@sphereon/ssi-sdk.ebsi-support 0.34.1-next.3 → 0.34.1-next.323

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@sphereon/ssi-sdk.ebsi-support",
-  "version": "0.34.1-next.3+6c49ea2f",
+  "version": "0.34.1-next.323+d3f5079e",
   "source": "src/index.ts",
   "type": "module",
   "main": "./dist/index.cjs",
@@ -27,43 +27,44 @@
   },
   "dependencies": {
     "@ethersproject/random": "^5.7.0",
-    "@sphereon/did-auth-siop": "0.19.0",
-    "@sphereon/did-auth-siop-adapter": "0.19.0",
+    "@sphereon/did-auth-siop": "0.19.1-next.235",
+    "@sphereon/did-auth-siop-adapter": "0.19.1-next.235",
     "@sphereon/pex": "5.0.0-unstable.28",
     "@sphereon/pex-models": "^2.3.2",
-    "@sphereon/ssi-sdk-ext.did-resolver-ebsi": "0.29.1-next.3",
-    "@sphereon/ssi-sdk-ext.did-utils": "0.29.1-next.3",
-    "@sphereon/ssi-sdk-ext.identifier-resolution": "0.29.1-next.3",
-    "@sphereon/ssi-sdk-ext.jwt-service": "0.29.1-next.3",
-    "@sphereon/ssi-sdk-ext.key-utils": "0.29.1-next.3",
-    "@sphereon/ssi-sdk.contact-manager": "0.34.1-next.3+6c49ea2f",
-    "@sphereon/ssi-sdk.core": "0.34.1-next.3+6c49ea2f",
-    "@sphereon/ssi-sdk.oid4vci-holder": "0.34.1-next.3+6c49ea2f",
-    "@sphereon/ssi-sdk.presentation-exchange": "0.34.1-next.3+6c49ea2f",
-    "@sphereon/ssi-sdk.siopv2-oid4vp-op-auth": "0.34.1-next.3+6c49ea2f",
-    "@sphereon/ssi-types": "0.34.1-next.3+6c49ea2f",
+    "@sphereon/ssi-sdk-ext.did-resolver-ebsi": "0.34.1-next.323+d3f5079e",
+    "@sphereon/ssi-sdk-ext.did-utils": "0.34.1-next.323+d3f5079e",
+    "@sphereon/ssi-sdk-ext.identifier-resolution": "0.34.1-next.323+d3f5079e",
+    "@sphereon/ssi-sdk-ext.jwt-service": "0.34.1-next.323+d3f5079e",
+    "@sphereon/ssi-sdk-ext.key-utils": "0.34.1-next.323+d3f5079e",
+    "@sphereon/ssi-sdk.contact-manager": "0.34.1-next.323+d3f5079e",
+    "@sphereon/ssi-sdk.core": "0.34.1-next.323+d3f5079e",
+    "@sphereon/ssi-sdk.oid4vci-holder": "0.34.1-next.323+d3f5079e",
+    "@sphereon/ssi-sdk.presentation-exchange": "0.34.1-next.323+d3f5079e",
+    "@sphereon/ssi-sdk.siopv2-oid4vp-op-auth": "0.34.1-next.323+d3f5079e",
+    "@sphereon/ssi-types": "0.34.1-next.323+d3f5079e",
     "@veramo/core": "4.2.0",
     "@veramo/did-manager": "4.2.0",
     "@veramo/utils": "4.2.0",
-    "cross-fetch": "^3.1.8",
+    "cross-fetch": "^4.1.0",
     "debug": "^4.3.5",
     "did-resolver": "^4.1.0",
     "ethers": "^6.13.1",
     "multiformats": "9.9.0",
     "qs": "^6.12.3",
-    "uint8arrays": "^3.1.1",
+    "uint8arrays": "3.1.1",
     "uuid": "^9.0.1",
     "xstate": "^4.38.3"
   },
   "devDependencies": {
-    "@sphereon/oid4vci-client": "0.19.0",
-    "@sphereon/oid4vci-common": "0.19.0",
-    "@sphereon/ssi-express-support": "0.34.1-next.3+6c49ea2f",
-    "@sphereon/ssi-sdk-ext.key-manager": "0.29.1-next.3",
-    "@sphereon/ssi-sdk-ext.kms-local": "0.29.1-next.3",
-    "@sphereon/ssi-sdk.agent-config": "0.34.1-next.3+6c49ea2f",
-    "@sphereon/ssi-sdk.data-store": "0.34.1-next.3+6c49ea2f",
-    "@sphereon/ssi-sdk.public-key-hosting": "0.34.1-next.3+6c49ea2f",
+    "@sphereon/oid4vci-client": "0.19.1-next.235",
+    "@sphereon/oid4vci-common": "0.19.1-next.235",
+    "@sphereon/ssi-express-support": "0.34.1-next.323+d3f5079e",
+    "@sphereon/ssi-sdk-ext.key-manager": "0.34.1-next.323+d3f5079e",
+    "@sphereon/ssi-sdk-ext.kms-local": "0.34.1-next.323+d3f5079e",
+    "@sphereon/ssi-sdk.agent-config": "0.34.1-next.323+d3f5079e",
+    "@sphereon/ssi-sdk.data-store": "0.34.1-next.323+d3f5079e",
+    "@sphereon/ssi-sdk.data-store-types": "0.34.1-next.323+d3f5079e",
+    "@sphereon/ssi-sdk.public-key-hosting": "0.34.1-next.323+d3f5079e",
     "@transmute/json-web-signature": "0.7.0-unstable.81",
     "@types/cors": "^2.8.17",
     "@types/express": "^4.17.21",
@@ -98,5 +99,5 @@
     "EBSI",
     "EBSI Authorization Client"
   ],
-  "gitHead": "6c49ea2f9c1bc61641ca2c98e3aa0a5b48018d91"
+  "gitHead": "d3f5079e9d38e5e63abb8695829b724a03180a47"
 }

