@sphereon/oid4vci-common 0.19.1-feature.DIIPv4.2 → 0.19.1-feature.DIIPv4.34

package/dist/index.cjs

@@ -152,6 +152,7 @@ __export(index_exports, {
   createCodeChallenge: () => createCodeChallenge,
   createProofOfPossession: () => createProofOfPossession,
   credentialIssuerMetadataFieldNames: () => credentialIssuerMetadataFieldNames,
+  credentialIssuerMetadataFieldNamesV1_0_15: () => credentialIssuerMetadataFieldNamesV1_0_15,
   credentialSupportedV8ToV13: () => credentialSupportedV8ToV13,
   credentialsSupportedV8ToV13: () => credentialsSupportedV8ToV13,
   decodeJsonProperties: () => decodeJsonProperties,
@@ -167,6 +168,7 @@ __export(index_exports, {
   generateNonce: () => generateNonce,
   generateRandomString: () => generateRandomString,
   getClientIdFromCredentialOfferPayload: () => getClientIdFromCredentialOfferPayload,
+  getCredentialConfigurationIdsFromOfferV1_0_15: () => getCredentialConfigurationIdsFromOfferV1_0_15,
   getCredentialOfferPayload: () => getCredentialOfferPayload,
   getCredentialRequestForVersion: () => getCredentialRequestForVersion,
   getFormatForVersion: () => getFormatForVersion,
@@ -198,8 +200,10 @@ __export(index_exports, {
   isPreAuthCode: () => isPreAuthCode,
   isValidURL: () => isValidURL,
   isW3cCredentialSupported: () => isW3cCredentialSupported,
+  normalizeOfferInput: () => normalizeOfferInput,
   post: () => post,
   resolveCredentialOfferURI: () => resolveCredentialOfferURI,
+  supportedOID4VCICredentialFormat: () => supportedOID4VCICredentialFormat,
   toAuthorizationResponsePayload: () => toAuthorizationResponsePayload,
   toUniformCredentialOfferPayload: () => toUniformCredentialOfferPayload,
   toUniformCredentialOfferRequest: () => toUniformCredentialOfferRequest,
@@ -229,6 +233,14 @@ init_cjs_shims();
 
 // lib/types/Generic.types.ts
 init_cjs_shims();
+var supportedOID4VCICredentialFormat = [
+  "jwt_vc_json",
+  "jwt_vc_json-ld",
+  "ldp_vc",
+  "dc+sd-jwt",
+  "jwt_vc",
+  "mso_mdoc"
+];
 var PRE_AUTH_CODE_LITERAL = "pre-authorized_code";
 var PRE_AUTH_GRANT_LITERAL = "urn:ietf:params:oauth:grant-type:pre-authorized_code";
 
@@ -349,6 +361,26 @@ var credentialIssuerMetadataFieldNames = [
   "signed_metadata"
 ];
 
+// lib/types/v1_0_15.types.ts
+init_cjs_shims();
+var credentialIssuerMetadataFieldNamesV1_0_15 = [
+  "credential_issuer",
+  "credential_configurations_supported",
+  "credential_endpoint",
+  "nonce_endpoint",
+  "deferred_credential_endpoint",
+  "notification_endpoint",
+  "credential_response_encryption",
+  "batch_credential_issuance",
+  "authorization_servers",
+  "token_endpoint",
+  "display",
+  "credential_supplier_config",
+  "credential_identifiers_supported",
+  "signed_metadata",
+  "authorization_challenge_endpoint"
+];
+
 // lib/types/ServerMetadata.ts
 init_cjs_shims();
 var authorizationServerMetadataFieldNames = [
@@ -431,6 +463,7 @@ var OpenId4VCIVersion = /* @__PURE__ */ function(OpenId4VCIVersion2) {
   OpenId4VCIVersion2[OpenId4VCIVersion2["VER_1_0_11"] = 1011] = "VER_1_0_11";
   OpenId4VCIVersion2[OpenId4VCIVersion2["VER_1_0_12"] = 1012] = "VER_1_0_12";
   OpenId4VCIVersion2[OpenId4VCIVersion2["VER_1_0_13"] = 1013] = "VER_1_0_13";
+  OpenId4VCIVersion2[OpenId4VCIVersion2["VER_1_0_15"] = 1015] = "VER_1_0_15";
   OpenId4VCIVersion2[OpenId4VCIVersion2["VER_UNKNOWN"] = Number.MAX_VALUE] = "VER_UNKNOWN";
   return OpenId4VCIVersion2;
 }({});
@@ -491,57 +524,12 @@ var TokenError = class _TokenError extends Error {
 // lib/types/QRCode.types.ts
 init_cjs_shims();
 
-// lib/functions/FormatUtils.ts
-init_cjs_shims();
-function isFormat(formatObject, format) {
