@sphereon/ssi-sdk.mdl-mdoc 0.33.1-feature.vcdm2.tsup.32 → 0.33.1-next.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (23) hide show
  1. package/dist/agent/mDLMdoc.d.ts +68 -0
  2. package/dist/agent/mDLMdoc.d.ts.map +1 -0
  3. package/dist/agent/mDLMdoc.js +251 -0
  4. package/dist/agent/mDLMdoc.js.map +1 -0
  5. package/dist/functions/index.d.ts +47 -0
  6. package/dist/functions/index.d.ts.map +1 -0
  7. package/dist/functions/index.js +260 -0
  8. package/dist/functions/index.js.map +1 -0
  9. package/dist/index.d.ts +6 -222
  10. package/dist/index.d.ts.map +1 -0
  11. package/dist/index.js +25 -2538
  12. package/dist/index.js.map +1 -1
  13. package/dist/types/ImDLMdoc.d.ts +75 -0
  14. package/dist/types/ImDLMdoc.d.ts.map +1 -0
  15. package/dist/types/ImDLMdoc.js +3 -0
  16. package/dist/types/ImDLMdoc.js.map +1 -0
  17. package/package.json +25 -36
  18. package/src/agent/mDLMdoc.ts +21 -18
  19. package/src/functions/index.ts +34 -35
  20. package/src/types/ImDLMdoc.ts +8 -25
  21. package/dist/index.cjs +0 -2568
  22. package/dist/index.cjs.map +0 -1
  23. package/dist/index.d.cts +0 -223
package/dist/index.js CHANGED
@@ -1,2540 +1,27 @@
1
- var __defProp = Object.defineProperty;
2
- var __getOwnPropNames = Object.getOwnPropertyNames;
3
- var __name = (target, value) => __defProp(target, "name", { value, configurable: true });
4
- var __commonJS = (cb, mod) => function __require() {
5
- return mod || (0, cb[__getOwnPropNames(cb)[0]])((mod = { exports: {} }).exports, mod), mod.exports;
6
- };
7
-
8
- // plugin.schema.json
9
- var require_plugin_schema = __commonJS({
10
- "plugin.schema.json"(exports, module) {
11
- module.exports = {
12
- IEBSIAuthorizationClient: {
13
- components: {
14
- schemas: {
15
- EBSIAuthAccessTokenGetArgs: {
16
- type: "object",
17
- properties: {
18
- vc: {
19
- type: "string"
20
- },
21
- definitionId: {
22
- $ref: "#/components/schemas/ScopeByDefinition"
23
- },
24
- did: {
25
- type: "string"
26
- },
27
- kid: {
28
- type: "string"
29
- },
30
- scope: {
31
- $ref: "#/components/schemas/EBSIScope"
32
- },
33
- apiOpts: {
34
- $ref: '#/components/schemas/Optional<ApiOpts,"version">'
35
- }
36
- },
37
- required: ["vc", "definitionId", "did", "kid", "scope", "apiOpts"]
38
- },
39
- ScopeByDefinition: {
40
- type: "string",
41
- enum: ["didr_invite", "didr_write", "tir_invite", "tir_write", "timestamp_write", "tnt_authorise", "tnt_create", "tnt_write"]
42
- },
43
- EBSIScope: {
44
- type: "string",
45
- enum: [
46
- "didr_write",
47
- "didr_invite",
48
- "tir_write",
49
- "tir_invite",
50
- "timestamp_write",
51
- "tnt_authorise",
52
- "tnt_create",
53
- "tnt_write",
54
- "did_authn"
55
- ],
56
- description: "The OpenID scope"
57
- },
58
- 'Optional<ApiOpts,"version">': {
59
- type: "object",
60
- properties: {
61
- environment: {
62
- $ref: "#/components/schemas/EbsiEnvironment"
63
- },
64
- version: {
65
- $ref: "#/components/schemas/EbsiApiVersion"
66
- }
67
- }
68
- },
69
- EbsiEnvironment: {
70
- type: "string",
71
- enum: ["pilot", "conformance", "conformance-test"]
72
- },
73
- EbsiApiVersion: {
74
- type: "string",
75
- enum: ["v3", "v4", "v5"]
76
- },
77
- GetAccessTokenResponse: {
78
- anyOf: [
79
- {
80
- $ref: "#/components/schemas/GetAccessTokenSuccessResponse"
81
- },
82
- {
83
- $ref: "#/components/schemas/ExceptionResponse"
84
- }
85
- ]
86
- },
87
- GetAccessTokenSuccessResponse: {
88
- type: "object",
89
- properties: {
90
- access_token: {
91
- type: "string"
92
- },
93
- token_type: {
94
- $ref: "#/components/schemas/TokenType"
95
- },