package/plugin.schema.json

@@ -346,7 +346,7 @@
             "di_vp": {
               "$ref": "#/components/schemas/DiObject"
             },
-            "vc+sd-jwt": {
+            "dc+sd-jwt": {
               "$ref": "#/components/schemas/SdJwtObject"
             }
           }

package/src/agent/EbsiSupport.ts

@@ -1,6 +1,4 @@
-import { PresentationDefinitionLocation, PresentationDefinitionWithLocation, SupportedVersion } from '@sphereon/did-auth-siop'
 import { CreateRequestObjectMode } from '@sphereon/oid4vci-common'
-import { IPEXFilterResult } from '@sphereon/ssi-sdk.presentation-exchange'
 import { CredentialMapper, PresentationSubmission } from '@sphereon/ssi-types'
 import { IAgentPlugin } from '@veramo/core'
 import fetch from 'cross-fetch'
@@ -29,7 +27,6 @@ import {
 } from '../types/IEbsiSupport'
 
 import { v4 } from 'uuid'
-import { CheckLinkedDomain } from '@sphereon/did-auth-siop-adapter'
 import { defaultHasher } from '@sphereon/ssi-sdk.core'
 
 export const ebsiSupportMethods: Array<string> = [
@@ -181,49 +178,54 @@ export class EbsiSupport implements IAgentPlugin {
       }
     }
 
-    const definition = {
-      definition: definitionResponse,
-      location: PresentationDefinitionLocation.TOPLEVEL_PRESENTATION_DEF,
-      version: SupportedVersion.SIOPv2_D11,
-    } satisfies PresentationDefinitionWithLocation
+    // FIXME SSISDK-40 should use DCQL
+    // const definition = {
+    //   definition: definitionResponse,
+    //   location: PresentationDefinitionLocation.TOPLEVEL_PRESENTATION_DEF,
+    //   version: SupportedVersion.SIOPv2_D11,
+    // } satisfies PresentationDefinitionWithLocation
 
