
|
|
74
77
|
baseUrl: endpointMetadata.authorization_endpoint,
|
|
75
|
-
uriTypeProperties: ['request_uri', 'redirect_uri', 'scope', 'authorization_details', 'issuer_state'],
|
|
78
|
+
uriTypeProperties: ['client_id', 'request_uri', 'redirect_uri', 'scope', 'authorization_details', 'issuer_state'],
|
|
79
|
+
// arrayTypeProperties: ['authorization_details'],
|
|
76
80
|
mode: oid4vci_common_1.JsonURIMode.X_FORM_WWW_URLENCODED,
|
|
77
81
|
// We do not add the version here, as this always needs to be form encoded
|
|
78
82
|
});
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"AuthorizationCodeClient.js","sourceRoot":"","sources":["../lib/AuthorizationCodeClient.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,6DAakC;AAClC,6DAAoD;AAE7C,MAAM,6BAA6B,GAAG,CAAO,EAClD,IAAI,EACJ,gBAAgB,EAChB,oBAAoB,EACpB,eAAe,EACf,oBAAoB,GAOrB,EAAmB,EAAE;;IACpB,MAAM,EAAE,WAAW,EAAE,GAAG,oBAAoB,CAAC;IAC7C,IAAI,EAAE,KAAK,EAAE,oBAAoB,EAAE,GAAG,oBAAoB,CAAC;IAC3D,MAAM,OAAO,GAAG,CAAA,MAAA,gBAAgB,aAAhB,gBAAgB,uBAAhB,gBAAgB,CAAE,wBAAwB,0CAAE,qCAAqC;QAC/F,CAAC,CAAC,wBAAO,CAAC,OAAO;QACjB,CAAC,CAAC,MAAA,oBAAoB,CAAC,OAAO,mCAAI,wBAAO,CAAC,IAAI,CAAC;IACjD,gFAAgF;IAChF,iGAAiG;IACjG,IAAI,CAAC,KAAK,IAAI,CAAC,oBAAoB,EAAE,CAAC;QACpC,IAAI,CAAC,eAAe,EAAE,CAAC;YACrB,MAAM,KAAK,CAAC,mFAAmF,CAAC,CAAC;QACnG,CAAC;QACD,MAAM,KAAK,GAAG,eAAe,CAAC,gBAAgB,CAAC,WAAW,CAAC;QAE3D,wCAAwC;QACxC,6DAA6D;QAC7D,aAAa;QACb,oBAAoB,GAAG,KAAK;aACzB,OAAO,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,OAAO,IAAI,KAAK,QAAQ,CAAC,CAAC,CAAC,oBAAoB,CAAC,CAAC,CAAE,IAA4B,CAAC,CAAC;aACpG,MAAM,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC;aACxB,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE;YACZ,OAAO,gCACF,IAAI,KACP,IAAI,EAAE,mBAAmB,EACzB,SAAS,EAAE,CAAC,gBAAgB,CAAC,MAAM,CAAC;gBAEpC,6DAA6D;gBAC7D,aAAa;gBACb,MAAM,EAAE,IAAK,CAAC,MAAM,GACU,CAAC;QACnC,CAAC,CAAC,CAAC;QACL,IAAI,CAAC,oBAAoB,IAAI,oBAAoB,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC/D,MAAM,KAAK,CAAC,+FAA+F,CAAC,CAAC;QAC/G,CAAC;IACH,CAAC;IACD,IAAI,CAAC,CAAA,gBAAgB,aAAhB,gBAAgB,uBAAhB,gBAAgB,CAAE,sBAAsB,CAAA,EAAE,CAAC;QAC9C,MAAM,KAAK,CAAC,yDAAyD,CAAC,CAAC;IACzE,CAAC;IACD,MAAM,WAAW,GAAG,MAAA,gBAAgB,CAAC,wBAAwB,0CAAE,qCAAqC,CAAC;IAErG,oCAAoC;IACpC,IAAI,CAAC,CAAA,KAAK,aAAL,KAAK,uBAAL,KAAK,CAAE,QAAQ,CAAC,QAAQ,CAAC,CAAA,EAAE,CAAC;QAC/B,KAAK,GAAG,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IACzD,CAAC;IAED,IAAI,QAAQ,iCACV,aAAa,EAAE,6BAAY,CAAC,SAAS,IAClC,CAAC,CAAC,IAAI,CAAC,QAAQ,IAAI;QACpB,qBAAqB,EAAE,MAAA,IAAI,CAAC,mBAAmB,mCAAI,oCAAmB,CAAC,IAAI;QAC3E,cAAc,EAAE,IAAI,CAAC,aAAa;KACnC,CAAC,KACF,qBAAqB,EAAE,IAAI,CAAC,SAAS,CAAC,0BAA0B,CAAC,gBAAgB,EAAE,oBAAoB,CAAC,CAAC,EACzG,YAAY,EAAE,WAAW,EACzB,KAAK,
|
|
1
|
+
{"version":3,"file":"AuthorizationCodeClient.js","sourceRoot":"","sources":["../lib/AuthorizationCodeClient.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,6DAakC;AAClC,6DAAoD;AAE7C,MAAM,6BAA6B,GAAG,CAAO,EAClD,IAAI,EACJ,gBAAgB,EAChB,oBAAoB,EACpB,eAAe,EACf,oBAAoB,GAOrB,EAAmB,EAAE;;IACpB,MAAM,EAAE,WAAW,EAAE,GAAG,oBAAoB,CAAC;IAC7C,IAAI,EAAE,KAAK,EAAE,oBAAoB,EAAE,GAAG,oBAAoB,CAAC;IAC3D,MAAM,OAAO,GAAG,CAAA,MAAA,gBAAgB,aAAhB,gBAAgB,uBAAhB,gBAAgB,CAAE,wBAAwB,0CAAE,qCAAqC;QAC/F,CAAC,CAAC,wBAAO,CAAC,OAAO;QACjB,CAAC,CAAC,MAAA,oBAAoB,CAAC,OAAO,mCAAI,wBAAO,CAAC,IAAI,CAAC;IACjD,gFAAgF;IAChF,iGAAiG;IACjG,IAAI,CAAC,KAAK,IAAI,CAAC,oBAAoB,EAAE,CAAC;QACpC,IAAI,CAAC,eAAe,EAAE,CAAC;YACrB,MAAM,KAAK,CAAC,mFAAmF,CAAC,CAAC;QACnG,CAAC;QACD,MAAM,KAAK,GAAG,eAAe,CAAC,gBAAgB,CAAC,WAAW,CAAC;QAE3D,wCAAwC;QACxC,6DAA6D;QAC7D,aAAa;QACb,oBAAoB,GAAG,KAAK;aACzB,OAAO,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,OAAO,IAAI,KAAK,QAAQ,CAAC,CAAC,CAAC,oBAAoB,CAAC,CAAC,CAAE,IAA4B,CAAC,CAAC;aACpG,MAAM,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC;aACxB,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE;YACZ,OAAO,gCACF,IAAI,KACP,IAAI,EAAE,mBAAmB,EACzB,SAAS,EAAE,CAAC,gBAAgB,CAAC,MAAM,CAAC;gBAEpC,6DAA6D;gBAC7D,aAAa;gBACb,MAAM,EAAE,IAAK,CAAC,MAAM,GACU,CAAC;QACnC,CAAC,CAAC,CAAC;QACL,IAAI,CAAC,oBAAoB,IAAI,oBAAoB,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC/D,MAAM,KAAK,CAAC,+FAA+F,CAAC,CAAC;QAC/G,CAAC;IACH,CAAC;IACD,IAAI,CAAC,CAAA,gBAAgB,aAAhB,gBAAgB,uBAAhB,gBAAgB,CAAE,sBAAsB,CAAA,EAAE,CAAC;QAC9C,MAAM,KAAK,CAAC,yDAAyD,CAAC,CAAC;IACzE,CAAC;IACD,MAAM,WAAW,GAAG,MAAA,gBAAgB,CAAC,wBAAwB,0CAAE,qCAAqC,CAAC;IAErG,oCAAoC;IACpC,IAAI,CAAC,CAAA,KAAK,aAAL,KAAK,uBAAL,KAAK,CAAE,QAAQ,CAAC,QAAQ,CAAC,CAAA,EAAE,CAAC;QAC/B,KAAK,GAAG,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IACzD,CAAC;IAED,IAAI,QAAQ,iCACV,aAAa,EAAE,6BAAY,CAAC,SAAS,IAClC,CAAC,CAAC,IAAI,CAAC,QAAQ,IAAI;QACpB,qBAAqB,EAAE,MAAA,IAAI,CAAC,mBAAmB,mCAAI,oCAAmB,CAAC,IAAI;QAC3E,cAAc,EAAE,IAAI,CAAC,aAAa;KACnC,CAAC,KACF,qBAAqB,EAAE,IAAI,CAAC,SAAS,CAAC,0BAA0B,CAAC,gBAAgB,EAAE,oBAAoB,CAAC,CAAC,EACzG,YAAY,EAAE,WAAW,EACzB,KAAK,GACN,CAAC;IAEF,IAAI,oBAAoB,CAAC,QAAQ,EAAE,CAAC;QAClC,QAAQ,CAAC,WAAW,CAAC,GAAG,oBAAoB,CAAC,QAAQ,CAAC;IACxD,CAAC;IAED,IAAI,eAAe,aAAf,eAAe,uBAAf,eAAe,CAAE,WAAW,EAAE,CAAC;QACjC,QAAQ,CAAC,cAAc,CAAC,GAAG,eAAe,CAAC,WAAW,CAAC;IACzD,CAAC;IACD,IAAI,CAAC,WAAW,IAAI,OAAO,KAAK,wBAAO,CAAC,OAAO,EAAE,CAAC;QAChD,MAAM,KAAK,CAAC,2EAA2E,CAAC,CAAC;IAC3F,CAAC;SAAM,IAAI,WAAW,IAAI,OAAO,KAAK,wBAAO,CAAC,KAAK,EAAE,CAAC;QACpD,OAAO,CAAC,GAAG,CAAC,2BAA2B,WAAW,EAAE,CAAC,CAAC;QACtD,MAAM,WAAW,GAAG,MAAM,IAAA,yBAAQ,EAA8B,WAAW,EAAE,IAAI,eAAe,CAAC,QAAQ,CAAC,CAAC,CAAC;QAC5G,IAAI,WAAW,CAAC,SAAS,IAAI,CAAC,WAAW,CAAC,WAAW,EAAE,CAAC;YACtD,MAAM,KAAK,CAAC,WAAW,CAAC,CAAC;QAC3B,CAAC;QACD,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAC,WAAW,CAAC,WAAW,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC;QACnE,QAAQ,GAAG,EAAE,WAAW,EAAE,WAAW,CAAC,WAAW,CAAC,WAAW,EAAE,CAAC;IAClE,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,aAAa,GAAG,IAAI,CAAC,SAAS,CAAC,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;IAC/D,MAAM,GAAG,GAAG,IAAA,iCAAgB,EAAC,QAAQ,EAAE;QACrC,OAAO,EAAE,gBAAgB,CAAC,sBAAsB;QAChD,iBAAiB,EAAE,CAAC,WAAW,EAAE,aAAa,EAAE,cAAc,EAAE,OAAO,EAAE,uBAAuB,EAAG,cAAc,CAAC;QAClH,kDAAkD;QAClD,IAAI,EAAE,4BAAW,CAAC,qBAAqB;QACvC,0EAA0E;KAC3E,CAAC,CAAC;IACH,OAAO,CAAC,GAAG,CAAC,8BAA8B,GAAG,EAAE,CAAC,CAAC;IACjD,OAAO,GAAG,CAAC;AACb,CAAC,CAAA,CAAC;AAjGW,QAAA,6BAA6B,iCAiGxC;AAEF,MAAM,0BAA0B,GAAG,CACjC,gBAAwC,EACxC,oBAAoE,EACT,EAAE;IAC7D,IAAI,oBAAoB,EAAE,CAAC;QACzB,IAAI,OAAO,oBAAoB,KAAK,QAAQ,EAAE,CAAC;YAC7C,iDAAiD;YACjD,OAAO,oBAAoB,CAAC;QAC9B,CAAC;QACD,IAAI,KAAK,CAAC,OAAO,CAAC,oBAAoB,CAAC,EAAE,CAAC;YACxC,OAAO,oBAAoB;iBACxB,MAAM,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,OAAO,KAAK,KAAK,QAAQ,CAAC;iBAC5C,GAAG,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,eAAe,CAAC,gBAAgB,EAAE,OAAO,KAAK,KAAK,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,mBAAM,KAAK,CAAE,CAAC,CAAC,CAAC;QACzG,CAAC;aAAM,CAAC;YACN,OAAO,eAAe,CAAC,gBAAgB,oBAAO,oBAAoB,EAAG,CAAC;QACxE,CAAC;IACH,CAAC;IACD,OAAO,oBAAoB,CAAC;AAC9B,CAAC,CAAC;AAEF,MAAM,eAAe,GAAG,CAAC,gBAAwC,EAAE,oBAA0C,EAAE,EAAE;;IAC/G,IAAI,OAAO,oBAAoB,KAAK,QAAQ,EAAE,CAAC;QAC7C,iDAAiD;QACjD,OAAO,oBAAoB,CAAC;IAC9B,CAAC;IACD,IAAI,oBAAoB,IAAI,CAAC,CAAA,MAAA,gBAAgB,CAAC,wBAAwB,0CAAE,oBAAoB,KAAI,gBAAgB,CAAC,sBAAsB,CAAC,EAAE,CAAC;QACzI,IAAI,oBAAoB,CAAC,SAAS,EAAE,CAAC;YACnC,IAAI,KAAK,CAAC,OAAO,CAAC,oBAAoB,CAAC,SAAS,CAAC,EAAE,CAAC;gBAClD,oBAAoB,CAAC,SAAS,CAAC,IAAI,CAAC,gBAAgB,CAAC,MAAM,CAAC,CAAC;YAC/D,CAAC;iBAAM,CAAC;gBACN,oBAAoB,CAAC,SAAS,GAAG,CAAC,oBAAoB,CAAC,SAAmB,EAAE,gBAAgB,CAAC,MAAM,CAAC,CAAC;YACvG,CAAC;QACH,CAAC;aAAM,CAAC;YACN,oBAAoB,CAAC,SAAS,GAAG,CAAC,gBAAgB,CAAC,MAAM,CAAC,CAAC;QAC7D,CAAC;IACH,CAAC;IACD,OAAO,oBAAoB,CAAC;AAC9B,CAAC,CAAC"}
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import { AccessTokenResponse, Alg, AuthorizationRequestOpts, AuthzFlowType, CredentialOfferRequestWithBaseUrl, CredentialResponse, CredentialSupported, EndpointMetadataResult, JWK, OID4VCICredentialFormat, OpenId4VCIVersion, PKCEOpts, ProofOfPossessionCallbacks } from '@sphereon/oid4vci-common';
|
|
1
|
+
import { AccessTokenResponse, Alg, AuthorizationRequestOpts, AuthorizationResponse, AuthzFlowType, CredentialOfferRequestWithBaseUrl, CredentialResponse, CredentialSupported, EndpointMetadataResult, JWK, OID4VCICredentialFormat, OpenId4VCIVersion, PKCEOpts, ProofOfPossessionCallbacks } from '@sphereon/oid4vci-common';
|
|
2
2
|
import { CredentialFormat } from '@sphereon/ssi-types';
|
|
3
3
|
export declare class OpenID4VCIClient {
|
|
4
4
|
private readonly _credentialOffer?;
|
|
@@ -13,7 +13,7 @@ export declare class OpenID4VCIClient {
|
|
|
13
13
|
private _authorizationRequestOpts?;
|
|
14
14
|
private _authorizationURL?;
|
|
15
15
|
private constructor();
|
|
16
|
-
static fromCredentialIssuer({ kid, alg, retrieveServerMetadata, clientId, credentialIssuer, pkce, authorizationRequest, createAuthorizationRequestURL
|
|
16
|
+
static fromCredentialIssuer({ kid, alg, retrieveServerMetadata, clientId, credentialIssuer, pkce, authorizationRequest, createAuthorizationRequestURL }: {
|
|
17
17
|
credentialIssuer: string;
|
|
18
18
|
kid?: string;
|
|
19
19
|
alg?: Alg | string;
|
|
@@ -23,7 +23,7 @@ export declare class OpenID4VCIClient {
|
|
|
23
23
|
authorizationRequest?: AuthorizationRequestOpts;
|
|
24
24
|
pkce?: PKCEOpts;
|
|
25
25
|
}): Promise<OpenID4VCIClient>;
|
|
26
|
-
static fromURI({ uri, kid, alg, retrieveServerMetadata, clientId, pkce, createAuthorizationRequestURL, authorizationRequest, resolveOfferUri
|
|
26
|
+
static fromURI({ uri, kid, alg, retrieveServerMetadata, clientId, pkce, createAuthorizationRequestURL, authorizationRequest, resolveOfferUri }: {
|
|
27
27
|
uri: string;
|
|
28
28
|
kid?: string;
|
|
29
29
|
alg?: Alg | string;
|
|
@@ -34,6 +34,12 @@ export declare class OpenID4VCIClient {
|
|
|
34
34
|
clientId?: string;
|
|
35
35
|
authorizationRequest?: AuthorizationRequestOpts;
|
|
36
36
|
}): Promise<OpenID4VCIClient>;
|
|
37
|
+
/**
|
|
38
|
+
* Allows you to create an Authorization Request URL when using an Authorization Code flow. This URL needs to be accessed using the front channel (browser)
|
|
39
|
+
*
|
|
40
|
+
* The Identity provider would present a login screen typically; after you authenticated, it would redirect to the provided redirectUri; which can be same device or cross-device
|
|
41
|
+
* @param opts
|
|
42
|
+
*/
|
|
37
43
|
createAuthorizationRequestUrl(opts?: {
|
|
38
44
|
authorizationRequest?: AuthorizationRequestOpts;
|
|
39
45
|
pkce?: PKCEOpts;
|
|
@@ -44,10 +50,11 @@ export declare class OpenID4VCIClient {
|
|
|
44
50
|
pin?: string;
|
|
45
51
|
clientId?: string;
|
|
46
52
|
codeVerifier?: string;
|
|
53
|
+
authorizationResponse?: string | AuthorizationResponse;
|
|
47
54
|
code?: string;
|
|
48
55
|
redirectUri?: string;
|
|
49
56
|
}): Promise<AccessTokenResponse>;
|
|
50
|
-
acquireCredentials({ credentialTypes, proofCallbacks, format, kid, jwk, alg, jti, deferredCredentialAwait, deferredCredentialIntervalInMS
|
|
57
|
+
acquireCredentials({ credentialTypes, proofCallbacks, format, kid, jwk, alg, jti, deferredCredentialAwait, deferredCredentialIntervalInMS }: {
|
|
51
58
|
credentialTypes: string | string[];
|
|
52
59
|
proofCallbacks: ProofOfPossessionCallbacks<any>;
|
|
53
60
|
format?: CredentialFormat | OID4VCICredentialFormat;
|
|
@@ -70,6 +77,7 @@ export declare class OpenID4VCIClient {
|
|
|
70
77
|
get kid(): string;
|
|
71
78
|
get alg(): string;
|
|
72
79
|
get clientId(): string | undefined;
|
|
80
|
+
hasAccessTokenResponse(): boolean;
|
|
73
81
|
get accessTokenResponse(): AccessTokenResponse;
|
|
74
82
|
getIssuer(): string;
|
|
75
83
|