-  return formatObject.format === format;
-}
-__name(isFormat, "isFormat");
-function isNotFormat(formatObject, format) {
-  return formatObject.format !== format;
-}
-__name(isNotFormat, "isNotFormat");
-var isUniformFormat = /* @__PURE__ */ __name((format) => {
-  return [
-    "jwt_vc_json",
-    "jwt_vc_json-ld",
-    "ldp_vc",
-    "vc+sd-jwt",
-    "mso_mdoc"
-  ].includes(format);
-}, "isUniformFormat");
-function getUniformFormat(format) {
-  if (isUniformFormat(format)) {
-    return format;
-  }
-  if (format.toLocaleLowerCase() === "jwt_vc" || format.toLocaleLowerCase() === "jwt") {
-    return "jwt_vc";
-  }
-  if (format === "ldp_vc" || format === "ldp") {
-    return "ldp_vc";
-  }
-  throw new Error(`Invalid format: ${format}`);
-}
-__name(getUniformFormat, "getUniformFormat");
-function getFormatForVersion(format, version) {
-  const uniformFormat = isUniformFormat(format) ? format : getUniformFormat(format);
-  if (version === OpenId4VCIVersion.VER_1_0_08) {
-    if (uniformFormat === "jwt_vc_json") {
-      return "jwt_vc";
-    } else if (uniformFormat === "ldp_vc" || uniformFormat === "jwt_vc_json-ld") {
-      return "ldp_vc";
-    }
-  }
-  return uniformFormat;
-}
-__name(getFormatForVersion, "getFormatForVersion");
-
 // lib/functions/CredentialRequestUtil.ts
-function getTypesFromRequest(credentialRequest, opts) {
+function getTypesFromRequest(credentialRequest, format, opts) {
   let types = [];
   if ("credential_identifier" in credentialRequest && credentialRequest.credential_identifier) {
     throw Error(`Cannot get types from request when it contains a credential_identifier`);
-  } else if (credentialRequest.format === "jwt_vc_json-ld" || credentialRequest.format === "ldp_vc" || credentialRequest.format === "jwt_vc" || credentialRequest.format === "jwt_vc_json") {
+  } else if (format === "jwt_vc_json-ld" || format === "ldp_vc" || format === "jwt_vc" || format === "jwt_vc_json") {
     if ("credential_definition" in credentialRequest && credentialRequest.credential_definition) {
       types = "types" in credentialRequest.credential_definition ? credentialRequest.credential_definition.types : credentialRequest.credential_definition.type;
     }
@@ -551,11 +539,11 @@ function getTypesFromRequest(credentialRequest, opts) {
     if ("types" in credentialRequest && Array.isArray(credentialRequest.types)) {
       types = credentialRequest.types;
     }
-  } else if (credentialRequest.format === "vc+sd-jwt" && "vct" in credentialRequest) {
+  } else if (format === "dc+sd-jwt" && "vct" in credentialRequest) {
     types = [
       credentialRequest.vct
     ];
-  } else if (credentialRequest.format === "mso_mdoc" && "doctype" in credentialRequest) {
+  } else if (format === "mso_mdoc" && "doctype" in credentialRequest) {
     types = [
       credentialRequest.doctype
     ];
@@ -569,17 +557,16 @@ function getTypesFromRequest(credentialRequest, opts) {
   return types;
 }
 __name(getTypesFromRequest, "getTypesFromRequest");
-function getCredentialRequestForVersion(credentialRequest, version) {
+function getCredentialRequestForVersion(credentialRequest, format, version) {
   if (version === OpenId4VCIVersion.VER_1_0_08) {
-    const draft8Format = getFormatForVersion(credentialRequest.format, version);
-    const types = getTypesFromRequest(credentialRequest, {
+    const types = getTypesFromRequest(credentialRequest, format, {
       filterVerifiableCredential: true
     });
     if (credentialRequest.credential_subject_issuance) {
       throw Error("Experimental subject issuance is not supported for older versions of the spec");