-    const pexResult = hasInputDescriptors
-      ? await context.agent.pexDefinitionFilterCredentials({
-          presentationDefinition: definitionResponse,
-          credentialFilterOpts: { credentialRole: args.credentialRole, verifiableCredentials: [attestationCredential!] },
-        })
-      : ({
-          // LOL, let's see whether we can trick PEX to create a VP without VCs
-          filteredCredentials: [],
-          id: definitionResponse.id,
-          selectResults: { verifiableCredential: [], areRequiredCredentialsPresent: 'info' },
-        } satisfies IPEXFilterResult)
-    const opSession = await context.agent.siopRegisterOPSession({
-      requestJwtOrUri: '', // Siop assumes we use an auth request, which we don't have in this case
-      op: { checkLinkedDomains: CheckLinkedDomain.NEVER },
-      providedPresentationDefinitions: [definition],
-    })
-    const oid4vp = await opSession.getOID4VP({ allIdentifiers: [identifier.did] })
-    const vp = await oid4vp.createVerifiablePresentation(
-      args.credentialRole,
-      { definition, credentials: pexResult.filteredCredentials },
-      {
-        proofOpts: { domain: openIDMetadata.issuer, nonce: v4(), created: new Date(Date.now() - 120_000).toString() },
-        holder: identifier.did,
-        idOpts: idOpts,
-        skipDidResolution,
-        forceNoCredentialsInVP: !hasInputDescriptors,
-      },
-    )
+    // const pexResult = hasInputDescriptors
+    //   ? await context.agent.pexDefinitionFilterCredentials({
+    //       presentationDefinition: definitionResponse,
+    //       credentialFilterOpts: { credentialRole: args.credentialRole, verifiableCredentials: [attestationCredential!] },
+    //     })
+    //   : ({
+    //       // LOL, let's see whether we can trick PEX to create a VP without VCs
+    //       filteredCredentials: [],
+    //       id: definitionResponse.id,
+    //       selectResults: { verifiableCredential: [], areRequiredCredentialsPresent: 'info' },
+    //     } satisfies IPEXFilterResult)
+    // const opSession = await context.agent.siopRegisterOPSession({
+    //   requestJwtOrUri: '', // Siop assumes we use an auth request, which we don't have in this case
+    //   op: { checkLinkedDomains: CheckLinkedDomain.NEVER },
+    //   //providedPresentationDefinitions: [definition],
+    // })
+
+    //const oid4vp = await opSession.getOID4VP({ allIdentifiers: [identifier.did] })
+    // const vp = await oid4vp.createVerifiablePresentation(
+    //   args.credentialRole,
+    //   { dcqlQuery: definition, credentials: pexResult.filteredCredentials },
+    //   {
+    //     proofOpts: { domain: openIDMetadata.issuer, nonce: v4(), created: new Date(Date.now() - 120_000).toString() },
+    //     holder: identifier.did,
+    //     idOpts: idOpts,
+    //     skipDidResolution,
+    //     forceNoCredentialsInVP: !hasInputDescriptors,
+    //   },
+    // )
 
-    const presentationSubmission = hasInputDescriptors
-      ? vp.presentationSubmission
-      : ({ id: v4(), definition_id: definitionResponse.id, descriptor_map: [] } satisfies PresentationSubmission)
+    const presentationSubmission = { id: v4(), definition_id: definitionResponse.id, descriptor_map: [] } satisfies PresentationSubmission
+    // FIXME SSISDK-40
+    //hasInputDescriptors
+    //? vp.presentationSubmission
+    //: ({ id: v4(), definition_id: definitionResponse.id, descriptor_map: [] } satisfies PresentationSubmission)
 