getAccessTokenEndpoint(): string;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"OpenID4VCIClient.d.ts","sourceRoot":"","sources":["../lib/OpenID4VCIClient.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,mBAAmB,EACnB,GAAG,EACH,wBAAwB,EACxB,aAAa,EAGb,iCAAiC,EACjC,kBAAkB,EAClB,mBAAmB,EACnB,sBAAsB,EAKtB,GAAG,EAEH,uBAAuB,EACvB,iBAAiB,EACjB,QAAQ,EACR,0BAA0B,
|
|
1
|
+
{"version":3,"file":"OpenID4VCIClient.d.ts","sourceRoot":"","sources":["../lib/OpenID4VCIClient.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,mBAAmB,EACnB,GAAG,EACH,wBAAwB,EACxB,qBAAqB,EACrB,aAAa,EAGb,iCAAiC,EACjC,kBAAkB,EAClB,mBAAmB,EACnB,sBAAsB,EAKtB,GAAG,EAEH,uBAAuB,EACvB,iBAAiB,EACjB,QAAQ,EACR,0BAA0B,EAE3B,MAAM,0BAA0B,CAAA;AACjC,OAAO,EAAE,gBAAgB,EAAE,MAAM,qBAAqB,CAAA;AAatD,qBAAa,gBAAgB;IAC3B,OAAO,CAAC,QAAQ,CAAC,gBAAgB,CAAC,CAAmC;IACrE,OAAO,CAAC,QAAQ,CAAC,iBAAiB,CAAQ;IAC1C,OAAO,CAAC,SAAS,CAAC,CAAQ;IAC1B,OAAO,CAAC,IAAI,CAAoB;IAChC,OAAO,CAAC,IAAI,CAAiB;IAC7B,OAAO,CAAC,IAAI,CAA0B;IACtC,OAAO,CAAC,iBAAiB,CAAoC;IAC7D,OAAO,CAAC,oBAAoB,CAAiC;IAC7D,OAAO,CAAC,KAAK,CAA+E;IAC5F,OAAO,CAAC,yBAAyB,CAAC,CAA0B;IAE5D,OAAO,CAAC,iBAAiB,CAAC,CAAQ;IAElC,OAAO;WA+Ba,oBAAoB,CAAC,EACE,GAAG,EACH,GAAG,EACH,sBAAsB,EACtB,QAAQ,EACR,gBAAgB,EAChB,IAAI,EACJ,oBAAoB,EACpB,6BAA6B,EAC9B,EAAE;QAC1C,gBAAgB,EAAE,MAAM,CAAC;QACzB,GAAG,CAAC,EAAE,MAAM,CAAC;QACb,GAAG,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC;QACnB,sBAAsB,CAAC,EAAE,OAAO,CAAC;QACjC,QAAQ,CAAC,EAAE,MAAM,CAAC;QAClB,6BAA6B,CAAC,EAAE,OAAO,CAAC;QACxC,oBAAoB,CAAC,EAAE,wBAAwB,CAAC;QAChD,IAAI,CAAC,EAAE,QAAQ,CAAC;KACjB;WAkBmB,OAAO,CAAC,EACE,GAAG,EACH,GAAG,EACH,GAAG,EACH,sBAAsB,EACtB,QAAQ,EACR,IAAI,EACJ,6BAA6B,EAC7B,oBAAoB,EACpB,eAAe,EAChB,EAAE;QAC7B,GAAG,EAAE,MAAM,CAAC;QACZ,GAAG,CAAC,EAAE,MAAM,CAAC;QACb,GAAG,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC;QACnB,sBAAsB,CAAC,EAAE,OAAO,CAAC;QACjC,6BAA6B,CAAC,EAAE,OAAO,CAAC;QACxC,eAAe,CAAC,EAAE,OAAO,CAAC;QAC1B,IAAI,CAAC,EAAE,QAAQ,CAAC;QAChB,QAAQ,CAAC,EAAE,MAAM,CAAC;QAClB,oBAAoB,CAAC,EAAE,wBAAwB,CAAC;KACjD,GAAG,OAAO,CAAC,gBAAgB,CAAC;IA0B7B;;;;;OAKG;IACU,6BAA6B,CAAC,IAAI,CAAC,EAAE;QAAE,oBAAoB,CAAC,EAAE,wBAAwB,CAAC;QAAC,IAAI,CAAC,EAAE,QAAQ,CAAA;KAAE,GAAG,OAAO,CAAC,MAAM,CAAC;IAwB3H,sBAAsB,IAAI,OAAO,CAAC,sBAAsB,CAAC;IActE,OAAO,CAAC,iBAAiB;IAIZ,kBAAkB,CAAC,IAAI,CAAC,EAAE;QACrC,GAAG,CAAC,EAAE,MAAM,CAAC;QACb,QAAQ,CAAC,EAAE,MAAM,CAAC;QAClB,YAAY,CAAC,EAAE,MAAM,CAAC;QACtB,qBAAqB,CAAC,EAAE,MAAM,GAAG,qBAAqB,CAAC;QACvD,IAAI,CAAC,EAAE,MAAM,CAAC;QACd,WAAW,CAAC,EAAE,MAAM,CAAC;KACtB,GAAG,OAAO,CAAC,mBAAmB,CAAC;IA8CnB,kBAAkB,CAAC,EACE,eAAe,EACf,cAAc,EACd,MAAM,EACN,GAAG,EACH,GAAG,EACH,GAAG,EACH,GAAG,EACH,uBAAuB,EACvB,8BAA8B,EAC/B,EAAE;QACjC,eAAe,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;QACnC,cAAc,EAAE,0BAA0B,CAAC,GAAG,CAAC,CAAC;QAChD,MAAM,CAAC,EAAE,gBAAgB,GAAG,uBAAuB,CAAC;QACpD,GAAG,CAAC,EAAE,MAAM,CAAC;QACb,GAAG,CAAC,EAAE,GAAG,CAAC;QACV,GAAG,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC;QACnB,GAAG,CAAC,EAAE,MAAM,CAAC;QACb,uBAAuB,CAAC,EAAE,OAAO,CAAC;QAClC,8BAA8B,CAAC,EAAE,MAAM,CAAC;KACzC,GAAG,OAAO,CAAC,kBAAkB,CAAC;IAoG/B,uBAAuB,CACrB,yBAAyB,EAAE,OAAO,EAClC,MAAM,CAAC,EAAE,CAAC,uBAAuB,GAAG,MAAM,CAAC,GAAG,CAAC,uBAAuB,GAAG,MAAM,CAAC,EAAE,GACjF,mBAAmB,EAAE;IASxB,uBAAuB,IAAI,MAAM,EAAE,EAAE;IAwBrC,wBAAwB,IAAI,aAAa,EAAE;IAO3C,mBAAmB,CAAC,QAAQ,EAAE,aAAa,GAAG,OAAO;IAIrD,IAAI,gBAAgB,IAAI,MAAM,GAAG,SAAS,CAEzC;IAEM,mBAAmB,IAAI,OAAO;IAIrC,IAAI,eAAe,IAAI,iCAAiC,GAAG,SAAS,CAEnE;IAEM,OAAO,IAAI,iBAAiB;IAInC,IAAW,gBAAgB,IAAI,sBAAsB,CAIpD;IAED,IAAI,GAAG,IAAI,MAAM,CAMhB;IAED,IAAI,GAAG,IAAI,MAAM,CAMhB;IAED,IAAI,QAAQ,IAAI,MAAM,GAAG,SAAS,CAEjC;IAEM,sBAAsB,IAAI,OAAO;IAIxC,IAAI,mBAAmB,IAAI,mBAAmB,CAI7C;IAEM,SAAS,IAAI,MAAM;IAKnB,sBAAsB,IAAI,MAAM;IAOhC,qBAAqB,IAAI,MAAM;IAK/B,6BAA6B,IAAI,OAAO;IAIxC,6BAA6B,IAAI,MAAM;IAK9C,OAAO,CAAC,gBAAgB;IAQxB,OAAO,CAAC,oBAAoB;IAM5B,OAAO,CAAC,iBAAiB;IAMzB,OAAO,CAAC,4BAA4B;CAcrC"}
|
package/dist/OpenID4VCIClient.js
CHANGED
|
@@ -24,7 +24,7 @@ const ProofOfPossessionBuilder_1 = require("./ProofOfPossessionBuilder");
|
|
|
24
24
|
const AuthorizationUtil_1 = require("./functions/AuthorizationUtil");
|
|
25
25
|
const debug = (0, debug_1.default)('sphereon:oid4vci');
|
|
26
26
|
class OpenID4VCIClient {
|
|
27
|
-
constructor({ credentialOffer, clientId, kid, alg, credentialIssuer, pkce, authorizationRequest
|
|
27
|
+
constructor({ credentialOffer, clientId, kid, alg, credentialIssuer, pkce, authorizationRequest }) {
|
|
28
28
|
this._pkce = { disabled: false, codeChallengeMethod: oid4vci_common_1.CodeChallengeMethod.S256 };
|
|
29
29
|
this._credentialOffer = credentialOffer;
|
|
30
30
|
const issuer = credentialIssuer !== null && credentialIssuer !== void 0 ? credentialIssuer : (credentialOffer ? (0, oid4vci_common_1.getIssuerFromCredentialOfferPayload)(credentialOffer.credential_offer) : undefined);
|
|
@@ -37,8 +37,9 @@ class OpenID4VCIClient {
|
|
|
37
37
|
this._clientId = clientId !== null && clientId !== void 0 ? clientId : (credentialOffer ? (0, oid4vci_common_1.getClientIdFromCredentialOfferPayload)(credentialOffer.credential_offer) : undefined);
|
|
38
38
|
this._pkce = Object.assign(Object.assign({}, this._pkce), pkce);
|
|
39
39
|
this._authorizationRequestOpts = this.syncAuthorizationRequestOpts(authorizationRequest);
|
|
40
|
+
console.log(`Authorization req options: ${JSON.stringify(this._authorizationRequestOpts, null, 2)}`);
|
|
40
41
|
}
|
|
41
|
-
static fromCredentialIssuer({ kid, alg, retrieveServerMetadata, clientId, credentialIssuer, pkce, authorizationRequest, createAuthorizationRequestURL
|
|
42
|
+
static fromCredentialIssuer({ kid, alg, retrieveServerMetadata, clientId, credentialIssuer, pkce, authorizationRequest, createAuthorizationRequestURL }) {
|
|
42
43
|
return __awaiter(this, void 0, void 0, function* () {
|
|
43
44
|
const client = new OpenID4VCIClient({
|
|
44
45
|
kid,
|
|
@@ -46,7 +47,7 @@ class OpenID4VCIClient {
|
|
|
46
47
|
clientId: clientId !== null && clientId !== void 0 ? clientId : authorizationRequest === null || authorizationRequest === void 0 ? void 0 : authorizationRequest.clientId,
|
|
47
48
|
credentialIssuer,
|
|
48
49
|
pkce,
|
|
49
|
-
authorizationRequest
|
|
50
|
+
authorizationRequest
|
|
50
51
|
});
|
|
51
52
|
if (retrieveServerMetadata === undefined || retrieveServerMetadata) {
|
|
52
53
|
yield client.retrieveServerMetadata();
|
|
@@ -57,7 +58,7 @@ class OpenID4VCIClient {
|
|
|
57
58
|
return client;
|
|
58
59
|
});
|
|
59
60
|
}
|
|
60
|
-
static fromURI({ uri, kid, alg, retrieveServerMetadata, clientId, pkce, createAuthorizationRequestURL, authorizationRequest, resolveOfferUri
|
|
61
|
+
static fromURI({ uri, kid, alg, retrieveServerMetadata, clientId, pkce, createAuthorizationRequestURL, authorizationRequest, resolveOfferUri }) {
|
|
61
62
|
var _a;
|
|
62
63
|
return __awaiter(this, void 0, void 0, function* () {
|
|
63
64
|
const credentialOfferClient = yield CredentialOfferClient_1.CredentialOfferClient.fromURI(uri, { resolve: resolveOfferUri });
|
|
@@ -67,7 +68,7 @@ class OpenID4VCIClient {
|
|
|
67
68
|
alg,
|
|
68
69
|
clientId: (_a = clientId !== null && clientId !== void 0 ? clientId : authorizationRequest === null || authorizationRequest === void 0 ? void 0 : authorizationRequest.clientId) !== null && _a !== void 0 ? _a : credentialOfferClient.clientId,
|
|
69
70
|
pkce,
|
|
70
|
-
authorizationRequest
|
|
71
|
+
authorizationRequest
|
|
71
72
|
});
|
|
72
73
|
if (retrieveServerMetadata === undefined || retrieveServerMetadata) {
|
|
73
74
|
yield client.retrieveServerMetadata();
|
|
@@ -81,6 +82,12 @@ class OpenID4VCIClient {
|
|
|
81
82
|
return client;
|
|
82
83
|
});
|
|
83
84
|
}
|
|
85
|
+
/**
|
|
86
|
+
* Allows you to create an Authorization Request URL when using an Authorization Code flow. This URL needs to be accessed using the front channel (browser)
|
|
87
|
+
*
|
|
88
|
+
* The Identity provider would present a login screen typically; after you authenticated, it would redirect to the provided redirectUri; which can be same device or cross-device
|
|
89
|
+
* @param opts
|
|
90
|
+
*/
|
|
84
91
|
createAuthorizationRequestUrl(opts) {
|
|
85
92
|
var _a;
|
|
86
93
|
return __awaiter(this, void 0, void 0, function* () {
|
|
@@ -92,8 +99,7 @@ class OpenID4VCIClient {
|
|
|
92
99
|
}
|
|
93
100
|
// todo: Probably can go with current logic in MetadataClient who will always set the authorization_endpoint when found
|
|
94
101
|
// handling this because of the support for v1_0-08
|
|
95
|
-
if (((_a = this._endpointMetadata) === null || _a === void 0 ? void 0 : _a.credentialIssuerMetadata) &&
|
|
96
|
-
'authorization_endpoint' in this._endpointMetadata.credentialIssuerMetadata) {
|
|
102
|
+
if (((_a = this._endpointMetadata) === null || _a === void 0 ? void 0 : _a.credentialIssuerMetadata) && 'authorization_endpoint' in this._endpointMetadata.credentialIssuerMetadata) {
|
|
97
103
|
this._endpointMetadata.authorization_endpoint = this._endpointMetadata.credentialIssuerMetadata.authorization_endpoint;
|
|
98
104
|
}
|
|
99
105
|
this._authorizationURL = yield (0, AuthorizationCodeClient_1.createAuthorizationRequestUrl)({
|
|
@@ -101,7 +107,7 @@ class OpenID4VCIClient {
|
|
|
101
107
|
endpointMetadata: this.endpointMetadata,
|
|
102
108
|
authorizationRequest: this._authorizationRequestOpts,
|
|
103
109
|
credentialOffer: this.credentialOffer,
|
|
104
|
-
credentialsSupported: this.getCredentialsSupported(true)
|
|
110
|
+
credentialsSupported: this.getCredentialsSupported(true)
|
|
105
111
|
});
|
|
106
112
|
}
|
|
107
113
|
return this._authorizationURL;
|
|
@@ -128,9 +134,10 @@ class OpenID4VCIClient {
|
|
|
128
134
|
this._pkce = (0, AuthorizationUtil_1.generateMissingPKCEOpts)(Object.assign(Object.assign({}, this._pkce), pkce));
|
|
129
135
|
}
|
|
130
136
|
acquireAccessToken(opts) {
|
|
131
|
-
var _a, _b;
|
|
137
|
+
var _a, _b, _c;
|
|
132
138
|
return __awaiter(this, void 0, void 0, function* () {
|
|
133
|
-
const { pin, clientId,
|
|
139
|
+
const { pin, clientId, redirectUri } = opts !== null && opts !== void 0 ? opts : {};
|
|
140
|
+
const code = (_a = opts === null || opts === void 0 ? void 0 : opts.code) !== null && _a !== void 0 ? _a : ((opts === null || opts === void 0 ? void 0 : opts.authorizationResponse) ? (0, oid4vci_common_1.toAuthorizationResponsePayload)(opts.authorizationResponse).code : undefined);
|
|
134
141
|
if (opts === null || opts === void 0 ? void 0 : opts.codeVerifier) {
|
|
135
142
|
this._pkce.codeVerifier = opts.codeVerifier;
|
|
136
143
|
}
|
|
@@ -144,18 +151,18 @@ class OpenID4VCIClient {
|
|
|
144
151
|
redirectUri, asOpts: { clientId } }));
|
|
145
152
|
if (response.errorBody) {
|
|
146
153
|
debug(`Access token error:\r\n${response.errorBody}`);
|
|
147
|
-
throw Error(`Retrieving an access token from ${(
|
|
154
|
+
throw Error(`Retrieving an access token from ${(_b = this._endpointMetadata) === null || _b === void 0 ? void 0 : _b.token_endpoint} for issuer ${this.getIssuer()} failed with status: ${response.origResponse.status}`);
|
|
148
155
|
}
|
|
149
156
|
else if (!response.successBody) {
|
|
150
157
|
debug(`Access token error. No success body`);
|
|
151
|
-
throw Error(`Retrieving an access token from ${(
|
|
158
|
+
throw Error(`Retrieving an access token from ${(_c = this._endpointMetadata) === null || _c === void 0 ? void 0 : _c.token_endpoint} for issuer ${this.getIssuer()} failed as there was no success response body`);
|
|
152
159
|
}
|
|
153
160
|
this._accessTokenResponse = response.successBody;
|
|
154
161
|
}
|
|
155
162
|
return this.accessTokenResponse;
|
|
156
163
|
});
|
|
157
164
|
}
|
|
158
|
-
acquireCredentials({ credentialTypes, proofCallbacks, format, kid, jwk, alg, jti, deferredCredentialAwait, deferredCredentialIntervalInMS