96
- expires_in: {
97
- type: "number"
98
- },
99
- scope: {
100
- $ref: "#/components/schemas/EBSIScope"
101
- },
102
- id_token: {
103
- type: "string"
104
- },
105
- apiOpts: {
106
- $ref: "#/components/schemas/ApiOpts"
107
- }
108
- },
109
- required: ["access_token", "token_type", "scope", "id_token", "apiOpts"]
110
- },
111
- TokenType: {
112
- type: "string",
113
- const: "Bearer"
114
- },
115
- ApiOpts: {
116
- type: "object",
117
- properties: {
118
- environment: {
119
- $ref: "#/components/schemas/EbsiEnvironment"
120
- },
121
- version: {
122
- $ref: "#/components/schemas/EbsiApiVersion"
123
- }
124
- },
125
- required: ["version"]
126
- },
127
- ExceptionResponse: {
128
- type: "object",
129
- properties: {
130
- type: {
131
- type: "string"
132
- },
133
- title: {
134
- type: "string"
135
- },
136
- status: {
137
- type: "number"
138
- },
139
- detail: {
140
- type: "string"
141
- },
142
- instance: {
143
- type: "string"
144
- }
145
- }
146
- },
147
- GetOIDProviderJwksResponse: {
148
- anyOf: [
149
- {
150
- $ref: "#/components/schemas/GetOIDProviderJwksSuccessResponse"
151
- },
152
- {
153
- $ref: "#/components/schemas/ExceptionResponse"
154
- }
155
- ]
156
- },
157
- GetOIDProviderJwksSuccessResponse: {
158
- type: "object",
159
- properties: {
160
- keys: {
161
- type: "array",
162
- items: {
163
- $ref: "#/components/schemas/JWK"
164
- }
165
- }
166
- },
167
- required: ["keys"]
168
- },
169
- JWK: {
170
- type: "object",
171
- properties: {
172
- alg: {
173
- type: "string",
174
- description: 'JWK "alg" (Algorithm) Parameter.'
175
- },
176
- crv: {
177
- type: "string"
178
- },
179
- d: {
180
- type: "string"
181
- },
182
- dp: {
183
- type: "string"
184
- },
185
- dq: {
186
- type: "string"
187
- },
188
- e: {
189
- type: "string"
190
- },
191
- ext: {
192
- type: "boolean",
193
- description: 'JWK "ext" (Extractable) Parameter.'
194
- },
195
- k: {
196
- type: "string"
197
- },
198
- key_ops: {
199
- type: "array",
200
- items: {
201
- type: "string"
202
- },
203
- description: 'JWK "key_ops" (Key Operations) Parameter.'
204
- },
205
- kid: {
206
- type: "string",
207
- description: 'JWK "kid" (Key ID) Parameter.'
208
- },
209
- kty: {
210
- type: "string",
211
- description: 'JWK "kty" (Key Type) Parameter.'
212
- },
213
- n: {
214
- type: "string"
215
- },
216
- oth: {
217
- type: "array",
218
- items: {
219
- type: "object",
220
- properties: {
221
- d: {
222
- type: "string"
223
- },
224
- r: {
225
- type: "string"
226
- },
227
- t: {
228
- type: "string"
229
- }
230
- }
231
- }
232
- },
233
- p: {
234
- type: "string"
235
- },
236
- q: {
237
- type: "string"
238
- },
239
- qi: {
240
- type: "string"
241
- },
242
- use: {
243
- type: "string",
244
- description: 'JWK "use" (Public Key Use) Parameter.'
245
- },
246
- x: {
247
- type: "string"
248
- },
249
- y: {
250
- type: "string"
251
- },
252
- x5c: {
253
- type: "array",
254
- items: {
255
- type: "string"
256
- },
257
- description: 'JWK "x5c" (X.509 Certificate Chain) Parameter.'
258
- },
259
- x5t: {
260
- type: "string",
261
- description: 'JWK "x5t" (X.509 Certificate SHA-1 Thumbprint) Parameter.'
262
- },
263
- "x5t#S256": {
264
- type: "string",
265
- description: '"x5t#S256" (X.509 Certificate SHA-256 Thumbprint) Parameter.'
266
- },
267
- x5u: {
268
- type: "string",
269
- description: 'JWK "x5u" (X.509 URL) Parameter.'
270
- }
271
- },
272
- additionalProperties: {},
273
- description: 'JSON Web Key ( {@link https://www.rfc-editor.org/rfc/rfc7517 | JWK } ). "RSA", "EC", "OKP", and "oct" key types are supported.'