     }
     return {
-      format: draft8Format,
+      format,
       proof: credentialRequest.proof,
       type: types[0]
     };
@@ -792,6 +779,7 @@ __name(acquireDeferredCredentialImpl, "acquireDeferredCredentialImpl");
 init_cjs_shims();
 var import_ssi_types2 = require("@sphereon/ssi-types");
 var import_jwt_decode = require("jwt-decode");
+var import_oid4vc_common = require("@sphereon/oid4vc-common");
 var logger2 = import_ssi_types2.Loggers.DEFAULT.get("sphereon:oid4vci:offer");
 function determineSpecVersionFromURI(uri) {
   let version = determineSpecVersionFromScheme(uri, OpenId4VCIVersion.VER_UNKNOWN) ?? OpenId4VCIVersion.VER_UNKNOWN;
@@ -811,42 +799,100 @@ function determineSpecVersionFromURI(uri) {
     OpenId4VCIVersion.VER_1_0_11
   ], "grants.user_pin_required");
   version = getVersionFromURIParam(uri, version, [
-    OpenId4VCIVersion.VER_1_0_13
+    OpenId4VCIVersion.VER_1_0_13,
+    OpenId4VCIVersion.VER_1_0_15
   ], "credential_configuration_ids");
   version = getVersionFromURIParam(uri, version, [
-    OpenId4VCIVersion.VER_1_0_13
+    OpenId4VCIVersion.VER_1_0_13,
+    OpenId4VCIVersion.VER_1_0_15
   ], "tx_code");
+  version = getVersionFromURIParam(uri, version, [
+    OpenId4VCIVersion.VER_1_0_15
+  ], "credential_offer_uri ");
   if (version === OpenId4VCIVersion.VER_UNKNOWN) {
-    version = OpenId4VCIVersion.VER_1_0_13;
+    version = OpenId4VCIVersion.VER_1_0_15;
   }
   return version;
 }
 __name(determineSpecVersionFromURI, "determineSpecVersionFromURI");
 function determineSpecVersionFromScheme(credentialOfferURI, openId4VCIVersion) {
   const scheme = getScheme(credentialOfferURI);
-  if (credentialOfferURI.includes(DefaultURISchemes.INITIATE_ISSUANCE)) {
+  const url = toUrlWithDummyBase(credentialOfferURI);
+  const qp = url.searchParams;
+  if (scheme === DefaultURISchemes.INITIATE_ISSUANCE) {
+    if (qp.has("credential_offer") || qp.has("credential_offer_uri")) {
+      return recordVersion(openId4VCIVersion, [
+        OpenId4VCIVersion.VER_1_0_15
+      ], scheme);
+    }
+    if (qp.has("credential_type") || qp.has("issuer")) {
+      return recordVersion(openId4VCIVersion, [
+        OpenId4VCIVersion.VER_1_0_08
+      ], scheme);
+    }
     return recordVersion(openId4VCIVersion, [
-      OpenId4VCIVersion.VER_1_0_08
+      OpenId4VCIVersion.VER_UNKNOWN
     ], scheme);
   }
-  if (credentialOfferURI.includes("credential_offer_uri")) {
-    return void 0;
-  } else if (credentialOfferURI.includes(DefaultURISchemes.CREDENTIAL_OFFER)) {
-    if (credentialOfferURI.includes("credentials:") || credentialOfferURI.includes("credentials%22")) {
+  if (scheme === DefaultURISchemes.CREDENTIAL_OFFER) {
+    if (qp.has("credential_offer_uri")) {
       return recordVersion(openId4VCIVersion, [
-        OpenId4VCIVersion.VER_1_0_11
+        OpenId4VCIVersion.VER_1_0_15
       ], scheme);
     }
-    return recordVersion(openId4VCIVersion, [
-      OpenId4VCIVersion.VER_1_0_13
-    ], scheme);
-  } else {
+    const rawParam = getParamValueLoose(qp, "credential_offer");
+    if (rawParam) {
+      const decoded = tryDecodeOffer(rawParam);
+      const version = sniffOfferVersion(decoded);
+      if (version !== OpenId4VCIVersion.VER_UNKNOWN) {
+        return recordVersion(openId4VCIVersion, [
+          version
+        ], scheme);
+      }
+    }
     return recordVersion(openId4VCIVersion, [
       OpenId4VCIVersion.VER_UNKNOWN
     ], scheme);
   }
+  return recordVersion(openId4VCIVersion, [
+    OpenId4VCIVersion.VER_UNKNOWN
+  ], scheme);
 }