|
|
165
|
+
acquireCredentials({ credentialTypes, proofCallbacks, format, kid, jwk, alg, jti, deferredCredentialAwait, deferredCredentialIntervalInMS }) {
|
|
159
166
|
var _a, _b, _c;
|
|
160
167
|
return __awaiter(this, void 0, void 0, function* () {
|
|
161
168
|
if ([jwk, kid].filter((v) => v !== undefined).length > 1) {
|
|
@@ -170,13 +177,13 @@ class OpenID4VCIClient {
|
|
|
170
177
|
const requestBuilder = this.credentialOffer
|
|
171
178
|
? CredentialRequestClientBuilder_1.CredentialRequestClientBuilder.fromCredentialOffer({
|
|
172
179
|
credentialOffer: this.credentialOffer,
|
|
173
|
-
metadata: this.endpointMetadata
|
|
180
|
+
metadata: this.endpointMetadata
|
|
174
181
|
})
|
|
175
182
|
: CredentialRequestClientBuilder_1.CredentialRequestClientBuilder.fromCredentialIssuer({
|
|
176
183
|
credentialIssuer: this.getIssuer(),
|
|
177
184
|
credentialTypes,
|
|
178
185
|
metadata: this.endpointMetadata,
|
|
179
|
-
version: this.version()
|
|
186
|
+
version: this.version()
|
|
180
187
|
});
|
|
181
188
|
requestBuilder.withTokenFromResponse(this.accessTokenResponse);
|
|
182
189
|
requestBuilder.withDeferredCredentialAwait(deferredCredentialAwait !== null && deferredCredentialAwait !== void 0 ? deferredCredentialAwait : false, deferredCredentialIntervalInMS);
|
|
@@ -209,7 +216,7 @@ class OpenID4VCIClient {
|
|
|
209
216
|
const proofBuilder = ProofOfPossessionBuilder_1.ProofOfPossessionBuilder.fromAccessTokenResponse({
|
|
210
217
|
accessTokenResponse: this.accessTokenResponse,
|
|
211
218
|
callbacks: proofCallbacks,
|
|
212
|
-
version: this.version()
|
|
219
|
+
version: this.version()
|
|
213
220
|
})
|
|
214
221
|
.withIssuer(this.getIssuer())
|
|
215
222
|
.withAlg(this.alg);
|
|
@@ -228,7 +235,7 @@ class OpenID4VCIClient {
|
|
|
228
235
|
const response = yield credentialRequestClient.acquireCredentialsUsingProof({
|
|
229
236
|
proofInput: proofBuilder,
|
|
230
237
|
credentialTypes: credentialTypes,
|
|
231
|
-
format
|
|
238
|
+
format
|
|
232
239
|
});
|
|
233
240
|
if (response.errorBody) {
|
|
234
241
|
debug(`Credential request error:\r\n${JSON.stringify(response.errorBody)}`);
|
|
@@ -250,7 +257,7 @@ class OpenID4VCIClient {
|
|
|
250
257
|
issuerMetadata: this.endpointMetadata.credentialIssuerMetadata,
|
|
251
258
|
version: this.version(),
|
|
252
259
|
format: format,
|
|
253
|
-
types: restrictToInitiationTypes ? this.getCredentialOfferTypes() : undefined
|
|
260
|
+
types: restrictToInitiationTypes ? this.getCredentialOfferTypes() : undefined
|
|
254
261
|
});
|
|
255
262
|
}
|
|
256
263
|
getCredentialOfferTypes() {
|
|
@@ -323,6 +330,9 @@ class OpenID4VCIClient {
|
|
|
323
330
|
get clientId() {
|
|
324
331
|
return this._clientId;
|
|
325
332
|
}
|
|
333
|
+
hasAccessTokenResponse() {
|
|
334
|
+
return !!this._accessTokenResponse;
|
|
335
|
+
}
|
|
326
336
|
get accessTokenResponse() {
|
|
327
337
|
this.assertAccessToken();
|
|
328
338
|
// eslint-disable-next-line @typescript-eslint/no-non-null-assertion
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"OpenID4VCIClient.js","sourceRoot":"","sources":["../lib/OpenID4VCIClient.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,6DAqBkC;AAElC,kDAA0B;AAE1B,2DAAwD;AACxD,uEAA0E;AAC1E,mEAAgE;AAChE,qFAAkF;AAClF,qDAAkD;AAClD,yEAAsE;AACtE,qEAAwE;AAExE,MAAM,KAAK,GAAG,IAAA,eAAK,EAAC,kBAAkB,CAAC,CAAC;AAExC,MAAa,gBAAgB;IAc3B,YAAoB,EAClB,eAAe,EACf,QAAQ,EACR,GAAG,EACH,GAAG,EACH,gBAAgB,EAChB,IAAI,EACJ,oBAAoB,GASrB;QArBO,UAAK,GAAa,EAAE,QAAQ,EAAE,KAAK,EAAE,mBAAmB,EAAE,oCAAmB,CAAC,IAAI,EAAE,CAAC;QAsB3F,IAAI,CAAC,gBAAgB,GAAG,eAAe,CAAC;QACxC,MAAM,MAAM,GAAG,gBAAgB,aAAhB,gBAAgB,cAAhB,gBAAgB,GAAI,CAAC,eAAe,CAAC,CAAC,CAAC,IAAA,oDAAmC,EAAC,eAAe,CAAC,gBAAgB,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC;QACzI,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,MAAM,KAAK,CAAC,qDAAqD,CAAC,CAAC;QACrE,CAAC;QACD,IAAI,CAAC,iBAAiB,GAAG,MAAM,CAAC;QAChC,IAAI,CAAC,IAAI,GAAG,GAAG,CAAC;QAChB,IAAI,CAAC,IAAI,GAAG,GAAG,CAAC;QAChB,IAAI,CAAC,SAAS,GAAG,QAAQ,aAAR,QAAQ,cAAR,QAAQ,GAAI,CAAC,eAAe,CAAC,CAAC,CAAC,IAAA,sDAAqC,EAAC,eAAe,CAAC,gBAAgB,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC;QACrI,IAAI,CAAC,KAAK,mCAAQ,IAAI,CAAC,KAAK,GAAK,IAAI,CAAE,CAAC;QACxC,IAAI,CAAC,yBAAyB,GAAG,IAAI,CAAC,4BAA4B,CAAC,oBAAoB,CAAC,CAAC;IAC3F,CAAC;IAEM,MAAM,CAAO,oBAAoB,CAAC,EACvC,GAAG,EACH,GAAG,EACH,sBAAsB,EACtB,QAAQ,EACR,gBAAgB,EAChB,IAAI,EACJ,oBAAoB,EACpB,6BAA6B,GAU9B;;YACC,MAAM,MAAM,GAAG,IAAI,gBAAgB,CAAC;gBAClC,GAAG;gBACH,GAAG;gBACH,QAAQ,EAAE,QAAQ,aAAR,QAAQ,cAAR,QAAQ,GAAI,oBAAoB,aAApB,oBAAoB,uBAApB,oBAAoB,CAAE,QAAQ;gBACpD,gBAAgB;gBAChB,IAAI;gBACJ,oBAAoB;aACrB,CAAC,CAAC;YACH,IAAI,sBAAsB,KAAK,SAAS,IAAI,sBAAsB,EAAE,CAAC;gBACnE,MAAM,MAAM,CAAC,sBAAsB,EAAE,CAAC;YACxC,CAAC;YACD,IAAI,6BAA6B,KAAK,SAAS,IAAI,6BAA6B,EAAE,CAAC;gBACjF,MAAM,MAAM,CAAC,6BAA6B,CAAC,EAAE,oBAAoB,EAAE,IAAI,EAAE,CAAC,CAAC;YAC7E,CAAC;YACD,OAAO,MAAM,CAAC;QAChB,CAAC;KAAA;IAEM,MAAM,CAAO,OAAO,CAAC,EAC1B,GAAG,EACH,GAAG,EACH,GAAG,EACH,sBAAsB,EACtB,QAAQ,EACR,IAAI,EACJ,6BAA6B,EAC7B,oBAAoB,EACpB,eAAe,GAWhB;;;YACC,MAAM,qBAAqB,GAAG,MAAM,6CAAqB,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,OAAO,EAAE,eAAe,EAAE,CAAC,CAAC;YACrG,MAAM,MAAM,GAAG,IAAI,gBAAgB,CAAC;gBAClC,eAAe,EAAE,qBAAqB;gBACtC,GAAG;gBACH,GAAG;gBACH,QAAQ,EAAE,MAAA,QAAQ,aAAR,QAAQ,cAAR,QAAQ,GAAI,oBAAoB,aAApB,oBAAoB,uBAApB,oBAAoB,CAAE,QAAQ,mCAAI,qBAAqB,CAAC,QAAQ;gBACtF,IAAI;gBACJ,oBAAoB;aACrB,CAAC,CAAC;YAEH,IAAI,sBAAsB,KAAK,SAAS,IAAI,sBAAsB,EAAE,CAAC;gBACnE,MAAM,MAAM,CAAC,sBAAsB,EAAE,CAAC;YACxC,CAAC;YACD,IACE,qBAAqB,CAAC,cAAc,CAAC,QAAQ,CAAC,8BAAa,CAAC,uBAAuB,CAAC;gBACpF,CAAC,6BAA6B,KAAK,SAAS,IAAI,6BAA6B,CAAC,EAC9E,CAAC;gBACD,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;gBACxB,MAAM,MAAM,CAAC,6BAA6B,CAAC,EAAE,oBAAoB,EAAE,IAAI,EAAE,CAAC,CAAC;gBAC3E,OAAO,CAAC,GAAG,CAAC,iBAAiB,MAAM,CAAC,iBAAiB,EAAE,CAAC,CAAC;YAC3D,CAAC;YAED,OAAO,MAAM,CAAC;;KACf;IAEY,6BAA6B,CAAC,IAA2E;;;YACpH,IAAI,CAAC,IAAI,CAAC,iBAAiB,EAAE,CAAC;gBAC5B,IAAI,CAAC,iBAAiB,CAAC,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,IAAI,CAAC,CAAC;gBACnC,IAAI,CAAC,yBAAyB,GAAG,IAAI,CAAC,4BAA4B,CAAC,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,oBAAoB,CAAC,CAAC;gBAC/F,IAAI,CAAC,IAAI,CAAC,yBAAyB,EAAE,CAAC;oBACpC,MAAM,KAAK,CAAC,mEAAmE,CAAC,CAAC;gBACnF,CAAC;gBAED,uHAAuH;gBACvH,oDAAoD;gBACpD,IACE,CAAA,MAAA,IAAI,CAAC,iBAAiB,0CAAE,wBAAwB;oBAChD,wBAAwB,IAAI,IAAI,CAAC,iBAAiB,CAAC,wBAAwB,EAC3E,CAAC;oBACD,IAAI,CAAC,iBAAiB,CAAC,sBAAsB,GAAG,IAAI,CAAC,iBAAiB,CAAC,wBAAwB,CAAC,sBAAgC,CAAC;gBACnI,CAAC;gBACD,IAAI,CAAC,iBAAiB,GAAG,MAAM,IAAA,uDAA6B,EAAC;oBAC3D,IAAI,EAAE,IAAI,CAAC,KAAK;oBAChB,gBAAgB,EAAE,IAAI,CAAC,gBAAgB;oBACvC,oBAAoB,EAAE,IAAI,CAAC,yBAAyB;oBACpD,eAAe,EAAE,IAAI,CAAC,eAAe;oBACrC,oBAAoB,EAAE,IAAI,CAAC,uBAAuB,CAAC,IAAI,CAAC;iBACzD,CAAC,CAAC;YACL,CAAC;YACD,OAAO,IAAI,CAAC,iBAAiB,CAAC;;KAC/B;IAEY,sBAAsB;;YACjC,IAAI,CAAC,gBAAgB,EAAE,CAAC;YACxB,IAAI,CAAC,IAAI,CAAC,iBAAiB,EAAE,CAAC;gBAC5B,IAAI,IAAI,CAAC,eAAe,EAAE,CAAC;oBACzB,IAAI,CAAC,iBAAiB,GAAG,MAAM,+BAAc,CAAC,sCAAsC,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;gBAC7G,CAAC;qBAAM,IAAI,IAAI,CAAC,iBAAiB,EAAE,CAAC;oBAClC,IAAI,CAAC,iBAAiB,GAAG,MAAM,+BAAc,CAAC,mBAAmB,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC;gBAC5F,CAAC;qBAAM,CAAC;oBACN,MAAM,KAAK,CAAC,oFAAoF,CAAC,CAAC;gBACpG,CAAC;YACH,CAAC;YACD,OAAO,IAAI,CAAC,gBAAgB,CAAC;QAC/B,CAAC;KAAA;IAEO,iBAAiB,CAAC,IAAe;QACvC,IAAI,CAAC,KAAK,GAAG,IAAA,2CAAuB,kCAAM,IAAI,CAAC,KAAK,GAAK,IAAI,EAAG,CAAC;IACnE,CAAC;IAEY,kBAAkB,CAAC,IAM/B;;;YACC,MAAM,EAAE,GAAG,EAAE,QAAQ,EAAE,IAAI,EAAE,WAAW,EAAE,GAAG,IAAI,aAAJ,IAAI,cAAJ,IAAI,GAAI,EAAE,CAAC;YAExD,IAAI,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,YAAY,EAAE,CAAC;gBACvB,IAAI,CAAC,KAAK,CAAC,YAAY,GAAG,IAAI,CAAC,YAAY,CAAC;YAC9C,CAAC;YACD,IAAI,CAAC,gBAAgB,EAAE,CAAC;YAExB,IAAI,QAAQ,EAAE,CAAC;gBACb,IAAI,CAAC,SAAS,GAAG,QAAQ,CAAC;YAC5B,CAAC;YACD,IAAI,CAAC,IAAI,CAAC,oBAAoB,EAAE,CAAC;gBAC/B,MAAM,iBAAiB,GAAG,IAAI,qCAAiB,EAAE,CAAC;gBAElD,MAAM,QAAQ,GAAG,MAAM,iBAAiB,CAAC,kBAAkB,+BACzD,eAAe,EAAE,IAAI,CAAC,eAAe,EACrC,QAAQ,EAAE,IAAI,CAAC,gBAAgB,EAC/B,gBAAgB,EAAE,IAAI,CAAC,SAAS,EAAE,EAClC,GAAG,IACA,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,QAAQ,IAAI,EAAE,YAAY,EAAE,IAAI,CAAC,KAAK,CAAC,YAAY,EAAE,CAAC,KACtE,IAAI;oBACJ,WAAW,EACX,MAAM,EAAE,EAAE,QAAQ,EAAE,IACpB,CAAC;gBAEH,IAAI,QAAQ,CAAC,SAAS,EAAE,CAAC;oBACvB,KAAK,CAAC,0BAA0B,QAAQ,CAAC,SAAS,EAAE,CAAC,CAAC;oBACtD,MAAM,KAAK,CACT,mCAAmC,MAAA,IAAI,CAAC,iBAAiB,0CAAE,cAAc,eAAe,IAAI,CAAC,SAAS,EAAE,wBACtG,QAAQ,CAAC,YAAY,CAAC,MACxB,EAAE,CACH,CAAC;gBACJ,CAAC;qBAAM,IAAI,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC;oBACjC,KAAK,CAAC,qCAAqC,CAAC,CAAC;oBAC7C,MAAM,KAAK,CACT,mCAAmC,MAAA,IAAI,CAAC,iBAAiB,0CACrD,cAAc,eAAe,IAAI,CAAC,SAAS,EAAE,+CAA+C,CACjG,CAAC;gBACJ,CAAC;gBACD,IAAI,CAAC,oBAAoB,GAAG,QAAQ,CAAC,WAAW,CAAC;YACnD,CAAC;YAED,OAAO,IAAI,CAAC,mBAAmB,CAAC;;KACjC;IAEY,kBAAkB,CAAC,EAC9B,eAAe,EACf,cAAc,EACd,MAAM,EACN,GAAG,EACH,GAAG,EACH,GAAG,EACH,GAAG,EACH,uBAAuB,EACvB,8BAA8B,GAW/B;;;YACC,IAAI,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,KAAK,SAAS,CAAC,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBACzD,MAAM,IAAI,KAAK,CAAC,kCAAiB,GAAG,UAAU,GAAG,KAAK,SAAS,UAAU,GAAG,KAAK,SAAS,EAAE,CAAC,CAAC;YAChG,CAAC;YAED,IAAI,GAAG;gBAAE,IAAI,CAAC,IAAI,GAAG,GAAG,CAAC;YACzB,IAAI,GAAG;gBAAE,IAAI,CAAC,IAAI,GAAG,GAAG,CAAC;YACzB,IAAI,GAAG;gBAAE,IAAI,CAAC,IAAI,GAAG,GAAG,CAAC;YAEzB,MAAM,cAAc,GAAG,IAAI,CAAC,eAAe;gBACzC,CAAC,CAAC,+DAA8B,CAAC,mBAAmB,CAAC;oBACjD,eAAe,EAAE,IAAI,CAAC,eAAe;oBACrC,QAAQ,EAAE,IAAI,CAAC,gBAAgB;iBAChC,CAAC;gBACJ,CAAC,CAAC,+DAA8B,CAAC,oBAAoB,CAAC;oBAClD,gBAAgB,EAAE,IAAI,CAAC,SAAS,EAAE;oBAClC,eAAe;oBACf,QAAQ,EAAE,IAAI,CAAC,gBAAgB;oBAC/B,OAAO,EAAE,IAAI,CAAC,OAAO,EAAE;iBACxB,CAAC,CAAC;YAEP,cAAc,CAAC,qBAAqB,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;YAC/D,cAAc,CAAC,2BAA2B,CAAC,uBAAuB,aAAvB,uBAAuB,cAAvB,uBAAuB,GAAI,KAAK,EAAE,8BAA8B,CAAC,CAAC;YAC7G,IAAI,MAAA,IAAI,CAAC,gBAAgB,0CAAE,wBAAwB,EAAE,CAAC;gBACpD,MAAM,QAAQ,GAAG,IAAI,CAAC,gBAAgB,CAAC,wBAAwB,CAAC;gBAChE,MAAM,KAAK,GAAG,KAAK,CAAC,OAAO,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,eAAe,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,eAAe,CAAC,CAAC;gBAE/F,IAAI,QAAQ,CAAC,qBAAqB,IAAI,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,qBAAqB,CAAC,EAAE,CAAC;oBACpF,IAAI,aAAa,GAAG,KAAK,CAAC;oBAE1B,QAAQ,CAAC,qBAAqB,CAAC,OAAO,CAAC,CAAC,mBAAmB,EAAE,EAAE;wBAC7D,MAAM,QAAQ,GAAG,IAAA,gDAA+B,EAAC,mBAAmB,CAAC,CAAC;wBACtE,IACE,QAAQ,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC;4BAC/C,CAAC,KAAK,CAAC,MAAM,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,KAAK,mBAAmB,CAAC,EAAE,IAAI,QAAQ,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAC5F,CAAC;4BACD,aAAa,GAAG,IAAI,CAAC;wBACvB,CAAC;oBACH,CAAC,CAAC,CAAC;oBAEH,IAAI,CAAC,aAAa,EAAE,CAAC;wBACnB,OAAO,CAAC,GAAG,CAAC,4BAA4B,IAAI,CAAC,SAAS,CAAC,eAAe,CAAC,gCAAgC,IAAI,CAAC,SAAS,EAAE,EAAE,CAAC,CAAC;wBAC3H,0HAA0H;oBAC5H,CAAC;gBACH,CAAC;qBAAM,IAAI,QAAQ,CAAC,qBAAqB,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,qBAAqB,CAAC,EAAE,CAAC;oBAC5F,MAAM,oBAAoB,GAAG,QAAQ,CAAC,qBAAqB,CAAC;oBAC5D,IAAI,KAAK,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,QAAQ,CAAC,qBAAqB,IAAI,CAAC,oBAAoB,CAAC,IAAI,CAAC,CAAC,EAAE,CAAC;wBACzF,MAAM,KAAK,CAAC,4BAA4B,IAAI,CAAC,SAAS,CAAC,eAAe,CAAC,4BAA4B,IAAI,CAAC,SAAS,EAAE,EAAE,CAAC,CAAC;oBACzH,CAAC;gBACH,CAAC;gBACD,4GAA4G;YAC9G,CAAC;YACD,MAAM,uBAAuB,GAAG,cAAc,CAAC,KAAK,EAAE,CAAC;YACvD,MAAM,YAAY,GAAG,mDAAwB,CAAC,uBAAuB,CAAC;gBACpE,mBAAmB,EAAE,IAAI,CAAC,mBAAmB;gBAC7C,SAAS,EAAE,cAAc;gBACzB,OAAO,EAAE,IAAI,CAAC,OAAO,EAAE;aACxB,CAAC;iBACC,UAAU,CAAC,IAAI,CAAC,SAAS,EAAE,CAAC;iBAC5B,