274
- },
275
- GetPresentationDefinitionArgs: {
276
- type: "object",
277
- properties: {
278
- scope: {
279
- $ref: "#/components/schemas/EBSIScope"
280
- },
281
- apiOpts: {
282
- $ref: "#/components/schemas/ApiOpts"
283
- }
284
- },
285
- required: ["scope"]
286
- },
287
- GetPresentationDefinitionResponse: {
288
- $ref: "#/components/schemas/GetPresentationDefinitionSuccessResponse"
289
- },
290
- GetPresentationDefinitionSuccessResponse: {
291
- type: "object",
292
- properties: {
293
- format: {
294
- $ref: "#/components/schemas/Format"
295
- },
296
- id: {
297
- type: "string"
298
- },
299
- name: {
300
- type: "string"
301
- },
302
- purpose: {
303
- type: "string"
304
- },
305
- submission_requirements: {
306
- type: "array",
307
- items: {
308
- $ref: "#/components/schemas/SubmissionRequirement"
309
- }
310
- },
311
- input_descriptors: {
312
- type: "array",
313
- items: {
314
- $ref: "#/components/schemas/InputDescriptorV2"
315
- }
316
- },
317
- frame: {
318
- type: "object"
319
- }
320
- },
321
- required: ["id", "input_descriptors"]
322
- },
323
- Format: {
324
- type: "object",
325
- properties: {
326
- jwt: {
327
- $ref: "#/components/schemas/JwtObject"
328
- },
329
- jwt_vc: {
330
- $ref: "#/components/schemas/JwtObject"
331
- },
332
- jwt_vc_json: {
333
- $ref: "#/components/schemas/JwtObject"
334
- },
335
- jwt_vp: {
336
- $ref: "#/components/schemas/JwtObject"
337
- },
338
- jwt_vp_json: {
339
- $ref: "#/components/schemas/JwtObject"
340
- },
341
- ldp: {
342
- $ref: "#/components/schemas/LdpObject"
343
- },
344
- ldp_vc: {
345
- $ref: "#/components/schemas/LdpObject"
346
- },
347
- ldp_vp: {
348
- $ref: "#/components/schemas/LdpObject"
349
- },
350
- di: {
351
- $ref: "#/components/schemas/DiObject"
352
- },
353
- di_vc: {
354
- $ref: "#/components/schemas/DiObject"
355
- },
356
- di_vp: {
357
- $ref: "#/components/schemas/DiObject"
358
- },
359
- "vc+sd-jwt": {
360
- $ref: "#/components/schemas/SdJwtObject"
361
- }
362
- }
363
- },
364
- JwtObject: {
365
- type: "object",
366
- properties: {
367
- alg: {
368
- type: "array",
369
- items: {
370
- type: "string"
371
- }
372
- }
373
- },
374
- required: ["alg"]
375
- },
376
- LdpObject: {
377
- type: "object",
378
- properties: {
379
- proof_type: {
380
- type: "array",
381
- items: {
382
- type: "string"
383
- }
384
- }
385
- },
386
- required: ["proof_type"]
387
- },
388
- DiObject: {
389
- type: "object",
390
- properties: {
391
- proof_type: {
392
- type: "array",
393
- items: {
394
- type: "string"
395
- }
396
- },
397
- cryptosuite: {
398
- type: "array",
399
- items: {
400
- type: "string"
401
- }
402
- }
403
- },
404
- required: ["proof_type", "cryptosuite"]
405
- },
406
- SdJwtObject: {
407
- type: "object",
408
- properties: {
409
- "sd-jwt_alg_values": {
410
- type: "array",
411
- items: {
412
- type: "string"
413
- }
414
- },
415
- "kb-jwt_alg_values": {
416
- type: "array",
417
- items: {
418
- type: "string"
419
- }
420
- }
421
- }
422
- },
423
- SubmissionRequirement: {
424
- type: "object",
425
- properties: {
426
- name: {
427
- type: "string"
428
- },
429
- purpose: {
430
- type: "string"
431
- },
432
- rule: {
433
- $ref: "#/components/schemas/Rules"
434
- },
435
- count: {
436
- type: "number"
437
- },
438
- min: {
439
- type: "number"
440
- },
441
- max: {
442
- type: "number"
443
- },
444
- from: {
445
- type: "string"
446
- },
447
- from_nested: {
448
- type: "array",
449
- items: {
450
- $ref: "#/components/schemas/SubmissionRequirement"
451
- }
452
- }
453
- },
454
- required: ["rule"]
455
- },
456
- Rules: {
457
- type: "string",
458
- enum: ["all", "pick"]
459
- },
460
- InputDescriptorV2: {
461
- type: "object",
462
- properties: {
463
- id: {
464
- type: "string"