 __name(determineSpecVersionFromScheme, "determineSpecVersionFromScheme");
+function toUrlWithDummyBase(uri) {
+  const normalized = uri.replace(/^openid-[^?]+:\/\//, "https://dummy/?");
+  return new URL(normalized);
+}
+__name(toUrlWithDummyBase, "toUrlWithDummyBase");
+function getParamValueLoose(qp, key) {
+  if (qp.has(key)) return qp.get(key);
+  if (qp.has(`?${key}`)) return qp.get(`?${key}`);
+  return null;
+}
+__name(getParamValueLoose, "getParamValueLoose");
+function tryDecodeOffer(input) {
+  let candidate = input;
+  try {
+    candidate = decodeURIComponent(candidate);
+  } catch {
+  }
+  if (!/[{}]/.test(candidate) && /^[A-Za-z0-9\-_]+$/.test(candidate)) {
+    try {
+      const b64 = candidate.replace(/-/g, "+").replace(/_/g, "/").padEnd(Math.ceil(candidate.length / 4) * 4, "=");
+      candidate = atob(b64);
+    } catch {
+    }
+  }
+  return candidate;
+}
+__name(tryDecodeOffer, "tryDecodeOffer");
+function sniffOfferVersion(jsonLike) {
+  if (!jsonLike) return OpenId4VCIVersion.VER_UNKNOWN;
+  const has = /* @__PURE__ */ __name((k) => new RegExp(`"${k}"\\s*:`, "i").test(jsonLike), "has");
+  if (has("credentials")) return OpenId4VCIVersion.VER_1_0_11;
+  return OpenId4VCIVersion.VER_UNKNOWN;
+}
+__name(sniffOfferVersion, "sniffOfferVersion");
 function getScheme(credentialOfferURI) {
   if (!credentialOfferURI || !credentialOfferURI.includes("://")) {
     throw Error("Invalid credential offer URI");
@@ -902,7 +948,9 @@ var getStateFromCredentialOfferPayload = /* @__PURE__ */ __name((credentialOffer
   return;
 }, "getStateFromCredentialOfferPayload");
 function determineSpecVersionFromOffer(offer) {
-  if (isCredentialOfferV1_0_13(offer)) {
+  if (isCredentialOfferV1_0_15(offer)) {
+    return OpenId4VCIVersion.VER_1_0_15;
+  } else if (isCredentialOfferV1_0_13(offer)) {
     return OpenId4VCIVersion.VER_1_0_13;
   } else if (isCredentialOfferV1_0_11(offer)) {
     return OpenId4VCIVersion.VER_1_0_11;
@@ -983,6 +1031,20 @@ function isCredentialOfferV1_0_13(offer) {
   return "credential_offer_uri" in offer;
 }
 __name(isCredentialOfferV1_0_13, "isCredentialOfferV1_0_13");
+function isCredentialOfferV1_0_15(offer) {
+  if (!offer) {
+    return false;
+  }
+  offer = normalizeOfferInput(offer);
+  if ("credential_issuer" in offer && "credential_configuration_ids" in offer) {
+    return Array.isArray(offer.credential_configuration_ids);
+  }
+  if ("credential_offer" in offer && offer["credential_offer"]) {
+    return isCredentialOfferV1_0_15(offer["credential_offer"]);
+  }
+  return "credential_offer_uri" in offer;
+}
+__name(isCredentialOfferV1_0_15, "isCredentialOfferV1_0_15");
 async function toUniformCredentialOfferRequest(offer, opts) {
   let version = opts?.version ?? determineSpecVersionFromOffer(offer);
   let originalCredentialOffer = offer.credential_offer;
@@ -1018,6 +1080,7 @@ async function toUniformCredentialOfferRequest(offer, opts) {
 }
 __name(toUniformCredentialOfferRequest, "toUniformCredentialOfferRequest");
 function isPreAuthCode(request) {
+  request = normalizeOfferInput(request);
   const payload = "credential_offer" in request ? request.credential_offer : request;
   return payload?.grants?.[PRE_AUTH_GRANT_LITERAL]?.[PRE_AUTH_CODE_LITERAL] !== void 0;
 }
@@ -1051,7 +1114,8 @@ async function resolveCredentialOfferURI(uri) {
   return response.successBody;
 }
 __name(resolveCredentialOfferURI, "resolveCredentialOfferURI");
-function toUniformCredentialOfferPayload(offer, opts) {
+function toUniformCredentialOfferPayload(rawOffer, opts) {
+  const offer = normalizeOfferInput(rawOffer);