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;YAErB,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC;gBACd,YAAY,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAClC,CAAC;YACD,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC;gBACd,YAAY,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAClC,CAAC;YAED,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;gBAClB,YAAY,CAAC,YAAY,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;YAC3C,CAAC;YACD,IAAI,GAAG,EAAE,CAAC;gBACR,YAAY,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;YAC5B,CAAC;YACD,MAAM,QAAQ,GAAG,MAAM,uBAAuB,CAAC,4BAA4B,CAAC;gBAC1E,UAAU,EAAE,YAAY;gBACxB,eAAe,EAAE,eAAe;gBAChC,MAAM;aACP,CAAC,CAAC;YACH,IAAI,QAAQ,CAAC,SAAS,EAAE,CAAC;gBACvB,KAAK,CAAC,gCAAgC,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,SAAS,CAAC,EAAE,CAAC,CAAC;gBAC5E,MAAM,KAAK,CACT,gCAAgC,MAAA,IAAI,CAAC,iBAAiB,0CAAE,mBAAmB,eAAe,IAAI,CAAC,SAAS,EAAE,wBACxG,QAAQ,CAAC,YAAY,CAAC,MACxB,EAAE,CACH,CAAC;YACJ,CAAC;iBAAM,IAAI,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC;gBACjC,KAAK,CAAC,2CAA2C,CAAC,CAAC;gBACnD,MAAM,KAAK,CACT,gCAAgC,MAAA,IAAI,CAAC,iBAAiB,0CAClD,mBAAmB,eAAe,IAAI,CAAC,SAAS,EAAE,+CAA+C,CACtG,CAAC;YACJ,CAAC;YACD,OAAO,QAAQ,CAAC,WAAW,CAAC;;KAC7B;IAED,oHAAoH;IACpH,6DAA6D;IAC7D,mEAAmE;IACnE,iDAAiD;IACjD,uBAAuB,CACrB,yBAAkC,EAClC,MAAkF;QAElF,OAAO,IAAA,wCAAuB,EAAC;YAC7B,cAAc,EAAE,IAAI,CAAC,gBAAgB,CAAC,wBAAwB;YAC9D,OAAO,EAAE,IAAI,CAAC,OAAO,EAAE;YACvB,MAAM,EAAE,MAAM;YACd,KAAK,EAAE,yBAAyB,CAAC,CAAC,CAAC,IAAI,CAAC,uBAAuB,EAAE,CAAC,CAAC,CAAC,SAAS;SAC9E,CAAC,CAAC;IACL,CAAC;IAED,uBAAuB;QACrB,IAAI,CAAC,IAAI,CAAC,eAAe,EAAE,CAAC;YAC1B,OAAO,EAAE,CAAC;QACZ,CAAC;aAAM,IAAI,IAAI,CAAC,eAAe,CAAC,OAAO,GAAG,kCAAiB,CAAC,UAAU,EAAE,CAAC;YACvE,MAAM,IAAI,GAAG,IAAI,CAAC,eAAe,CAAC,yBAA0D,CAAC;YAC7F,MAAM,KAAK,GAAa,OAAO,IAAI,CAAC,eAAe,KAAK,QAAQ,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,eAAe,CAAC;YACjH,MAAM,MAAM,GAAe,EAAE,CAAC;YAC9B,MAAM,CAAC,CAAC,CAAC,GAAG,KAAK,CAAC;YAClB,OAAO,MAAM,CAAC;QAChB,CAAC;aAAM,CAAC;YACN,OAAO,IAAI,CAAC,eAAe,CAAC,gBAAgB,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE;gBACjE,IAAI,OAAO,CAAC,KAAK,QAAQ,EAAE,CAAC;oBAC1B,OAAO,CAAC,CAAC,CAAC,CAAC;gBACb,CAAC;qBAAM,IAAI,OAAO,IAAI,CAAC,EAAE,CAAC;oBACxB,OAAO,CAAC,CAAC,KAAK,CAAC;gBACjB,CAAC;qBAAM,IAAI,KAAK,IAAI,CAAC,EAAE,CAAC;oBACtB,OAAO,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;gBACjB,CAAC;qBAAM,CAAC;oBACN,OAAO,CAAC,CAAC,qBAAqB,CAAC,KAAK,CAAC;gBACvC,CAAC;YACH,CAAC,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,wBAAwB;;QACtB,OAAO,CACL,MAAA,MAAA,IAAI,CAAC,eAAe,0CAAE,cAAc,mCACpC,CAAC,CAAA,MAAA,MAAA,IAAI,CAAC,iBAAiB,0CAAE,wBAAwB,0CAAE,sBAAsB,EAAC,CAAC,CAAC,CAAC,8BAAa,CAAC,uBAAuB,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAC1H,CAAC;IACJ,CAAC;IAED,mBAAmB,CAAC,QAAuB;QACzC,OAAO,IAAI,CAAC,wBAAwB,EAAE,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;IAC5D,CAAC;IAED,IAAI,gBAAgB;QAClB,OAAO,IAAI,CAAC,iBAAiB,CAAC;IAChC,CAAC;IAEM,mBAAmB;QACxB,OAAO,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC;IACjC,CAAC;IAED,IAAI,eAAe;QACjB,OAAO,IAAI,CAAC,gBAAgB,CAAC;IAC/B,CAAC;IAEM,OAAO;;QACZ,OAAO,MAAA,MAAA,IAAI,CAAC,eAAe,0CAAE,OAAO,mCAAI,kCAAiB,CAAC,UAAU,CAAC;IACvE,CAAC;IAED,IAAW,gBAAgB;QACzB,IAAI,CAAC,oBAAoB,EAAE,CAAC;QAC5B,oEAAoE;QACpE,OAAO,IAAI,CAAC,iBAAkB,CAAC;IACjC,CAAC;IAED,IAAI,GAAG;QACL,IAAI,CAAC,gBAAgB,EAAE,CAAC;QACxB,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC;YACf,MAAM,IAAI,KAAK,CAAC,8BAA8B,CAAC,CAAC;QAClD,CAAC;QACD,OAAO,IAAI,CAAC,IAAI,CAAC;IACnB,CAAC;IAED,IAAI,GAAG;QACL,IAAI,CAAC,gBAAgB,EAAE,CAAC;QACxB,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC;YACf,MAAM,IAAI,KAAK,CAAC,8BAA8B,CAAC,CAAC;QAClD,CAAC;QACD,OAAO,IAAI,CAAC,IAAI,CAAC;IACnB,CAAC;IAED,IAAI,QAAQ;QACV,OAAO,IAAI,CAAC,SAAS,CAAC;IACxB,CAAC;IAED,IAAI,mBAAmB;QACrB,IAAI,CAAC,iBAAiB,EAAE,CAAC;QACzB,oEAAoE;QACpE,OAAO,IAAI,CAAC,oBAAqB,CAAC;IACpC,CAAC;IAEM,SAAS;QACd,IAAI,CAAC,gBAAgB,EAAE,CAAC;QACxB,OAAO,IAAI,CAAC,iBAAkB,CAAC;IACjC,CAAC;IAEM,sBAAsB;QAC3B,IAAI,CAAC,gBAAgB,EAAE,CAAC;QACxB,OAAO,IAAI,CAAC,gBAAgB;YAC1B,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC,cAAc;YACtC,CAAC,CAAC,qCAAiB,CAAC,iBAAiB,CAAC,EAAE,UAAU,EAAE,EAAE,MAAM,EAAE,IAAI,CAAC,SAAS,EAAE,EAAE,EAAE,CAAC,CAAC;IACxF,CAAC;IAEM,qBAAqB;QAC1B,IAAI,CAAC,gBAAgB,EAAE,CAAC;QACxB,OAAO,IAAI,CAAC,gBAAgB,CAAC,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC,mBAAmB,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,SAAS,EAAE,aAAa,CAAC;IAC9G,CAAC;IAEM,6BAA6B;QAClC,OAAO,CAAC,CAAC,IAAI,CAAC,sBAAsB,EAAE,CAAC;IACzC,CAAC;IAEM,6BAA6B;QAClC,IAAI,CAAC,gBAAgB,EAAE,CAAC;QACxB,OAAO,IAAI,CAAC,gBAAgB,CAAC,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC,mBAAmB,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,SAAS,EAAE,aAAa,CAAC;IAC9G,CAAC;IAEO,gBAAgB;QACtB,IAAI,CAAC,IAAI,CAAC,iBAAiB,EAAE,CAAC;YAC5B,MAAM,KAAK,CAAC,oCAAoC,CAAC,CAAC;QACpD,CAAC;aAAM,IAAI,CAAC,IAAI,CAAC,gBAAgB,IAAI,IAAI,CAAC,iBAAiB,IAAI,IAAI,CAAC,wBAAwB,EAAE,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC5G,MAAM,KAAK,CAAC,oDAAoD,CAAC,CAAC;QACpE,CAAC;IACH,CAAC;IAEO,oBAAoB;QAC1B,IAAI,CAAC,IAAI,CAAC,iBAAiB,EAAE,CAAC;YAC5B,MAAM,KAAK,CAAC,oBAAoB,CAAC,CAAC;QACpC,CAAC;IACH,CAAC;IAEO,iBAAiB;QACvB,IAAI,CAAC,IAAI,CAAC,oBAAoB,EAAE,CAAC;YAC/B,MAAM,KAAK,CAAC,yBAAyB,CAAC,CAAC;QACzC,CAAC;IACH,CAAC;IAEO,4BAA4B,CAAC,IAA+B;;QAClE,IAAI,wBAAwB,GAAG,gCAAK,IAAI,CAAC,yBAAyB,GAAK,IAAI,CAA8B,CAAC;QAC1G,IAAI,CAAC,wBAAwB,EAAE,CAAC;YAC9B,wBAAwB,GAAG,EAAE,WAAW,EAAE,cAAc,EAAE,CAAA;QAC5D,CAAC;QACD,MAAM,QAAQ,GAAG,MAAA,wBAAwB,CAAC,QAAQ,mCAAI,IAAI,CAAC,SAAS,CAAA;QACpE,IAAI,CAAC,SAAS,GAAG,QAAQ,CAAC;QAC1B,wBAAwB,CAAC,QAAQ,GAAG,QAAQ,CAAC;QAE7C,IAAI,CAAC,wBAAwB,CAAC,WAAW,EAAE,CAAC;YAC1C,wBAAwB,CAAC,WAAW,GAAG,cAAc,CAAC;QACxD,CAAC;QACD,OAAO,wBAAwB,CAAC;IAClC,CAAC;CACF;AAjfD,4CAifC"}
|
|
1
|
+
{"version":3,"file":"OpenID4VCIClient.js","sourceRoot":"","sources":["../lib/OpenID4VCIClient.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,6DAuBiC;AAEjC,kDAAyB;AAEzB,2DAAuD;AACvD,uEAAyE;AACzE,mEAA+D;AAC/D,qFAAiF;AACjF,qDAAiD;AACjD,yEAAqE;AACrE,qEAAuE;AAEvE,MAAM,KAAK,GAAG,IAAA,eAAK,EAAC,kBAAkB,CAAC,CAAA;AAEvC,MAAa,gBAAgB;IAc3B,YAAoB,EACE,eAAe,EACf,QAAQ,EACR,GAAG,EACH,GAAG,EACH,gBAAgB,EAChB,IAAI,EACJ,oBAAoB,EASzC;QArBO,UAAK,GAAa,EAAE,QAAQ,EAAE,KAAK,EAAE,mBAAmB,EAAE,oCAAmB,CAAC,IAAI,EAAE,CAAA;QAsB1F,IAAI,CAAC,gBAAgB,GAAG,eAAe,CAAA;QACvC,MAAM,MAAM,GAAG,gBAAgB,aAAhB,gBAAgB,cAAhB,gBAAgB,GAAI,CAAC,eAAe,CAAC,CAAC,CAAC,IAAA,oDAAmC,EAAC,eAAe,CAAC,gBAAgB,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAA;QACxI,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,MAAM,KAAK,CAAC,qDAAqD,CAAC,CAAA;QACpE,CAAC;QACD,IAAI,CAAC,iBAAiB,GAAG,MAAM,CAAA;QAC/B,IAAI,CAAC,IAAI,GAAG,GAAG,CAAA;QACf,IAAI,CAAC,IAAI,GAAG,GAAG,CAAA;QACf,IAAI,CAAC,SAAS,GAAG,QAAQ,aAAR,QAAQ,cAAR,QAAQ,GAAI,CAAC,eAAe,CAAC,CAAC,CAAC,IAAA,sDAAqC,EAAC,eAAe,CAAC,gBAAgB,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAA;QACpI,IAAI,CAAC,KAAK,mCAAQ,IAAI,CAAC,KAAK,GAAK,IAAI,CAAE,CAAA;QACvC,IAAI,CAAC,yBAAyB,GAAG,IAAI,CAAC,4BAA4B,CAAC,oBAAoB,CAAC,CAAA;QACxF,OAAO,CAAC,GAAG,CAAC,8BAA8B,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,yBAAyB,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,CAAC,CAAA;IACtG,CAAC;IAEM,MAAM,CAAO,oBAAoB,CAAC,EACE,GAAG,EACH,GAAG,EACH,sBAAsB,EACtB,QAAQ,EACR,gBAAgB,EAChB,IAAI,EACJ,oBAAoB,EACpB,6BAA6B,EAUvE;;YACC,MAAM,MAAM,GAAG,IAAI,gBAAgB,CAAC;gBAClC,GAAG;gBACH,GAAG;gBACH,QAAQ,EAAE,QAAQ,aAAR,QAAQ,cAAR,QAAQ,GAAI,oBAAoB,aAApB,oBAAoB,uBAApB,oBAAoB,CAAE,QAAQ;gBACpD,gBAAgB;gBAChB,IAAI;gBACJ,oBAAoB;aACrB,CAAC,CAAA;YACF,IAAI,sBAAsB,KAAK,SAAS,IAAI,sBAAsB,EAAE,CAAC;gBACnE,MAAM,MAAM,CAAC,sBAAsB,EAAE,CAAA;YACvC,CAAC;YACD,IAAI,6BAA6B,KAAK,SAAS,IAAI,6BAA6B,EAAE,CAAC;gBACjF,MAAM,MAAM,CAAC,6BAA6B,CAAC,EAAE,oBAAoB,EAAE,IAAI,EAAE,CAAC,CAAA;YAC5E,CAAC;YACD,OAAO,MAAM,CAAA;QACf,CAAC;KAAA;IAEM,MAAM,CAAO,OAAO,CAAC,EACE,GAAG,EACH,GAAG,EACH,GAAG,EACH,sBAAsB,EACtB,QAAQ,EACR,IAAI,EACJ,6BAA6B,EAC7B,oBAAoB,EACpB,eAAe,EAW5C;;;YACC,MAAM,qBAAqB,GAAG,MAAM,6CAAqB,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,OAAO,EAAE,eAAe,EAAE,CAAC,CAAA;YACpG,MAAM,MAAM,GAAG,IAAI,gBAAgB,CAAC;gBAClC,eAAe,EAAE,qBAAqB;gBACtC,GAAG;gBACH,GAAG;gBACH,QAAQ,EAAE,MAAA,QAAQ,aAAR,QAAQ,cAAR,QAAQ,GAAI,oBAAoB,aAApB,oBAAoB,uBAApB,oBAAoB,CAAE,QAAQ,mCAAI,qBAAqB,CAAC,QAAQ;gBACtF,IAAI;gBACJ,oBAAoB;aACrB,CAAC,CAAA;YAEF,IAAI,sBAAsB,KAAK,SAAS,IAAI,sBAAsB,EAAE,CAAC;gBACnE,MAAM,MAAM,CAAC,sBAAsB,EAAE,CAAA;YACvC,CAAC;YACD,IACE,qBAAqB,CAAC,cAAc,CAAC,QAAQ,CAAC,8BAAa,CAAC,uBAAuB,CAAC;gBACpF,CAAC,6BAA6B,KAAK,SAAS,IAAI,6BAA6B,CAAC,EAC9E,CAAC;gBACD,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,CAAA;gBACvB,MAAM,MAAM,CAAC,6BAA6B,CAAC,EAAE,oBAAoB,EAAE,IAAI,EAAE,CAAC,CAAA;gBAC1E,OAAO,CAAC,GAAG,CAAC,iBAAiB,MAAM,CAAC,iBAAiB,EAAE,CAAC,CAAA;YAC1D,CAAC;YAED,OAAO,MAAM,CAAA;;KACd;IAED;;;;;OAKG;IACU,6BAA6B,CAAC,IAA2E;;;YACpH,IAAI,CAAC,IAAI,CAAC,iBAAiB,EAAE,CAAC;gBAC5B,IAAI,CAAC,iBAAiB,CAAC,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,IAAI,CAAC,CAAA;gBAClC,IAAI,CAAC,yBAAyB,GAAG,IAAI,CAAC,4BAA4B,CAAC,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,oBAAoB,CAAC,CAAA;gBAC9F,IAAI,CAAC,IAAI,CAAC,yBAAyB,EAAE,CAAC;oBACpC,MAAM,KAAK,CAAC,mEAAmE,CAAC,CAAA;gBAClF,CAAC;gBAED,uHAAuH;gBACvH,oDAAoD;gBACpD,IAAI,CAAA,MAAA,IAAI,CAAC,iBAAiB,0CAAE,wBAAwB,KAAI,wBAAwB,IAAI,IAAI,CAAC,iBAAiB,CAAC,wBAAwB,EAAE,CAAC;oBACpI,IAAI,CAAC,iBAAiB,CAAC,sBAAsB,GAAG,IAAI,CAAC,iBAAiB,CAAC,wBAAwB,CAAC,sBAAgC,CAAA;gBAClI,CAAC;gBACD,IAAI,CAAC,iBAAiB,GAAG,MAAM,IAAA,uDAA6B,EAAC;oBAC3D,IAAI,EAAE,IAAI,CAAC,KAAK;oBAChB,gBAAgB,EAAE,IAAI,CAAC,gBAAgB;oBACvC,oBAAoB,EAAE,IAAI,CAAC,yBAAyB;oBACpD,eAAe,EAAE,IAAI,CAAC,eAAe;oBACrC,oBAAoB,EAAE,IAAI,CAAC,uBAAuB,CAAC,IAAI,CAAC;iBACzD,CAAC,CAAA;YACJ,CAAC;YACD,OAAO,IAAI,CAAC,iBAAiB,CAAA;;KAC9B;IAEY,sBAAsB;;YACjC,IAAI,CAAC,gBAAgB,EAAE,CAAA;YACvB,IAAI,CAAC,IAAI,CAAC,iBAAiB,EAAE,CAAC;gBAC5B,IAAI,IAAI,CAAC,eAAe,EAAE,CAAC;oBACzB,IAAI,CAAC,iBAAiB,GAAG,MAAM,+BAAc,CAAC,sCAAsC,CAAC,IAAI,CAAC,eAAe,CAAC,CAAA;gBAC5G,CAAC;qBAAM,IAAI,IAAI,CAAC,iBAAiB,EAAE,CAAC;oBAClC,IAAI,CAAC,iBAAiB,GAAG,MAAM,+BAAc,CAAC,mBAAmB,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAA;gBAC3F,CAAC;qBAAM,CAAC;oBACN,MAAM,KAAK,CAAC,oFAAoF,CAAC,CAAA;gBACnG,CAAC;YACH,CAAC;YACD,OAAO,IAAI,CAAC,gBAAgB,CAAA;QAC9B,CAAC;KAAA;IAEO,iBAAiB,CAAC,IAAe;QACvC,IAAI,CAAC,KAAK,GAAG,IAAA,2CAAuB,kCAAM,IAAI,CAAC,KAAK,GAAK,IAAI,EAAG,CAAA;IAClE,CAAC;IAEY,kBAAkB,CAAC,IAO/B;;;YACC,MAAM,EAAE,GAAG,EAAE,QAAQ,EAAE,WAAW,EAAE,GAAG,IAAI,aAAJ,IAAI,cAAJ,IAAI,GAAI,EAAE,CAAA;YACjD,MAAM,IAAI,GAAG,MAAA,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,IAAI,mCAAI,CAAC,CAAA,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,qBAAqB,EAAC,CAAC,CAAC,IAAA,+CAA8B,EAAC,IAAI,CAAC,qBAAqB,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC,CAAA;YAEtI,IAAI,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,YAAY,EAAE,CAAC;gBACvB,IAAI,CAAC,KAAK,CAAC,YAAY,GAAG,IAAI,CAAC,YAAY,CAAA;YAC7C,CAAC;YACD,IAAI,CAAC,gBAAgB,EAAE,CAAA;YAEvB,IAAI,QAAQ,EAAE,CAAC;gBACb,IAAI,CAAC,SAAS,GAAG,QAAQ,CAAA;YAC3B,CAAC;YACD,IAAI,CAAC,IAAI,CAAC,oBAAoB,EAAE,CAAC;gBAC/B,MAAM,iBAAiB,GAAG,IAAI,qCAAiB,EAAE,CAAA;gBAEjD,MAAM,QAAQ,GAAG,MAAM,iBAAiB,CAAC,kBAAkB,+BACzD,eAAe,EAAE,IAAI,CAAC,eAAe,EACrC,QAAQ,EAAE,IAAI,CAAC,gBAAgB,EAC/B,gBAAgB,EAAE,IAAI,CAAC,SAAS,EAAE,EAClC,GAAG,IACA,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,QAAQ,IAAI,EAAE,YAAY,EAAE,IAAI,CAAC,KAAK,CAAC,YAAY,EAAE,CAAC,KACtE,IAAI;oBACJ,WAAW,EACX,MAAM,EAAE,EAAE,QAAQ,EAAE,IACpB,CAAA;gBAEF,IAAI,QAAQ,CAAC,SAAS,EAAE,CAAC;oBACvB,KAAK,CAAC,0BAA0B,QAAQ,CAAC,SAAS,EAAE,CAAC,CAAA;oBACrD,MAAM,KAAK,CACT,mCAAmC,MAAA,IAAI,CAAC,iBAAiB,0CAAE,cAAc,eAAe,IAAI,CAAC,SAAS,EAAE,wBACtG,QAAQ,CAAC,YAAY,CAAC,MACxB,EAAE,CACH,CAAA;gBACH,CAAC;qBAAM,IAAI,