     console.log(`Presentation submission`, presentationSubmission)
     const tokenRequestArgs = {
       grant_type: 'vp_token',
-      vp_token: CredentialMapper.toCompactJWT(vp.verifiablePresentations[0]), // FIXME How are we going to send multiple presentations in a vp_token?
+      // FIXME SSISDK-40
+      vp_token: '', //CredentialMapper.toCompactJWT(vp.verifiablePresentations[0]), // FIXME How are we going to send multiple presentations in a vp_token?
       scope,
       presentation_submission: presentationSubmission,
       apiOpts: { environment, version: 'v4' },

package/src/did/functions.ts

@@ -236,7 +236,7 @@ export const toMinimalImportableKey = async (args: { key?: IKeyOpts; type: EbsiK
   }
 
   minimalImportableKey.meta = {
-    purposes: assertedPurposes({ key }) ?? setDefaultPurposes({ key, type }),
+    purposes: assertedPurposes({ key }) ?? setPurposes({ key, type }),
     jwkThumbprint: calculateJwkThumbprintForKey({
       key: minimalImportableKey as MinimalImportableKey,
       digestAlgorithm: 'sha256',
@@ -275,7 +275,7 @@ export const assertedPurposes = (args: { key?: IKeyOpts }): EbsiPublicKeyPurpose
   return key?.purposes
 }
 
-export const setDefaultPurposes = (args: { key?: IKeyOpts; type: EbsiKeyType }): EbsiPublicKeyPurpose[] => {
+export const setPurposes = (args: { key?: IKeyOpts; type: EbsiKeyType }): EbsiPublicKeyPurpose[] => {
   const { key, type } = args
   if (!key?.purposes || key.purposes.length === 0) {
     switch (type) {

package/src/did/index.ts

@@ -3,3 +3,4 @@ export { getDidEbsiResolver } from './EbsiDidResolver'
 export { ebsiCreateDidOnLedger, randomRpcId, ebsiSignAndSendTransaction, ebsiGetRegistryAPIUrls } from './functions'
 export * from './services/EbsiRestService'
 export * from './types'
+export * from './functions'

package/src/did/types.ts

@@ -4,7 +4,7 @@ import { IService } from '@veramo/core'
 import { DIDDocument } from 'did-resolver'
 import { AccessListish, BigNumberish, BytesLike } from 'ethers'
 import { ApiOpts, EbsiEnvironment } from '../types/IEbsiSupport'
-import { CredentialRole } from '@sphereon/ssi-sdk.data-store'
+import { CredentialRole } from '@sphereon/ssi-types'
 
 export type IContext = IAgentContext<IKeyManager>
 

package/src/functions/Attestation.ts

@@ -1,10 +1,11 @@
 import { OpenID4VCIClient } from '@sphereon/oid4vci-client'
 import {
   Alg,
-  AuthorizationDetails,
+  AuthorizationDetailsV1_0_15,
   AuthorizationRequestOpts,
   AuthzFlowType,
   CredentialConfigurationSupported,
+  CredentialConfigurationSupportedV1_0_15,
   getJson,
   getTypesFromCredentialSupported,
   ProofOfPossessionCallbacks,
@@ -29,7 +30,7 @@ import {
   Siopv2OID4VPLinkHandler,
 } from '@sphereon/ssi-sdk.siopv2-oid4vp-op-auth'
 import { _ExtendedIKey } from '@veramo/utils'
-import { waitFor } from 'xstate/lib/waitFor'
+import { waitFor } from 'xstate/lib/waitFor.js'
 import { logger } from '../index'
 import { AttestationResult, CreateAttestationAuthRequestURLArgs, EbsiEnvironment, GetAttestationArgs, IRequiredContext } from '../types/IEbsiSupport'
 import {
@@ -101,7 +102,7 @@ export const ebsiCreateAttestationAuthRequestURL = async (
     retrieveServerMetadata: true,
   })
 