   const version = opts?.version ?? determineSpecVersionFromOffer(offer);
   if (version >= OpenId4VCIVersion.VER_1_0_11) {
     const orig = offer;
@@ -1120,6 +1184,7 @@ function determineFlowType(suppliedOffer, version) {
 }
 __name(determineFlowType, "determineFlowType");
 function getCredentialOfferPayload(offer) {
+  offer = normalizeOfferInput(offer);
   let payload;
   if ("credential_offer" in offer && offer["credential_offer"]) {
     payload = offer.credential_offer;
@@ -1130,6 +1195,7 @@ function getCredentialOfferPayload(offer) {
 }
 __name(getCredentialOfferPayload, "getCredentialOfferPayload");
 function determineGrantTypes(offer) {
+  offer = normalizeOfferInput(offer);
   let grants;
   if ("grants" in offer && offer.grants) {
     grants = offer.grants;
@@ -1202,6 +1268,25 @@ function getTypesFromOfferV1_0_11(credentialOffer, opts) {
   return types;
 }
 __name(getTypesFromOfferV1_0_11, "getTypesFromOfferV1_0_11");
+function getCredentialConfigurationIdsFromOfferV1_0_15(offer) {
+  return offer.credential_configuration_ids ?? [];
+}
+__name(getCredentialConfigurationIdsFromOfferV1_0_15, "getCredentialConfigurationIdsFromOfferV1_0_15");
+function normalizeOfferInput(input) {
+  if (typeof input !== "string") {
+    return input;
+  }
+  if (import_ssi_types2.ObjectUtils.isString(input) && input.startsWith("ey")) {
+    const payload = (0, import_oid4vc_common.base64urlToString)(input);
+    return JSON.parse(payload);
+  }
+  try {
+    return JSON.parse(input);
+  } catch {
+  }
+  return input;
+}
+__name(normalizeOfferInput, "normalizeOfferInput");
 
 // lib/functions/Encoding.ts
 init_cjs_shims();
@@ -1425,7 +1510,7 @@ function getTypesFromCredentialSupported(credentialSupported, opts) {
   let types = [];
   if (credentialSupported.format === "jwt_vc_json" || credentialSupported.format === "jwt_vc" || credentialSupported.format === "jwt_vc_json-ld" || credentialSupported.format === "ldp_vc") {
     types = getTypesFromObject(credentialSupported) ?? [];
-  } else if (credentialSupported.format === "vc+sd-jwt") {
+  } else if (credentialSupported.format === "dc+sd-jwt" || credentialSupported.format === "vc+sd-jwt") {
     types = [
       credentialSupported.vct
     ];
@@ -1447,7 +1532,7 @@ __name(getTypesFromCredentialSupported, "getTypesFromCredentialSupported");
 // lib/functions/IssuerMetadataUtils.ts
 init_cjs_shims();
 function getSupportedCredentials(opts) {
-  const { version = OpenId4VCIVersion.VER_1_0_13, types } = opts ?? {};
+  const { version = OpenId4VCIVersion.VER_1_0_15, types } = opts ?? {};
   if (types && Array.isArray(types)) {
     if (version < OpenId4VCIVersion.VER_1_0_13) {
       return types.flatMap((typeSet) => getSupportedCredential({
@@ -1476,7 +1561,9 @@ function getSupportedCredentials(opts) {
 __name(getSupportedCredentials, "getSupportedCredentials");
 function determineVersionsFromIssuerMetadata(issuerMetadata) {
   const versions = /* @__PURE__ */ new Set();
-  if ("authorization_server" in issuerMetadata) {
+  if ("credential_configurations_supported" in issuerMetadata) {
+    versions.add(OpenId4VCIVersion.VER_1_0_15);
+  } else if ("authorization_server" in issuerMetadata) {
     versions.add(OpenId4VCIVersion.VER_1_0_11);
   } else if ("authorization_servers" in issuerMetadata) {
     versions.add(OpenId4VCIVersion.VER_1_0_13);
@@ -1499,9 +1586,10 @@ function determineVersionsFromIssuerMetadata(issuerMetadata) {
 }
 __name(determineVersionsFromIssuerMetadata, "determineVersionsFromIssuerMetadata");
 function getSupportedCredential(opts) {