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC;oBACjC,KAAK,CAAC,qCAAqC,CAAC,CAAA;oBAC5C,MAAM,KAAK,CACT,mCAAmC,MAAA,IAAI,CAAC,iBAAiB,0CACrD,cAAc,eAAe,IAAI,CAAC,SAAS,EAAE,+CAA+C,CACjG,CAAA;gBACH,CAAC;gBACD,IAAI,CAAC,oBAAoB,GAAG,QAAQ,CAAC,WAAW,CAAA;YAClD,CAAC;YAED,OAAO,IAAI,CAAC,mBAAmB,CAAA;;KAChC;IAEY,kBAAkB,CAAC,EACE,eAAe,EACf,cAAc,EACd,MAAM,EACN,GAAG,EACH,GAAG,EACH,GAAG,EACH,GAAG,EACH,uBAAuB,EACvB,8BAA8B,EAW/D;;;YACC,IAAI,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,KAAK,SAAS,CAAC,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBACzD,MAAM,IAAI,KAAK,CAAC,kCAAiB,GAAG,UAAU,GAAG,KAAK,SAAS,UAAU,GAAG,KAAK,SAAS,EAAE,CAAC,CAAA;YAC/F,CAAC;YAED,IAAI,GAAG;gBAAE,IAAI,CAAC,IAAI,GAAG,GAAG,CAAA;YACxB,IAAI,GAAG;gBAAE,IAAI,CAAC,IAAI,GAAG,GAAG,CAAA;YACxB,IAAI,GAAG;gBAAE,IAAI,CAAC,IAAI,GAAG,GAAG,CAAA;YAExB,MAAM,cAAc,GAAG,IAAI,CAAC,eAAe;gBACzC,CAAC,CAAC,+DAA8B,CAAC,mBAAmB,CAAC;oBACnD,eAAe,EAAE,IAAI,CAAC,eAAe;oBACrC,QAAQ,EAAE,IAAI,CAAC,gBAAgB;iBAChC,CAAC;gBACF,CAAC,CAAC,+DAA8B,CAAC,oBAAoB,CAAC;oBACpD,gBAAgB,EAAE,IAAI,CAAC,SAAS,EAAE;oBAClC,eAAe;oBACf,QAAQ,EAAE,IAAI,CAAC,gBAAgB;oBAC/B,OAAO,EAAE,IAAI,CAAC,OAAO,EAAE;iBACxB,CAAC,CAAA;YAEJ,cAAc,CAAC,qBAAqB,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAA;YAC9D,cAAc,CAAC,2BAA2B,CAAC,uBAAuB,aAAvB,uBAAuB,cAAvB,uBAAuB,GAAI,KAAK,EAAE,8BAA8B,CAAC,CAAA;YAC5G,IAAI,MAAA,IAAI,CAAC,gBAAgB,0CAAE,wBAAwB,EAAE,CAAC;gBACpD,MAAM,QAAQ,GAAG,IAAI,CAAC,gBAAgB,CAAC,wBAAwB,CAAA;gBAC/D,MAAM,KAAK,GAAG,KAAK,CAAC,OAAO,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,eAAe,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,eAAe,CAAC,CAAA;gBAE9F,IAAI,QAAQ,CAAC,qBAAqB,IAAI,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,qBAAqB,CAAC,EAAE,CAAC;oBACpF,IAAI,aAAa,GAAG,KAAK,CAAA;oBAEzB,QAAQ,CAAC,qBAAqB,CAAC,OAAO,CAAC,CAAC,mBAAmB,EAAE,EAAE;wBAC7D,MAAM,QAAQ,GAAG,IAAA,gDAA+B,EAAC,mBAAmB,CAAC,CAAA;wBACrE,IACE,QAAQ,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC;4BAC/C,CAAC,KAAK,CAAC,MAAM,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,KAAK,mBAAmB,CAAC,EAAE,IAAI,QAAQ,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAC5F,CAAC;4BACD,aAAa,GAAG,IAAI,CAAA;wBACtB,CAAC;oBACH,CAAC,CAAC,CAAA;oBAEF,IAAI,CAAC,aAAa,EAAE,CAAC;wBACnB,OAAO,CAAC,GAAG,CAAC,4BAA4B,IAAI,CAAC,SAAS,CAAC,eAAe,CAAC,gCAAgC,IAAI,CAAC,SAAS,EAAE,EAAE,CAAC,CAAA;wBAC1H,0HAA0H;oBAC5H,CAAC;gBACH,CAAC;qBAAM,IAAI,QAAQ,CAAC,qBAAqB,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,qBAAqB,CAAC,EAAE,CAAC;oBAC5F,MAAM,oBAAoB,GAAG,QAAQ,CAAC,qBAAqB,CAAA;oBAC3D,IAAI,KAAK,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,QAAQ,CAAC,qBAAqB,IAAI,CAAC,oBAAoB,CAAC,IAAI,CAAC,CAAC,EAAE,CAAC;wBACzF,MAAM,KAAK,CAAC,4BAA4B,IAAI,CAAC,SAAS,CAAC,eAAe,CAAC,4BAA4B,IAAI,CAAC,SAAS,EAAE,EAAE,CAAC,CAAA;oBACxH,CAAC;gBACH,CAAC;gBACD,4GAA4G;YAC9G,CAAC;YACD,MAAM,uBAAuB,GAAG,cAAc,CAAC,KAAK,EAAE,CAAA;YACtD,MAAM,YAAY,GAAG,mDAAwB,CAAC,uBAAuB,CAAC;gBACpE,mBAAmB,EAAE,IAAI,CAAC,mBAAmB;gBAC7C,SAAS,EAAE,cAAc;gBACzB,OAAO,EAAE,IAAI,CAAC,OAAO,EAAE;aACxB,CAAC;iBACC,UAAU,CAAC,IAAI,CAAC,SAAS,EAAE,CAAC;iBAC5B,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;YAEpB,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC;gBACd,YAAY,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;YACjC,CAAC;YACD,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC;gBACd,YAAY,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;YACjC,CAAC;YAED,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;gBAClB,YAAY,CAAC,YAAY,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAA;YAC1C,CAAC;YACD,IAAI,GAAG,EAAE,CAAC;gBACR,YAAY,CAAC,OAAO,CAAC,GAAG,CAAC,CAAA;YAC3B,CAAC;YACD,MAAM,QAAQ,GAAG,MAAM,uBAAuB,CAAC,4BAA4B,CAAC;gBAC1E,UAAU,EAAE,YAAY;gBACxB,eAAe,EAAE,eAAe;gBAChC,MAAM;aACP,CAAC,CAAA;YACF,IAAI,QAAQ,CAAC,SAAS,EAAE,CAAC;gBACvB,KAAK,CAAC,gCAAgC,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,SAAS,CAAC,EAAE,CAAC,CAAA;gBAC3E,MAAM,KAAK,CACT,gCAAgC,MAAA,IAAI,CAAC,iBAAiB,0CAAE,mBAAmB,eAAe,IAAI,CAAC,SAAS,EAAE,wBACxG,QAAQ,CAAC,YAAY,CAAC,MACxB,EAAE,CACH,CAAA;YACH,CAAC;iBAAM,IAAI,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC;gBACjC,KAAK,CAAC,2CAA2C,CAAC,CAAA;gBAClD,MAAM,KAAK,CACT,gCAAgC,MAAA,IAAI,CAAC,iBAAiB,0CAClD,mBAAmB,eAAe,IAAI,CAAC,SAAS,EAAE,+CAA+C,CACtG,CAAA;YACH,CAAC;YACD,OAAO,QAAQ,CAAC,WAAW,CAAA;;KAC5B;IAED,oHAAoH;IACpH,6DAA6D;IAC7D,mEAAmE;IACnE,iDAAiD;IACjD,uBAAuB,CACrB,yBAAkC,EAClC,MAAkF;QAElF,OAAO,IAAA,wCAAuB,EAAC;YAC7B,cAAc,EAAE,IAAI,CAAC,gBAAgB,CAAC,wBAAwB;YAC9D,OAAO,EAAE,IAAI,CAAC,OAAO,EAAE;YACvB,MAAM,EAAE,MAAM;YACd,KAAK,EAAE,yBAAyB,CAAC,CAAC,CAAC,IAAI,CAAC,uBAAuB,EAAE,CAAC,CAAC,CAAC,SAAS;SAC9E,CAAC,CAAA;IACJ,CAAC;IAED,uBAAuB;QACrB,IAAI,CAAC,IAAI,CAAC,eAAe,EAAE,CAAC;YAC1B,OAAO,EAAE,CAAA;QACX,CAAC;aAAM,IAAI,IAAI,CAAC,eAAe,CAAC,OAAO,GAAG,kCAAiB,CAAC,UAAU,EAAE,CAAC;YACvE,MAAM,IAAI,GAAG,IAAI,CAAC,eAAe,CAAC,yBAA0D,CAAA;YAC5F,MAAM,KAAK,GAAa,OAAO,IAAI,CAAC,eAAe,KAAK,QAAQ,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,eAAe,CAAA;YAChH,MAAM,MAAM,GAAe,EAAE,CAAA;YAC7B,MAAM,CAAC,CAAC,CAAC,GAAG,KAAK,CAAA;YACjB,OAAO,MAAM,CAAA;QACf,CAAC;aAAM,CAAC;YACN,OAAO,IAAI,CAAC,eAAe,CAAC,gBAAgB,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE;gBACjE,IAAI,OAAO,CAAC,KAAK,QAAQ,EAAE,CAAC;oBAC1B,OAAO,CAAC,CAAC,CAAC,CAAA;gBACZ,CAAC;qBAAM,IAAI,OAAO,IAAI,CAAC,EAAE,CAAC;oBACxB,OAAO,CAAC,CAAC,KAAK,CAAA;gBAChB,CAAC;qBAAM,IAAI,KAAK,IAAI,CAAC,EAAE,CAAC;oBACtB,OAAO,CAAC,CAAC,CAAC,GAAG,CAAC,CAAA;gBAChB,CAAC;qBAAM,CAAC;oBACN,OAAO,CAAC,CAAC,qBAAqB,CAAC,KAAK,CAAA;gBACtC,CAAC;YACH,CAAC,CAAC,CAAA;QACJ,CAAC;IACH,CAAC;IAED,wBAAwB;;QACtB,OAAO,CACL,MAAA,MAAA,IAAI,CAAC,eAAe,0CAAE,cAAc,mCACpC,CAAC,CAAA,MAAA,MAAA,IAAI,CAAC,iBAAiB,0CAAE,wBAAwB,0CAAE,sBAAsB,EAAC,CAAC,CAAC,CAAC,8BAAa,CAAC,uBAAuB,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAC1H,CAAA;IACH,CAAC;IAED,mBAAmB,CAAC,QAAuB;QACzC,OAAO,IAAI,CAAC,wBAAwB,EAAE,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAA;IAC3D,CAAC;IAED,IAAI,gBAAgB;QAClB,OAAO,IAAI,CAAC,iBAAiB,CAAA;IAC/B,CAAC;IAEM,mBAAmB;QACxB,OAAO,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAA;IAChC,CAAC;IAED,IAAI,eAAe;QACjB,OAAO,IAAI,CAAC,gBAAgB,CAAA;IAC9B,CAAC;IAEM,OAAO;;QACZ,OAAO,MAAA,MAAA,IAAI,CAAC,eAAe,0CAAE,OAAO,mCAAI,kCAAiB,CAAC,UAAU,CAAA;IACtE,CAAC;IAED,IAAW,gBAAgB;QACzB,IAAI,CAAC,oBAAoB,EAAE,CAAA;QAC3B,oEAAoE;QACpE,OAAO,IAAI,CAAC,iBAAkB,CAAA;IAChC,CAAC;IAED,IAAI,GAAG;QACL,IAAI,CAAC,gBAAgB,EAAE,CAAA;QACvB,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC;YACf,MAAM,IAAI,KAAK,CAAC,8BAA8B,CAAC,CAAA;QACjD,CAAC;QACD,OAAO,IAAI,CAAC,IAAI,CAAA;IAClB,CAAC;IAED,IAAI,GAAG;QACL,IAAI,CAAC,gBAAgB,EAAE,CAAA;QACvB,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC;YACf,MAAM,IAAI,KAAK,CAAC,8BAA8B,CAAC,CAAA;QACjD,CAAC;QACD,OAAO,IAAI,CAAC,IAAI,CAAA;IAClB,CAAC;IAED,IAAI,QAAQ;QACV,OAAO,IAAI,CAAC,SAAS,CAAA;IACvB,CAAC;IAEM,sBAAsB;QAC3B,OAAO,CAAC,CAAC,IAAI,CAAC,oBAAoB,CAAA;IACpC,CAAC;IAED,IAAI,mBAAmB;QACrB,IAAI,CAAC,iBAAiB,EAAE,CAAA;QACxB,oEAAoE;QACpE,OAAO,IAAI,CAAC,oBAAqB,CAAA;IACnC,CAAC;IAEM,SAAS;QACd,IAAI,CAAC,gBAAgB,EAAE,CAAA;QACvB,OAAO,IAAI,CAAC,iBAAiB,CAAA;IAC/B,CAAC;IAEM,sBAAsB;QAC3B,IAAI,CAAC,gBAAgB,EAAE,CAAA;QACvB,OAAO,IAAI,CAAC,gBAAgB;YAC1B,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC,cAAc;YACtC,CAAC,CAAC,qCAAiB,CAAC,iBAAiB,CAAC,EAAE,UAAU,EAAE,EAAE,MAAM,EAAE,IAAI,CAAC,SAAS,EAAE,EAAE,EAAE,CAAC,CAAA;IACvF,CAAC;IAEM,qBAAqB;QAC1B,IAAI,CAAC,gBAAgB,EAAE,CAAA;QACvB,OAAO,IAAI,CAAC,gBAAgB,CAAC,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC,mBAAmB,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,SAAS,EAAE,aAAa,CAAA;IAC7G,CAAC;IAEM,6BAA6B;QAClC,OAAO,CAAC,CAAC,IAAI,CAAC,sBAAsB,EAAE,CAAA;IACxC,CAAC;IAEM,6BAA6B;QAClC,IAAI,CAAC,gBAAgB,EAAE,CAAA;QACvB,OAAO,IAAI,CAAC,gBAAgB,CAAC,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC,mBAAmB,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,SAAS,EAAE,aAAa,CAAA;IAC7G,CAAC;IAEO,gBAAgB;QACtB,IAAI,CAAC,IAAI,CAAC,iBAAiB,EAAE,CAAC;YAC5B,MAAM,KAAK,CAAC,oCAAoC,CAAC,CAAA;QACnD,CAAC;aAAM,IAAI,CAAC,IAAI,CAAC,gBAAgB,IAAI,IAAI,CAAC,iBAAiB,IAAI,IAAI,CAAC,wBAAwB,EAAE,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC5G,MAAM,KAAK,CAAC,oDAAoD,CAAC,CAAA;QACnE,CAAC;IACH,CAAC;IAEO,oBAAoB;QAC1B,IAAI,CAAC,IAAI,CAAC,iBAAiB,EAAE,CAAC;YAC5B,MAAM,KAAK,CAAC,oBAAoB,CAAC,CAAA;QACnC,CAAC;IACH,CAAC;IAEO,iBAAiB;QACvB,IAAI,CAAC,IAAI,CAAC,oBAAoB,EAAE,CAAC;YAC/B,MAAM,KAAK,CAAC,yBAAyB,CAAC,CAAA;QACxC,CAAC;IACH,CAAC;IAEO,4BAA4B,CAAC,IAA+B;;QAClE,IAAI,wBAAwB,GAAG,gCAAK,IAAI,CAAC,yBAAyB,GAAK,IAAI,CAA8B,CAAA;QACzG,IAAI,CAAC,wBAAwB,EAAE,CAAC;YAC9B,wBAAwB,GAAG,EAAE,WAAW,EAAE,cAAc,EAAE,CAAA;QAC5D,CAAC;QACD,MAAM,QAAQ,GAAG,MAAA,wBAAwB,CAAC,QAAQ,mCAAI,IAAI,CAAC,SAAS,CAAA;QACpE,IAAI,CAAC,SAAS,GAAG,QAAQ,CAAA;QACzB,wBAAwB,CAAC,QAAQ,GAAG,QAAQ,CAAA;QAE5C,IAAI,CAAC,wBAAwB,CAAC,WAAW,EAAE,CAAC;YAC1C,wBAAwB,CAAC,WAAW,GAAG,cAAc,CAAA;QACvD,CAAC;QACD,OAAO,wBAAwB,CAAA;IACjC,CAAC;CACF;AA3fD,4CA2fC"}
|
|
@@ -79,7 +79,7 @@ export const createAuthorizationRequestUrl = async ({
|
|
|
79
79
|
}),
|
|
80
80
|
authorization_details: JSON.stringify(handleAuthorizationDetails(endpointMetadata, authorizationDetails)),
|
|
81
81
|
redirect_uri: redirectUri,
|
|
82
|
-
scope
|
|
82
|
+
scope,
|
|
83
83
|
};
|
|
84
84
|
|
|
85
85
|
if (authorizationRequest.clientId) {
|
|
@@ -92,16 +92,20 @@ export const createAuthorizationRequestUrl = async ({
|
|
|
92
92
|
if (!parEndpoint && parMode === PARMode.REQUIRE) {
|
|
93
93
|
throw Error(`PAR mode is set to required by Authorization Server does not support PAR!`);
|
|
94
94
|
} else if (parEndpoint && parMode !== PARMode.NEVER) {
|
|
95
|
+
console.log(`USING PAR with endpoint ${parEndpoint}`);
|
|
95
96
|
const parResponse = await formPost<PushedAuthorizationResponse>(parEndpoint, new URLSearchParams(queryObj));
|
|
96
97
|
if (parResponse.errorBody || !parResponse.successBody) {
|
|
97
98
|
throw Error(`PAR error`);
|
|
98
99
|
}
|
|
100
|
+
console.log(`PAR response: ${(parResponse.successBody, null, 2)}`);
|
|
99
101
|
queryObj = { request_uri: parResponse.successBody.request_uri };
|
|
100
102
|
}
|
|
101
103
|
|
|
104
|
+
console.log(`QUERY obj: ` + JSON.stringify(queryObj, null, 2));
|
|
102
105
|
const url = convertJsonToURI(queryObj, {
|
|
103
106
|
baseUrl: endpointMetadata.authorization_endpoint,
|
|
104
|
-
uriTypeProperties: ['request_uri', 'redirect_uri', 'scope', 'authorization_details',
|
|
107
|
+
uriTypeProperties: ['client_id', 'request_uri', 'redirect_uri', 'scope', 'authorization_details', 'issuer_state'],
|
|
108
|
+
// arrayTypeProperties: ['authorization_details'],
|
|
105
109
|
mode: JsonURIMode.X_FORM_WWW_URLENCODED,
|
|
106
110
|
// We do not add the version here, as this always needs to be form encoded
|
|
107
111
|
});
|
|
@@ -137,7 +141,7 @@ const handleLocations = (endpointMetadata: EndpointMetadataResult, authorization
|
|
|
137
141
|
if (authorizationDetails && (endpointMetadata.credentialIssuerMetadata?.authorization_server || endpointMetadata.authorization_endpoint)) {
|
|
138
142
|
if (authorizationDetails.locations) {
|
|
139
143
|
if (Array.isArray(authorizationDetails.locations)) {
|
|
140
|
-
|
|
144
|
+
authorizationDetails.locations.push(endpointMetadata.issuer);
|
|
141
145
|
} else {
|
|
142
146
|
authorizationDetails.locations = [authorizationDetails.locations as string, endpointMetadata.issuer];
|
|
143
147
|
}
|
package/lib/OpenID4VCIClient.ts
CHANGED
|
@@ -2,6 +2,7 @@ import {
|
|
|
2
2
|
AccessTokenResponse,
|
|
3
3
|
Alg,
|
|
4
4
|
AuthorizationRequestOpts,
|
|
5
|
+
AuthorizationResponse,
|
|
5
6
|
AuthzFlowType,
|
|
6
7
|
CodeChallengeMethod,
|
|
7
8
|
CredentialOfferPayloadV1_0_08,
|
|
@@ -19,43 +20,44 @@ import {
|
|
|
19
20
|
OpenId4VCIVersion,
|
|
20
21
|
PKCEOpts,