-  const allMatches = vciClient.getCredentialsSupported(false)
+  const allMatches = {} as Record<string, CredentialConfigurationSupportedV1_0_15> | Array<CredentialConfigurationSupported> // vciClient.getCredentialsSupported(format) FIXME SSISDK-40
   let arrayMatches: Array<CredentialConfigurationSupported>
   if (Array.isArray(allMatches)) {
     arrayMatches = allMatches
@@ -118,11 +119,15 @@ export const ebsiCreateAttestationAuthRequestURL = async (
     throw Error(`Could not find '${credentialType}' with format(s) '${formats.join(',')}' in list of supported types for issuer: ${credentialIssuer}`)
   }
   const authorizationDetails = supportedConfigurations.map((supported) => {
+    const credential_configuration_id = supported.id as string
+    if (!credential_configuration_id) {
+      throw Error(`Credential configuration id missing for credential type: ${credentialType}`)
+    }
     return {
       type: 'openid_credential',
-      format: supported.format,
-      types: getTypesFromCredentialSupported(supported),
-    } as AuthorizationDetails
+      credential_configuration_id,
+      credential_identifiers: getTypesFromCredentialSupported(supported),
+    } satisfies AuthorizationDetailsV1_0_15
   })
 
   const signCallbacks: ProofOfPossessionCallbacks = requestObjectOpts.signCallbacks ?? {

package/src/functions/AttestationHeadlessCallbacks.ts

@@ -3,15 +3,15 @@ import { getIssuerName } from '@sphereon/oid4vci-common'
 import {
   ConnectionType,
   CorrelationIdentifierType,
-  CredentialRole,
   IdentityOrigin,
   NonPersistedParty,
   Party,
   PartyOrigin,
   PartyTypeType,
-} from '@sphereon/ssi-sdk.data-store'
+} from '@sphereon/ssi-sdk.data-store-types'
 import { OID4VCIMachine, OID4VCIMachineEvents, OID4VCIMachineInterpreter, OID4VCIMachineState } from '@sphereon/ssi-sdk.oid4vci-holder'
 import { Siopv2MachineInterpreter, Siopv2MachineState, Siopv2OID4VPLinkHandler } from '@sphereon/ssi-sdk.siopv2-oid4vp-op-auth'
+import { CredentialRole } from '@sphereon/ssi-types'
 import fetch from 'cross-fetch'
 import { logger } from '../index'
 import { IRequiredContext } from '../types/IEbsiSupport'

package/src/index.ts

@@ -8,4 +8,4 @@ const schema = require('../plugin.schema.json')
 export { schema }
 export { EbsiSupport, ebsiSupportMethods } from './agent/EbsiSupport'
 export * from './types/IEbsiSupport'
-export { EbsiDidProvider } from './did'
+export * from './did'

package/src/types/IEbsiSupport.ts

@@ -3,7 +3,8 @@ import { OID4VCICredentialFormat, RequestObjectOpts } from '@sphereon/oid4vci-co
 import { Format, PresentationDefinitionV2 } from '@sphereon/pex-models'
 import { IIdentifierResolution, ManagedIdentifierDidOpts, ManagedIdentifierDidResult } from '@sphereon/ssi-sdk-ext.identifier-resolution'
 import { IJwtService } from '@sphereon/ssi-sdk-ext.jwt-service'
-import { CredentialRole, IBasicCredentialLocaleBranding, Party } from '@sphereon/ssi-sdk.data-store'
+import { IBasicCredentialLocaleBranding, Party } from '@sphereon/ssi-sdk.data-store-types'
+import { CredentialRole } from '@sphereon/ssi-types'
 import { ErrorDetails, IOID4VCIHolder, MappedCredentialToAccept } from '@sphereon/ssi-sdk.oid4vci-holder'
 import { IPresentationExchange } from '@sphereon/ssi-sdk.presentation-exchange'
 import { IDidAuthSiopOpAuthenticator } from '@sphereon/ssi-sdk.siopv2-oid4vp-op-auth'