-  const { issuerMetadata, types, format, version = OpenId4VCIVersion.VER_1_0_13 } = opts ?? {};
+  const { issuerMetadata, types, format, version = OpenId4VCIVersion.VER_1_0_15 } = opts ?? {};
   let credentialConfigurationsV11 = void 0;
   let credentialConfigurationsV13 = void 0;
+  let credentialConfigurationsV15 = void 0;
   if (version < OpenId4VCIVersion.VER_1_0_12 || issuerMetadata?.credential_configurations_supported === void 0 && issuerMetadata?.credentials_supported) {
     if (issuerMetadata?.credentials_supported && !Array.isArray(issuerMetadata?.credentials_supported)) {
       credentialConfigurationsV11 = [];
@@ -1511,15 +1599,25 @@ function getSupportedCredential(opts) {
         }
         credentialConfigurationsV11?.push(supported);
       });
+    } else if (version >= OpenId4VCIVersion.VER_1_0_15) {
+      credentialConfigurationsV15 = issuerMetadata?.credential_configurations_supported ?? {};
     } else {
       credentialConfigurationsV11 = issuerMetadata?.credentials_supported ?? [];
     }
-  } else {
+  } else if (version == OpenId4VCIVersion.VER_1_0_13) {
     credentialConfigurationsV13 = issuerMetadata?.credential_configurations_supported ?? {};
+  } else {
+    credentialConfigurationsV15 = issuerMetadata?.credential_configurations_supported ?? {};
   }
   if (!issuerMetadata || !issuerMetadata.credential_configurations_supported && !issuerMetadata.credentials_supported) {
     VCI_LOG_COMMON.warning(`No credential issuer metadata or supported credentials found for issuer}`);
-    return version < OpenId4VCIVersion.VER_1_0_13 ? credentialConfigurationsV11 : credentialConfigurationsV13;
+    if (version < OpenId4VCIVersion.VER_1_0_13) {
+      return credentialConfigurationsV11;
+    } else if (version >= OpenId4VCIVersion.VER_1_0_15) {
+      return credentialConfigurationsV15;
+    } else {
+      return credentialConfigurationsV15;
+    }
   }
   const normalizedTypes = Array.isArray(types) ? types : types ? [
     types
@@ -1536,12 +1634,14 @@ function getSupportedCredential(opts) {
       } else if (types2) {
         isTypeMatch = normalizedTypes.every((type) => types2.includes(type));
       } else {
-        if (isW3cCredentialSupported(config) && "credential_definition" in config) {
-          isTypeMatch = normalizedTypes.every((type) => config.credential_definition.type.includes(type));
+        const hasValidCredentialDefinition = isW3cCredentialSupported(config) && "credential_definition" in config && config.credential_definition && typeof config.credential_definition === "object" && true && "type" in config.credential_definition && Array.isArray(config.credential_definition.type);
+        if (hasValidCredentialDefinition) {
+          const credDef = config.credential_definition;
+          isTypeMatch = normalizedTypes.every((type) => credDef.type.includes(type));
         } else if (isW3cCredentialSupported(config) && "type" in config && Array.isArray(config.type)) {
           isTypeMatch = normalizedTypes.every((type) => config.type.includes(type));
-        } else if (isW3cCredentialSupported(config) && "types" in config) {
-          isTypeMatch = normalizedTypes.every((type) => config.types?.includes(type));
+        } else if (isW3cCredentialSupported(config) && "types" in config && Array.isArray(config.types)) {
+          isTypeMatch = normalizedTypes.every((type) => config.types.includes(type));
         }
       }
     }
@@ -1549,7 +1649,17 @@ function getSupportedCredential(opts) {
     return isTypeMatch && isFormatMatch ? config : void 0;
   }
   __name(filterMatchingConfig, "filterMatchingConfig");
-  if (credentialConfigurationsV13) {