|
|
21
22
|
ProofOfPossessionCallbacks,
|
|
22
|
-
|
|
23
|
-
|
|
24
|
-
import
|
|
23
|
+
toAuthorizationResponsePayload
|
|
24
|
+
} from '@sphereon/oid4vci-common'
|
|
25
|
+
import { CredentialFormat } from '@sphereon/ssi-types'
|
|
26
|
+
import Debug from 'debug'
|
|
25
27
|
|
|
26
|
-
import { AccessTokenClient } from './AccessTokenClient'
|
|
27
|
-
import { createAuthorizationRequestUrl } from './AuthorizationCodeClient'
|
|
28
|
-
import { CredentialOfferClient } from './CredentialOfferClient'
|
|
29
|
-
import { CredentialRequestClientBuilder } from './CredentialRequestClientBuilder'
|
|
30
|
-
import { MetadataClient } from './MetadataClient'
|
|
31
|
-
import { ProofOfPossessionBuilder } from './ProofOfPossessionBuilder'
|
|
32
|
-
import { generateMissingPKCEOpts } from './functions/AuthorizationUtil'
|
|
28
|
+
import { AccessTokenClient } from './AccessTokenClient'
|
|
29
|
+
import { createAuthorizationRequestUrl } from './AuthorizationCodeClient'
|
|
30
|
+
import { CredentialOfferClient } from './CredentialOfferClient'
|
|
31
|
+
import { CredentialRequestClientBuilder } from './CredentialRequestClientBuilder'
|
|
32
|
+
import { MetadataClient } from './MetadataClient'
|
|
33
|
+
import { ProofOfPossessionBuilder } from './ProofOfPossessionBuilder'
|
|
34
|
+
import { generateMissingPKCEOpts } from './functions/AuthorizationUtil'
|
|
33
35
|
|
|
34
|
-
const debug = Debug('sphereon:oid4vci')
|
|
36
|
+
const debug = Debug('sphereon:oid4vci')
|
|
35
37
|
|
|
36
38
|
export class OpenID4VCIClient {
|
|
37
|
-
private readonly _credentialOffer?: CredentialOfferRequestWithBaseUrl
|
|
38
|
-
private readonly _credentialIssuer: string
|
|
39
|
-
private _clientId?: string
|
|
40
|
-
private _kid: string | undefined
|
|
41
|
-
private _jwk: JWK | undefined
|
|
42
|
-
private _alg: Alg | string | undefined
|
|
43
|
-
private _endpointMetadata: EndpointMetadataResult | undefined
|
|
44
|
-
private _accessTokenResponse: AccessTokenResponse | undefined
|
|
45
|
-
private _pkce: PKCEOpts = { disabled: false, codeChallengeMethod: CodeChallengeMethod.S256 }
|
|
46
|
-
private _authorizationRequestOpts?: AuthorizationRequestOpts
|
|
47
|
-
|
|
48
|
-
private _authorizationURL?: string
|
|
39
|
+
private readonly _credentialOffer?: CredentialOfferRequestWithBaseUrl
|
|
40
|
+
private readonly _credentialIssuer: string
|
|
41
|
+
private _clientId?: string
|
|
42
|
+
private _kid: string | undefined
|
|
43
|
+
private _jwk: JWK | undefined
|
|
44
|
+
private _alg: Alg | string | undefined
|
|
45
|
+
private _endpointMetadata: EndpointMetadataResult | undefined
|
|
46
|
+
private _accessTokenResponse: AccessTokenResponse | undefined
|
|
47
|
+
private _pkce: PKCEOpts = { disabled: false, codeChallengeMethod: CodeChallengeMethod.S256 }
|
|
48
|
+
private _authorizationRequestOpts?: AuthorizationRequestOpts
|
|
49
|
+
|
|
50
|
+
private _authorizationURL?: string
|
|
49
51
|
|
|
50
52
|
private constructor({
|
|
51
|
-
|
|
52
|
-
|
|
53
|
-
|
|
54
|
-
|
|
55
|
-
|
|
56
|
-
|
|
57
|
-
|
|
58
|
-
|
|
53
|
+
credentialOffer,
|
|
54
|
+
clientId,
|
|
55
|
+
kid,
|
|
56
|
+
alg,
|
|
57
|
+
credentialIssuer,
|
|
58
|
+
pkce,
|
|
59
|
+
authorizationRequest
|
|
60
|
+
}: {
|
|
59
61
|
credentialOffer?: CredentialOfferRequestWithBaseUrl;
|
|
60
62
|
kid?: string;
|
|
61
63
|
alg?: Alg | string;
|
|
@@ -64,29 +66,30 @@ export class OpenID4VCIClient {
|
|
|
64
66
|
pkce?: PKCEOpts;
|
|
65
67
|
authorizationRequest?: AuthorizationRequestOpts; // Can be provided here, or when manually calling createAuthorizationUrl
|
|
66
68
|
}) {
|
|
67
|
-
this._credentialOffer = credentialOffer
|
|
68
|
-
const issuer = credentialIssuer ?? (credentialOffer ? getIssuerFromCredentialOfferPayload(credentialOffer.credential_offer) : undefined)
|
|
69
|
+
this._credentialOffer = credentialOffer
|
|
70
|
+
const issuer = credentialIssuer ?? (credentialOffer ? getIssuerFromCredentialOfferPayload(credentialOffer.credential_offer) : undefined)
|
|
69
71
|
if (!issuer) {
|
|
70
|
-
throw Error('No credential issuer supplied or deduced from offer')
|
|
72
|
+
throw Error('No credential issuer supplied or deduced from offer')
|
|
71
73
|
}
|
|
72
|
-
this._credentialIssuer = issuer
|
|
73
|
-
this._kid = kid
|
|
74
|
-
this._alg = alg
|
|
75
|
-
this._clientId = clientId ?? (credentialOffer ? getClientIdFromCredentialOfferPayload(credentialOffer.credential_offer) : undefined)
|
|
76
|
-
this._pkce = { ...this._pkce, ...pkce }
|
|
77
|
-
this._authorizationRequestOpts = this.syncAuthorizationRequestOpts(authorizationRequest)
|
|
74
|
+
this._credentialIssuer = issuer
|
|
75
|
+
this._kid = kid
|
|
76
|
+
this._alg = alg
|
|
77
|
+
this._clientId = clientId ?? (credentialOffer ? getClientIdFromCredentialOfferPayload(credentialOffer.credential_offer) : undefined)
|
|
78
|
+
this._pkce = { ...this._pkce, ...pkce }
|
|
79
|
+
this._authorizationRequestOpts = this.syncAuthorizationRequestOpts(authorizationRequest)
|
|
80
|
+
console.log(`Authorization req options: ${JSON.stringify(this._authorizationRequestOpts, null, 2)}`)
|
|
78
81
|
}
|
|
79
82
|
|
|
80
83
|
public static async fromCredentialIssuer({
|
|
81
|
-
|
|
82
|
-
|
|
83
|
-
|
|
84
|
-
|
|
85
|
-
|
|
86
|
-
|
|
87
|
-
|
|
88
|
-
|
|
89
|
-
|
|
84
|
+
kid,
|
|
85
|
+
alg,
|
|
86
|
+
retrieveServerMetadata,
|
|
87
|
+
clientId,
|
|
88
|
+
credentialIssuer,
|
|
89
|
+
pkce,
|
|
90
|
+
authorizationRequest,
|
|
91
|
+
createAuthorizationRequestURL
|
|
92
|
+
}: {
|
|
90
93
|
credentialIssuer: string;
|
|
91
94
|
kid?: string;
|
|
92
95
|
alg?: Alg | string;
|
|
@@ -102,28 +105,28 @@ export class OpenID4VCIClient {
|
|
|
102
105
|
clientId: clientId ?? authorizationRequest?.clientId,
|
|
103
106
|
credentialIssuer,
|
|
104
107
|
pkce,
|
|
105
|
-
authorizationRequest
|
|
106
|
-
})
|
|
108
|
+
authorizationRequest
|
|
109
|
+
})
|
|
107
110
|
if (retrieveServerMetadata === undefined || retrieveServerMetadata) {
|
|
108
|
-
await client.retrieveServerMetadata()
|
|
111
|
+
await client.retrieveServerMetadata()
|
|
109
112
|
}
|
|
110
113
|
if (createAuthorizationRequestURL === undefined || createAuthorizationRequestURL) {
|
|
111
|
-
await client.createAuthorizationRequestUrl({ authorizationRequest, pkce })
|
|
114
|
+
await client.createAuthorizationRequestUrl({ authorizationRequest, pkce })
|
|
112
115
|
}
|
|
113
|
-
return client
|
|
116
|
+
return client
|
|
114
117
|
}
|
|
115
118
|
|
|
116
119
|
public static async fromURI({
|
|
117
|
-
|
|
118
|
-
|
|
119
|
-
|
|
120
|
-
|
|
121
|
-
|
|
122
|
-
|
|
123
|
-
|
|
124
|
-
|
|
125
|
-
|
|
126
|
-
|
|
120
|
+
uri,
|
|
121
|
+
kid,
|
|
122
|
+
alg,
|
|
123
|
+
retrieveServerMetadata,
|
|
124
|
+
clientId,
|
|
125
|
+
pkce,
|
|
126
|
+
createAuthorizationRequestURL,
|
|
127
|
+
authorizationRequest,
|
|
128
|
+
resolveOfferUri
|
|
129
|
+
}: {
|
|
127
130
|
uri: string;
|
|
128
131
|
kid?: string;
|
|
129
132
|
alg?: Alg | string;
|
|
@@ -134,95 +137,100 @@ export class OpenID4VCIClient {
|
|
|
134
137
|
clientId?: string;
|
|
135
138
|
authorizationRequest?: AuthorizationRequestOpts; // Can be provided here, or when manually calling createAuthorizationUrl
|
|
136
139
|
}): Promise<OpenID4VCIClient> {
|
|
137
|
-
const credentialOfferClient = await CredentialOfferClient.fromURI(uri, { resolve: resolveOfferUri })
|
|
140
|
+
const credentialOfferClient = await CredentialOfferClient.fromURI(uri, { resolve: resolveOfferUri })
|
|
138
141
|
const client = new OpenID4VCIClient({
|
|
139
142
|
credentialOffer: credentialOfferClient,
|
|
140
143
|
kid,
|
|
141
144
|
alg,
|
|
142
145
|
clientId: clientId ?? authorizationRequest?.clientId ?? credentialOfferClient.clientId,
|
|
143
146
|
pkce,
|
|
144
|
-
authorizationRequest
|
|
145
|
-
})
|
|
147
|
+
authorizationRequest
|
|
148
|
+
})
|
|
146
149
|
|
|
147
150
|
if (retrieveServerMetadata === undefined || retrieveServerMetadata) {
|
|
148
|
-
await client.retrieveServerMetadata()
|
|
151
|
+
await client.retrieveServerMetadata()
|
|
149
152
|
}
|
|
150
153
|
if (
|
|
151
154
|
credentialOfferClient.supportedFlows.includes(AuthzFlowType.AUTHORIZATION_CODE_FLOW) &&
|
|
152
155
|
(createAuthorizationRequestURL === undefined || createAuthorizationRequestURL)
|
|
153
156
|
) {
|
|
154
|
-
console.log(`AUTH REQ`)
|
|
155
|
-
await client.createAuthorizationRequestUrl({ authorizationRequest, pkce })
|
|
156
|
-
console.log(`AUTH REQ URL: ${client._authorizationURL}`)
|
|
157
|
+
console.log(`AUTH REQ`)
|
|
158
|
+
await client.createAuthorizationRequestUrl({ authorizationRequest, pkce })
|
|
159
|
+
console.log(`AUTH REQ URL: ${client._authorizationURL}`)
|
|
157
160
|
}
|
|
158
161
|
|
|
159
|
-
return client
|
|
162
|
+
return client
|
|
160
163
|
}
|
|
161
164
|
|
|
165
|
+
/**
|
|
166
|
+
* Allows you to create an Authorization Request URL when using an Authorization Code flow. This URL needs to be accessed using the front channel (browser)
|
|
167
|
+
*
|
|
168
|
+
* The Identity provider would present a login screen typically; after you authenticated, it would redirect to the provided redirectUri; which can be same device or cross-device
|
|
169
|
+
* @param opts
|
|
170
|
+
*/
|
|
162
171
|
public async createAuthorizationRequestUrl(opts?: { authorizationRequest?: AuthorizationRequestOpts; pkce?: PKCEOpts }): Promise<string> {
|
|
163
172
|
if (!this._authorizationURL) {
|
|
164
|
-
this.calculatePKCEOpts(opts?.pkce)
|
|
165
|
-
this._authorizationRequestOpts = this.syncAuthorizationRequestOpts(opts?.authorizationRequest)
|
|
173
|
+
this.calculatePKCEOpts(opts?.pkce)
|
|
174
|
+
this._authorizationRequestOpts = this.syncAuthorizationRequestOpts(opts?.authorizationRequest)
|
|
166
175
|
if (!this._authorizationRequestOpts) {
|
|
167
|
-
throw Error(`No Authorization Request options present or provided in this call`)
|
|
176
|
+
throw Error(`No Authorization Request options present or provided in this call`)
|
|
168
177
|
}
|
|
169
178
|
|
|
170
179
|
// todo: Probably can go with current logic in MetadataClient who will always set the authorization_endpoint when found
|
|
171
180
|
// handling this because of the support for v1_0-08
|
|
172
|
-
if (
|
|
173
|
-
this._endpointMetadata
|
|
174
|
-
'authorization_endpoint' in this._endpointMetadata.credentialIssuerMetadata
|
|
175
|
-
) {
|
|
176
|
-
this._endpointMetadata.authorization_endpoint = this._endpointMetadata.credentialIssuerMetadata.authorization_endpoint as string;
|
|
181
|
+
if (this._endpointMetadata?.credentialIssuerMetadata && 'authorization_endpoint' in this._endpointMetadata.credentialIssuerMetadata) {
|
|
182
|
+
this._endpointMetadata.authorization_endpoint = this._endpointMetadata.credentialIssuerMetadata.authorization_endpoint as string
|
|
177
183
|
}
|
|
178
184
|
this._authorizationURL = await createAuthorizationRequestUrl({
|
|
179
185
|
pkce: this._pkce,
|
|
180
186
|
endpointMetadata: this.endpointMetadata,
|
|
181
187
|
authorizationRequest: this._authorizationRequestOpts,
|
|
182
188
|
credentialOffer: this.credentialOffer,
|
|
183
|
-
credentialsSupported: this.getCredentialsSupported(true)
|
|
184
|
-
})
|
|
189
|
+
credentialsSupported: this.getCredentialsSupported(true)
|
|
190
|
+
})
|
|
185
191
|
}
|
|
186
|
-
return this._authorizationURL
|
|
192
|
+
return this._authorizationURL
|
|
187
193
|
}
|
|
188
194
|
|
|
189
195
|
public async retrieveServerMetadata(): Promise<EndpointMetadataResult> {
|
|
190
|
-
this.assertIssuerData()
|
|
196
|
+
this.assertIssuerData()
|
|
191
197
|
if (!this._endpointMetadata) {
|
|
192
198
|
if (this.credentialOffer) {
|
|
193
|
-
this._endpointMetadata = await MetadataClient.retrieveAllMetadataFromCredentialOffer(this.credentialOffer)
|
|
199
|
+
this._endpointMetadata = await MetadataClient.retrieveAllMetadataFromCredentialOffer(this.credentialOffer)
|
|
194
200
|
} else if (this._credentialIssuer) {
|
|
195
|
-
this._endpointMetadata = await MetadataClient.retrieveAllMetadata(this._credentialIssuer)
|
|
201
|
+
this._endpointMetadata = await MetadataClient.retrieveAllMetadata(this._credentialIssuer)
|
|
196
202
|
} else {
|
|
197
|
-
throw Error(`Cannot retrieve issuer metadata without either a credential offer, or issuer value`)
|
|
203
|
+
throw Error(`Cannot retrieve issuer metadata without either a credential offer, or issuer value`)
|
|
198
204
|
}
|
|
199
205
|
}
|
|
200
|
-
return this.endpointMetadata
|
|
206
|
+
return this.endpointMetadata
|
|
201
207
|
}
|
|
202
208
|
|
|
203
209
|
private calculatePKCEOpts(pkce?: PKCEOpts) {
|
|
204
|
-
this._pkce = generateMissingPKCEOpts({ ...this._pkce, ...pkce })
|
|
210
|
+
this._pkce = generateMissingPKCEOpts({ ...this._pkce, ...pkce })
|
|
205
211
|
}
|
|
206
212
|
|
|
207
213
|
public async acquireAccessToken(opts?: {
|
|
208
214
|
pin?: string;
|
|
209
215
|
clientId?: string;
|
|
210
216
|
codeVerifier?: string;
|
|
211
|
-
|
|
217
|
+
authorizationResponse?: string | AuthorizationResponse; // Pass in an auth response, either as URI/redirect, or object
|
|
218
|
+
code?: string; // Directly pass in a code from an auth response
|
|
212
219
|
redirectUri?: string;
|
|
213
220
|
}): Promise<AccessTokenResponse> {
|
|
214
|
-
const { pin, clientId,
|
|
221
|
+
const { pin, clientId, redirectUri } = opts ?? {}
|
|
222
|
+
const code = opts?.code ?? (opts?.authorizationResponse ? toAuthorizationResponsePayload(opts.authorizationResponse).code : undefined)
|
|
215
223
|
|
|
216
224
|
if (opts?.codeVerifier) {
|
|
217
|
-
this._pkce.codeVerifier = opts.codeVerifier
|
|
225
|
+
this._pkce.codeVerifier = opts.codeVerifier
|
|
218
226
|
}
|
|
219
|
-
this.assertIssuerData()
|
|
227
|
+
this.assertIssuerData()
|
|
220
228
|
|
|
221
229
|
if (clientId) {
|
|
222
|
-
this._clientId = clientId
|
|
230
|
+
this._clientId = clientId
|
|
223
231
|
}
|
|
224
232
|
if (!this._accessTokenResponse) {
|
|
225
|
-
const accessTokenClient = new AccessTokenClient()
|
|
233
|
+
const accessTokenClient = new AccessTokenClient()
|
|
226
234
|
|
|
227
235
|
const response = await accessTokenClient.acquireAccessToken({
|
|
228
236
|
credentialOffer: this.credentialOffer,
|
|
@@ -232,40 +240,40 @@ export class OpenID4VCIClient {
|
|
|
232
240
|
...(!this._pkce.disabled && { codeVerifier: this._pkce.codeVerifier }),
|
|
233
241
|
code,
|
|
234
242
|
redirectUri,
|
|
235
|
-
asOpts: { clientId }
|
|
236
|
-
})
|
|
243
|
+
asOpts: { clientId }
|
|
244
|
+
})
|
|
237
245
|
|
|
238
246
|
if (response.errorBody) {
|
|
239
|
-
debug(`Access token error:\r\n${response.errorBody}`)
|
|
247
|
+
debug(`Access token error:\r\n${response.errorBody}`)
|
|
240
248
|
throw Error(
|
|
241
249
|
`Retrieving an access token from ${this._endpointMetadata?.token_endpoint} for issuer ${this.getIssuer()} failed with status: ${
|
|
242
250
|
response.origResponse.status
|
|
243
|
-
}
|
|
244
|
-
)
|
|
251
|
+
}`
|
|
252
|
+
)
|
|
245
253
|
} else if (!response.successBody) {
|
|
246
|
-
debug(`Access token error. No success body`)
|
|
254
|
+
debug(`Access token error. No success body`)
|
|
247
255
|
throw Error(
|
|
248
256
|
`Retrieving an access token from ${this._endpointMetadata
|
|
249
|
-
?.token_endpoint} for issuer ${this.getIssuer()} failed as there was no success response body
|
|
250
|
-
)
|
|
257
|
+
?.token_endpoint} for issuer ${this.getIssuer()} failed as there was no success response body`
|
|
258
|
+
)
|
|
251
259
|
}
|
|
252
|
-
this._accessTokenResponse = response.successBody
|
|
260
|
+
this._accessTokenResponse = response.successBody
|
|
253
261
|
}
|
|
254
262
|
|
|
255
|
-
return this.accessTokenResponse
|
|
263
|
+
return this.accessTokenResponse
|
|
256
264
|
}
|
|
257
265
|
|
|
258
266
|
public async acquireCredentials({
|
|
259
|
-
|
|
260
|
-
|
|
261
|
-
|
|
262
|
-
|
|
263
|
-
|
|
264
|
-
|
|
265
|
-
|
|
266
|
-
|
|
267
|
-
|
|
268
|
-
|
|
267
|
+
credentialTypes,
|
|
268
|
+
proofCallbacks,
|
|
269
|
+
format,
|
|
270
|
+
kid,
|
|
271
|
+
jwk,
|
|
272
|
+
alg,
|
|
273
|
+
jti,
|
|
274
|
+
deferredCredentialAwait,
|
|
275
|
+
deferredCredentialIntervalInMS
|
|
276
|
+
}: {
|
|
269
277
|
credentialTypes: string | string[];
|
|
270
278
|
proofCallbacks: ProofOfPossessionCallbacks<any>;
|
|
271
279
|
format?: CredentialFormat | OID4VCICredentialFormat;
|
|
@@ -277,98 +285,98 @@ export class OpenID4VCIClient {
|
|
|
277
285
|
deferredCredentialIntervalInMS?: number;
|
|
278
286
|
}): Promise<CredentialResponse> {
|
|
279
287
|
if ([jwk, kid].filter((v) => v !== undefined).length > 1) {
|
|
280
|
-
throw new Error(KID_JWK_X5C_ERROR + `. jwk: ${jwk !== undefined}, kid: ${kid !== undefined}`)
|
|
288
|
+
throw new Error(KID_JWK_X5C_ERROR + `. jwk: ${jwk !== undefined}, kid: ${kid !== undefined}`)
|
|
281
289
|
}
|
|
282
290
|
|
|
283
|
-
if (alg) this._alg = alg
|
|
284
|
-
if (jwk) this._jwk = jwk
|
|
285
|
-
if (kid) this._kid = kid
|
|
291
|
+
if (alg) this._alg = alg
|
|
292
|
+
if (jwk) this._jwk = jwk
|
|
293
|
+
if (kid) this._kid = kid
|
|
286
294
|
|
|
287
295
|
const requestBuilder = this.credentialOffer
|
|
288
296
|
? CredentialRequestClientBuilder.fromCredentialOffer({
|
|
289
|
-
|
|
290
|
-
|
|
291
|
-
|
|
297
|
+
credentialOffer: this.credentialOffer,
|
|
298
|
+
metadata: this.endpointMetadata
|
|
299
|
+
})
|
|
292
300
|
: CredentialRequestClientBuilder.fromCredentialIssuer({
|
|
293
|
-
|
|
294
|
-
|
|
295
|
-
|
|
296
|
-
|
|
297
|
-
|
|
298
|
-
|
|
299
|
-
requestBuilder.withTokenFromResponse(this.accessTokenResponse)
|
|
300
|
-
requestBuilder.withDeferredCredentialAwait(deferredCredentialAwait ?? false, deferredCredentialIntervalInMS)
|
|
301
|
+
credentialIssuer: this.getIssuer(),
|
|
302
|
+
credentialTypes,
|
|
303
|
+
metadata: this.endpointMetadata,
|
|
304
|
+
version: this.version()
|
|
305
|
+
})
|
|
306
|
+
|
|
307
|
+
requestBuilder.withTokenFromResponse(this.accessTokenResponse)
|
|
308
|
+
requestBuilder.withDeferredCredentialAwait(deferredCredentialAwait ?? false, deferredCredentialIntervalInMS)
|
|
301
309
|
if (this.endpointMetadata?.credentialIssuerMetadata) {
|
|
302
|
-
const metadata = this.endpointMetadata.credentialIssuerMetadata
|
|
303
|
-
const types = Array.isArray(credentialTypes) ? [...credentialTypes].sort() : [credentialTypes]
|
|
310
|
+
const metadata = this.endpointMetadata.credentialIssuerMetadata
|
|
311
|
+
const types = Array.isArray(credentialTypes) ? [...credentialTypes].sort() : [credentialTypes]
|
|
304
312
|
|
|
305
313
|
if (metadata.credentials_supported && Array.isArray(metadata.credentials_supported)) {
|
|
306
|
-
let typeSupported = false
|
|
314
|
+
let typeSupported = false
|
|
307
315
|
|
|
308
316
|
metadata.credentials_supported.forEach((supportedCredential) => {
|
|
309
|
-
const subTypes = getTypesFromCredentialSupported(supportedCredential)
|
|
317
|
+
const subTypes = getTypesFromCredentialSupported(supportedCredential)
|
|
310
318
|
if (
|
|
311
319
|
subTypes.sort().every((t, i) => types[i] === t) ||
|
|
312
320
|
(types.length === 1 && (types[0] === supportedCredential.id || subTypes.includes(types[0])))
|
|
313
321
|
) {
|
|
314
|
-
typeSupported = true
|
|
322
|
+
typeSupported = true
|
|
315
323
|
}
|
|
316
|
-
})
|
|
324
|
+
})
|
|
317
325
|
|
|
318
326
|
if (!typeSupported) {
|
|
319
|
-
console.log(`Not all credential types ${JSON.stringify(credentialTypes)} are present in metadata for ${this.getIssuer()}`)
|
|
327
|
+
console.log(`Not all credential types ${JSON.stringify(credentialTypes)} are present in metadata for ${this.getIssuer()}`)
|
|
320
328
|
// throw Error(`Not all credential types ${JSON.stringify(credentialTypes)} are supported by issuer ${this.getIssuer()}`);
|
|
321
329
|
}
|
|
322
330
|
} else if (metadata.credentials_supported && !Array.isArray(metadata.credentials_supported)) {
|
|
323
|
-
const credentialsSupported = metadata.credentials_supported
|
|
331
|
+
const credentialsSupported = metadata.credentials_supported
|
|
324
332
|
if (types.some((type) => !metadata.credentials_supported || !credentialsSupported[type])) {
|
|
325
|
-
throw Error(`Not all credential types ${JSON.stringify(credentialTypes)} are supported by issuer ${this.getIssuer()}`)
|
|
333
|
+
throw Error(`Not all credential types ${JSON.stringify(credentialTypes)} are supported by issuer ${this.getIssuer()}`)
|
|
326
334
|
}
|
|
327
335
|
}
|
|
328
336
|
// todo: Format check? We might end up with some disjoint type / format combinations supported by the server
|
|
329
337
|
}
|
|
330
|
-
const credentialRequestClient = requestBuilder.build()
|
|
338
|
+
const credentialRequestClient = requestBuilder.build()
|
|
331
339
|
const proofBuilder = ProofOfPossessionBuilder.fromAccessTokenResponse({
|
|
332
340
|
accessTokenResponse: this.accessTokenResponse,
|
|
333
341
|
callbacks: proofCallbacks,
|
|
334
|
-
version: this.version()
|
|
342
|
+
version: this.version()
|
|
335
343
|
})
|
|
336
344
|
.withIssuer(this.getIssuer())
|
|
337
|
-
.withAlg(this.alg)
|
|
345
|
+
.withAlg(this.alg)
|
|
338
346
|
|
|
339
347
|
if (this._jwk) {
|
|
340
|
-
proofBuilder.withJWK(this._jwk)
|
|
348
|
+
proofBuilder.withJWK(this._jwk)
|
|
341
349
|
}
|
|
342
350
|
if (this._kid) {
|
|
343
|
-
proofBuilder.withKid(this._kid)
|
|
351
|
+
proofBuilder.withKid(this._kid)
|
|
344
352
|
}
|
|
345
353
|
|
|
346
354
|
if (this.clientId) {
|
|
347
|
-
proofBuilder.withClientId(this.clientId)
|
|
355
|
+
proofBuilder.withClientId(this.clientId)
|
|
348
356
|
}
|
|
349
357
|
if (jti) {
|
|
350
|
-
proofBuilder.withJti(jti)
|
|
358
|
+
proofBuilder.withJti(jti)
|
|
351
359
|
}
|
|
352
360
|
const response = await credentialRequestClient.acquireCredentialsUsingProof({
|
|
353
361
|
proofInput: proofBuilder,
|
|
354
362
|
credentialTypes: credentialTypes,
|
|
355
|
-
format
|
|
356
|
-
})
|
|
363
|
+
format
|
|
364
|
+
})
|
|
357
365
|
if (response.errorBody) {
|
|
358
|
-
debug(`Credential request error:\r\n${JSON.stringify(response.errorBody)}`)
|
|
366
|
+
debug(`Credential request error:\r\n${JSON.stringify(response.errorBody)}`)
|
|
359
367
|
throw Error(
|
|
360
368
|
`Retrieving a credential from ${this._endpointMetadata?.credential_endpoint} for issuer ${this.getIssuer()} failed with status: ${
|
|
361
369
|
response.origResponse.status
|
|
362
|
-
}
|
|
363
|
-
)
|
|
370
|
+
}`
|
|
371
|
+
)
|
|
364
372
|
} else if (!response.successBody) {
|
|
365
|
-
debug(`Credential request error. No success body`)
|
|
373
|
+
debug(`Credential request error. No success body`)
|
|
366
374
|
throw Error(
|
|
367
375
|
`Retrieving a credential from ${this._endpointMetadata
|
|
368
|
-
?.credential_endpoint} for issuer ${this.getIssuer()} failed as there was no success response body
|
|
369
|
-
)
|
|
376
|
+
?.credential_endpoint} for issuer ${this.getIssuer()} failed as there was no success response body`
|
|
377
|
+
)
|
|
370
378
|
}
|
|
371
|
-
return response.successBody
|
|
379
|
+
return response.successBody
|
|
372
380
|
}
|
|
373
381
|
|
|
374
382
|
// FIXME: We really should convert <v11 to v12 objects first. Right now the logic doesn't map nicely and is brittle.