+  if (credentialConfigurationsV15) {
+    return Object.entries(credentialConfigurationsV15).reduce((filteredConfigs, [id, config]) => {
+      if (filterMatchingConfig(config)) {
+        filteredConfigs[id] = config;
+        if (!config.id) {
+          config.id = id;
+        }
+      }
+      return filteredConfigs;
+    }, {});
+  } else if (credentialConfigurationsV13) {
     return Object.entries(credentialConfigurationsV13).reduce((filteredConfigs, [id, config]) => {
       if (filterMatchingConfig(config)) {
         filteredConfigs[id] = config;
@@ -1612,6 +1722,51 @@ function getIssuerName(url, credentialIssuerMetadata) {
 }
 __name(getIssuerName, "getIssuerName");
 
+// lib/functions/FormatUtils.ts
+init_cjs_shims();
+function isFormat(formatObject, format) {
+  return formatObject.format === format;
+}
+__name(isFormat, "isFormat");
+function isNotFormat(formatObject, format) {
+  return formatObject.format !== format;
+}
+__name(isNotFormat, "isNotFormat");
+var isUniformFormat = /* @__PURE__ */ __name((format) => {
+  return [
+    "jwt_vc_json",
+    "jwt_vc_json-ld",
+    "ldp_vc",
+    "dc+sd-jwt",
+    "mso_mdoc"
+  ].includes(format);
+}, "isUniformFormat");
+function getUniformFormat(format) {
+  if (isUniformFormat(format)) {
+    return format;
+  }
+  if (format.toLocaleLowerCase() === "jwt_vc" || format.toLocaleLowerCase() === "jwt") {
+    return "jwt_vc";
+  }
+  if (format === "ldp_vc" || format === "ldp") {
+    return "ldp_vc";
+  }
+  throw new Error(`Invalid format: ${format}`);
+}
+__name(getUniformFormat, "getUniformFormat");
+function getFormatForVersion(format, version) {
+  const uniformFormat = isUniformFormat(format) ? format : getUniformFormat(format);
+  if (version === OpenId4VCIVersion.VER_1_0_08) {
+    if (uniformFormat === "jwt_vc_json") {
+      return "jwt_vc";
+    } else if (uniformFormat === "ldp_vc" || uniformFormat === "jwt_vc_json-ld") {
+      return "ldp_vc";
+    }
+  }
+  return uniformFormat;
+}
+__name(getFormatForVersion, "getFormatForVersion");
+
 // lib/functions/ProofUtil.ts
 init_cjs_shims();
 var import_ssi_types3 = require("@sphereon/ssi-types");
@@ -1623,7 +1778,7 @@ var createProofOfPossession = /* @__PURE__ */ __name(async (popMode, callbacks,
     throw new Error(BAD_PARAMS);
   }
   const jwtPayload = createJWT(popMode, jwtProps, existingJwt);
-  const jwt = await callbacks.signCallback(jwtPayload, jwtPayload.header.kid);
+  const jwt = await callbacks.signCallback(jwtPayload, jwtPayload.header.kid, popMode === "pop");
   const proof = {
     proof_type: "jwt",
     jwt
@@ -1779,7 +1934,7 @@ var toAuthorizationResponsePayload = /* @__PURE__ */ __name((input) => {
 
 // lib/functions/RandomUtils.ts
 init_cjs_shims();
-var import_oid4vc_common = require("@sphereon/oid4vc-common");
+var import_oid4vc_common2 = require("@sphereon/oid4vc-common");
 var u8a = __toESM(require("uint8arrays"), 1);
 var import_randomBytes = __toESM(require_randomBytes(), 1);
 var { toString } = u8a;
@@ -1800,7 +1955,7 @@ var createCodeChallenge = /* @__PURE__ */ __name((codeVerifier, codeChallengeMet
   if (codeChallengeMethod === CodeChallengeMethod.plain) {
     return codeVerifier;
   } else if (!codeChallengeMethod || codeChallengeMethod === CodeChallengeMethod.S256) {
-    return toString((0, import_oid4vc_common.defaultHasher)(codeVerifier, "sha256"), "base64url");
+    return toString((0, import_oid4vc_common2.defaultHasher)(codeVerifier, "sha256"), "base64url");
   } else {
     throw Error(`code challenge method ${codeChallengeMethod} not implemented`);
   }