|
|
@@ -377,37 +385,37 @@ export class OpenID4VCIClient {
|
|
|
377
385
|
// Then match the object array on server metadata
|
|
378
386
|
getCredentialsSupported(
|
|
379
387
|
restrictToInitiationTypes: boolean,
|
|
380
|
-
format?: (OID4VCICredentialFormat | string) | (OID4VCICredentialFormat | string)[]
|
|
388
|
+
format?: (OID4VCICredentialFormat | string) | (OID4VCICredentialFormat | string)[]
|
|
381
389
|
): CredentialSupported[] {
|
|
382
390
|
return getSupportedCredentials({
|
|
383
391
|
issuerMetadata: this.endpointMetadata.credentialIssuerMetadata,
|
|
384
392
|
version: this.version(),
|
|
385
393
|
format: format,
|
|
386
|
-
types: restrictToInitiationTypes ? this.getCredentialOfferTypes() : undefined
|
|
387
|
-
})
|
|
394
|
+
types: restrictToInitiationTypes ? this.getCredentialOfferTypes() : undefined
|
|
395
|
+
})
|
|
388
396
|
}
|
|
389
397
|
|
|
390
398
|
getCredentialOfferTypes(): string[][] {
|
|
391
399
|
if (!this.credentialOffer) {
|
|
392
|
-
return []
|
|
400
|
+
return []
|
|
393
401
|
} else if (this.credentialOffer.version < OpenId4VCIVersion.VER_1_0_11) {
|
|
394
|
-
const orig = this.credentialOffer.original_credential_offer as CredentialOfferPayloadV1_0_08
|
|
395
|
-
const types: string[] = typeof orig.credential_type === 'string' ? [orig.credential_type] : orig.credential_type
|
|
396
|
-
const result: string[][] = []
|
|
397
|
-
result[0] = types
|
|
398
|
-
return result
|
|
402
|
+
const orig = this.credentialOffer.original_credential_offer as CredentialOfferPayloadV1_0_08
|
|
403
|
+
const types: string[] = typeof orig.credential_type === 'string' ? [orig.credential_type] : orig.credential_type
|
|
404
|
+
const result: string[][] = []
|
|
405
|
+
result[0] = types
|
|
406
|
+
return result
|
|
399
407
|
} else {
|
|
400
408
|
return this.credentialOffer.credential_offer.credentials.map((c) => {
|
|
401
409
|
if (typeof c === 'string') {
|
|
402
|
-
return [c]
|
|
410
|
+
return [c]
|
|
403
411
|
} else if ('types' in c) {
|
|
404
|
-
return c.types
|
|
412
|
+
return c.types
|
|
405
413
|
} else if ('vct' in c) {
|
|
406
|
-
return [c.vct]
|
|
414
|
+
return [c.vct]
|
|
407
415
|
} else {
|
|
408
|
-
return c.credential_definition.types
|
|
416
|
+
return c.credential_definition.types
|
|
409
417
|
}
|
|
410
|
-
})
|
|
418
|
+
})
|
|
411
419
|
}
|
|
412
420
|
}
|
|
413
421
|
|
|
@@ -415,119 +423,123 @@ export class OpenID4VCIClient {
|
|
|
415
423
|
return (
|
|
416
424
|
this.credentialOffer?.supportedFlows ??
|
|
417
425
|
(this._endpointMetadata?.credentialIssuerMetadata?.authorization_endpoint ? [AuthzFlowType.AUTHORIZATION_CODE_FLOW] : [])
|
|
418
|
-
)
|
|
426
|
+
)
|
|
419
427
|
}
|
|
420
428
|
|
|
421
429
|
isFlowTypeSupported(flowType: AuthzFlowType): boolean {
|
|
422
|
-
return this.issuerSupportedFlowTypes().includes(flowType)
|
|
430
|
+
return this.issuerSupportedFlowTypes().includes(flowType)
|
|
423
431
|
}
|
|
424
432
|
|
|
425
433
|
get authorizationURL(): string | undefined {
|
|
426
|
-
return this._authorizationURL
|
|
434
|
+
return this._authorizationURL
|
|
427
435
|
}
|
|
428
436
|
|
|
429
437
|
public hasAuthorizationURL(): boolean {
|
|
430
|
-
return !!this.authorizationURL
|
|
438
|
+
return !!this.authorizationURL
|
|
431
439
|
}
|
|
432
440
|
|
|
433
441
|
get credentialOffer(): CredentialOfferRequestWithBaseUrl | undefined {
|
|
434
|
-
return this._credentialOffer
|
|
442
|
+
return this._credentialOffer
|
|
435
443
|
}
|
|
436
444
|
|
|
437
445
|
public version(): OpenId4VCIVersion {
|
|
438
|
-
return this.credentialOffer?.version ?? OpenId4VCIVersion.VER_1_0_11
|
|
446
|
+
return this.credentialOffer?.version ?? OpenId4VCIVersion.VER_1_0_11
|
|
439
447
|
}
|
|
440
448
|
|
|
441
449
|
public get endpointMetadata(): EndpointMetadataResult {
|
|
442
|
-
this.assertServerMetadata()
|
|
450
|
+
this.assertServerMetadata()
|
|
443
451
|
// eslint-disable-next-line @typescript-eslint/no-non-null-assertion
|
|
444
|
-
return this._endpointMetadata
|
|
452
|
+
return this._endpointMetadata!
|
|
445
453
|
}
|
|
446
454
|
|
|
447
455
|
get kid(): string {
|
|
448
|
-
this.assertIssuerData()
|
|
456
|
+
this.assertIssuerData()
|
|
449
457
|
if (!this._kid) {
|
|
450
|
-
throw new Error('No value for kid is supplied')
|
|
458
|
+
throw new Error('No value for kid is supplied')
|
|
451
459
|
}
|
|
452
|
-
return this._kid
|
|
460
|
+
return this._kid
|
|
453
461
|
}
|
|
454
462
|
|
|
455
463
|
get alg(): string {
|
|
456
|
-
this.assertIssuerData()
|
|
464
|
+
this.assertIssuerData()
|
|
457
465
|
if (!this._alg) {
|
|
458
|
-
throw new Error('No value for alg is supplied')
|
|
466
|
+
throw new Error('No value for alg is supplied')
|
|
459
467
|
}
|
|
460
|
-
return this._alg
|
|
468
|
+
return this._alg
|
|
461
469
|
}
|
|
462
470
|
|
|
463
471
|
get clientId(): string | undefined {
|
|
464
|
-
return this._clientId
|
|
472
|
+
return this._clientId
|
|
473
|
+
}
|
|
474
|
+
|
|
475
|
+
public hasAccessTokenResponse(): boolean {
|
|
476
|
+
return !!this._accessTokenResponse
|
|
465
477
|
}
|
|
466
478
|
|
|
467
479
|
get accessTokenResponse(): AccessTokenResponse {
|
|
468
|
-
this.assertAccessToken()
|
|
480
|
+
this.assertAccessToken()
|
|
469
481
|
// eslint-disable-next-line @typescript-eslint/no-non-null-assertion
|
|
470
|
-
return this._accessTokenResponse
|
|
482
|
+
return this._accessTokenResponse!
|
|
471
483
|
}
|
|
472
484
|
|
|
473
485
|
public getIssuer(): string {
|
|
474
|
-
this.assertIssuerData()
|
|
475
|
-
return this._credentialIssuer
|
|
486
|
+
this.assertIssuerData()
|
|
487
|
+
return this._credentialIssuer
|
|
476
488
|
}
|
|
477
489
|
|
|
478
490
|
public getAccessTokenEndpoint(): string {
|
|
479
|
-
this.assertIssuerData()
|
|
491
|
+
this.assertIssuerData()
|
|
480
492
|
return this.endpointMetadata
|
|
481
493
|
? this.endpointMetadata.token_endpoint
|
|
482
|
-
: AccessTokenClient.determineTokenURL({ issuerOpts: { issuer: this.getIssuer() } })
|
|
494
|
+
: AccessTokenClient.determineTokenURL({ issuerOpts: { issuer: this.getIssuer() } })
|
|
483
495
|
}
|
|
484
496
|
|
|
485
497
|
public getCredentialEndpoint(): string {
|
|
486
|
-
this.assertIssuerData()
|
|
487
|
-
return this.endpointMetadata ? this.endpointMetadata.credential_endpoint : `${this.getIssuer()}/credential
|
|
498
|
+
this.assertIssuerData()
|
|
499
|
+
return this.endpointMetadata ? this.endpointMetadata.credential_endpoint : `${this.getIssuer()}/credential`
|
|
488
500
|
}
|
|
489
501
|
|
|
490
502
|
public hasDeferredCredentialEndpoint(): boolean {
|
|
491
|
-
return !!this.getAccessTokenEndpoint()
|
|
503
|
+
return !!this.getAccessTokenEndpoint()
|
|
492
504
|
}
|
|
493
505
|
|
|
494
506
|
public getDeferredCredentialEndpoint(): string {
|
|
495
|
-
this.assertIssuerData()
|
|
496
|
-
return this.endpointMetadata ? this.endpointMetadata.credential_endpoint : `${this.getIssuer()}/credential
|
|
507
|
+
this.assertIssuerData()
|
|
508
|
+
return this.endpointMetadata ? this.endpointMetadata.credential_endpoint : `${this.getIssuer()}/credential`
|
|
497
509
|
}
|
|
498
510
|
|
|
499
511
|
private assertIssuerData(): void {
|
|
500
512
|
if (!this._credentialIssuer) {
|
|
501
|
-
throw Error(`No credential issuer value present`)
|
|
513
|
+
throw Error(`No credential issuer value present`)
|
|
502
514
|
} else if (!this._credentialOffer && this._endpointMetadata && this.issuerSupportedFlowTypes().length === 0) {
|
|
503
|
-
throw Error(`No issuance initiation or credential offer present`)
|
|
515
|
+
throw Error(`No issuance initiation or credential offer present`)
|
|
504
516
|
}
|
|
505
517
|
}
|
|
506
518
|
|
|
507
519
|
private assertServerMetadata(): void {
|
|
508
520
|
if (!this._endpointMetadata) {
|
|
509
|
-
throw Error('No server metadata')
|
|
521
|
+
throw Error('No server metadata')
|
|
510
522
|
}
|
|
511
523
|
}
|
|
512
524
|
|
|
513
525
|
private assertAccessToken(): void {
|
|
514
526
|
if (!this._accessTokenResponse) {
|
|
515
|
-
throw Error(`No access token present`)
|
|
527
|
+
throw Error(`No access token present`)
|
|
516
528
|
}
|
|
517
529
|
}
|
|
518
530
|
|
|
519
531
|
private syncAuthorizationRequestOpts(opts?: AuthorizationRequestOpts): AuthorizationRequestOpts {
|
|
520
|
-
let authorizationRequestOpts = { ...this._authorizationRequestOpts, ...opts } as AuthorizationRequestOpts
|
|
532
|
+
let authorizationRequestOpts = { ...this._authorizationRequestOpts, ...opts } as AuthorizationRequestOpts
|
|
521
533
|
if (!authorizationRequestOpts) {
|
|
522
534
|
authorizationRequestOpts = { redirectUri: 'openid4vc%3A' }
|
|
523
535
|
}
|
|
524
536
|
const clientId = authorizationRequestOpts.clientId ?? this._clientId
|
|
525
|
-
this._clientId = clientId
|
|
526
|
-
authorizationRequestOpts.clientId = clientId
|
|
537
|
+
this._clientId = clientId
|
|
538
|
+
authorizationRequestOpts.clientId = clientId
|
|
527
539
|
|
|
528
540
|
if (!authorizationRequestOpts.redirectUri) {
|
|
529
|
-
authorizationRequestOpts.redirectUri = 'openid4vc%3A'
|
|
541
|
+
authorizationRequestOpts.redirectUri = 'openid4vc%3A'
|
|
530
542
|
}
|
|
531
|
-
return authorizationRequestOpts
|
|
543
|
+
return authorizationRequestOpts
|
|
532
544
|
}
|
|
533
545
|
}
|
|
@@ -52,8 +52,8 @@ const DID_URL_ENCODED =
|
|
|
52
52
|
const kid = `${DID}#z2dmzD81cgPx8Vki7JbuuMmFYrWPgYoytykUZ3eyqht1j9Kbrm54tL4pRrDDhR1QJ5RHPMXUq5MzYpZL2k35vya5eMiNxschNy9AJ74CC3MmcYiZJGZfyhWQ6qDgTVcDSHdquwPYvLDut383JbrgYdZYYSC2merTMgmQtUi3huYhaky1qE`;
|
|
53
53
|
|
|
54
54
|
// const jw = jose.importKey()
|
|
55
|
-
|
|
56
|
-
describe
|
|
55
|
+
|
|
56
|
+
describe('OID4VCI-Client using Sphereon issuer should', () => {
|
|
57
57
|
async function test(credentialType: 'CTWalletCrossPreAuthorisedInTime' | 'CTWalletCrossPreAuthorisedDeferred' | 'CTWalletCrossAuthorisedInTime') {
|
|
58
58
|
debug.enable('*');
|
|
59
59
|
const offer = await getCredentialOffer(credentialType);
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@sphereon/oid4vci-client",
|
|
3
|
-
"version": "0.8.2-unstable.
|
|
3
|
+
"version": "0.8.2-unstable.61+4ae9a7d",
|
|
4
4
|
"description": "OpenID for Verifiable Credential Issuance (OpenID4VCI) client",
|
|
5
5
|
"source": "lib/index.ts",
|
|
6
6
|
"main": "dist/index.js",
|
|
@@ -15,7 +15,7 @@
|
|
|
15
15
|
"build": "tsc"
|
|
16
16
|
},
|
|
17
17
|
"dependencies": {
|
|
18
|
-
"@sphereon/oid4vci-common": "0.8.2-unstable.
|
|
18
|
+
"@sphereon/oid4vci-common": "0.8.2-unstable.61+4ae9a7d",
|
|
19
19
|
"@sphereon/ssi-types": "^0.18.1",
|
|
20
20
|
"cross-fetch": "^3.1.8",
|
|
21
21
|
"debug": "^4.3.4"
|
|
@@ -69,5 +69,5 @@
|
|
|
69
69
|
"OIDC4VCI",
|
|
70
70
|
"OID4VCI"
|
|
71
71
|
],
|
|
72
|
-
"gitHead": "
|
|
72
|
+
"gitHead": "4ae9a7df19cf147a86bc17a16d5a1dffe18d82bf"
|
|
73
73
|
}
|