465
- },
466
- name: {
467
- type: "string"
468
- },
469
- purpose: {
470
- type: "string"
471
- },
472
- format: {
473
- $ref: "#/components/schemas/Format"
474
- },
475
- group: {
476
- type: "array",
477
- items: {
478
- type: "string"
479
- }
480
- },
481
- issuance: {
482
- type: "array",
483
- items: {
484
- $ref: "#/components/schemas/Issuance"
485
- }
486
- },
487
- constraints: {
488
- $ref: "#/components/schemas/ConstraintsV2"
489
- }
490
- },
491
- required: ["id", "constraints"]
492
- },
493
- Issuance: {
494
- type: "object",
495
- properties: {
496
- manifest: {
497
- type: "string"
498
- }
499
- },
500
- additionalProperties: {}
501
- },
502
- ConstraintsV2: {
503
- type: "object",
504
- properties: {
505
- limit_disclosure: {
506
- $ref: "#/components/schemas/Optionality"
507
- },
508
- statuses: {
509
- $ref: "#/components/schemas/Statuses"
510
- },
511
- fields: {
512
- type: "array",
513
- items: {
514
- $ref: "#/components/schemas/FieldV2"
515
- }
516
- },
517
- subject_is_issuer: {
518
- $ref: "#/components/schemas/Optionality"
519
- },
520
- is_holder: {
521
- type: "array",
522
- items: {
523
- $ref: "#/components/schemas/HolderSubject"
524
- }
525
- },
526
- same_subject: {
527
- type: "array",
528
- items: {
529
- $ref: "#/components/schemas/HolderSubject"
530
- }
531
- }
532
- }
533
- },
534
- Optionality: {
535
- type: "string",
536
- enum: ["required", "preferred"]
537
- },
538
- Statuses: {
539
- type: "object",
540
- properties: {
541
- active: {
542
- $ref: "#/components/schemas/PdStatus"
543
- },
544
- suspended: {
545
- $ref: "#/components/schemas/PdStatus"
546
- },
547
- revoked: {
548
- $ref: "#/components/schemas/PdStatus"
549
- }
550
- }
551
- },
552
- PdStatus: {
553
- type: "object",
554
- properties: {
555
- directive: {
556
- $ref: "#/components/schemas/Directives"
557
- }
558
- }
559
- },
560
- Directives: {
561
- type: "string",
562
- enum: ["required", "allowed", "disallowed"]
563
- },
564
- FieldV2: {
565
- type: "object",
566
- properties: {
567
- id: {
568
- type: "string"
569
- },
570
- path: {
571
- type: "array",
572
- items: {
573
- type: "string"
574
- }
575
- },
576
- purpose: {
577
- type: "string"
578
- },
579
- filter: {
580
- $ref: "#/components/schemas/FilterV2"
581
- },
582
- predicate: {
583
- $ref: "#/components/schemas/Optionality"
584
- },
585
- name: {
586
- type: "string"
587
- },
588
- optional: {
589
- type: "boolean"
590
- }
591
- },
592
- required: ["path"]
593
- },
594
- FilterV2: {
595
- type: "object",
596
- properties: {
597
- const: {
598
- $ref: "#/components/schemas/OneOfNumberStringBoolean"
599
- },
600
- enum: {
601
- type: "array",
602
- items: {
603
- $ref: "#/components/schemas/OneOfNumberStringBoolean"
604
- }
605
- },
606
- exclusiveMinimum: {
607
- $ref: "#/components/schemas/OneOfNumberString"
608
- },
609
- exclusiveMaximum: {
610
- $ref: "#/components/schemas/OneOfNumberString"
611
- },
612
- format: {
613
- type: "string"
614
- },
615
- formatMaximum: {
616
- type: "string"
617
- },
618
- formatMinimum: {
619
- type: "string"
620
- },
621
- formatExclusiveMaximum: {
622
- type: "string"
623
- },
624
- formatExclusiveMinimum: {
625
- type: "string"
626
- },
627
- minLength: {
628
- type: "number"
629
- },
630
- maxLength: {
631
- type: "number"
632
- },
633
- minimum: {
634
- $ref: "#/components/schemas/OneOfNumberString"
635
- },
636
- maximum: {
637
- $ref: "#/components/schemas/OneOfNumberString"
638
- },
639
- not: {
640
- type: "object"
641
- },
642
- pattern: {
643
- type: "string"
644
- },
645
- type: {
646
- type: "string"
647
- },
648
- contains: {
649
- $ref: "#/components/schemas/FilterV2Base"
650
- },
651
- items: {
652
- $ref: "#/components/schemas/FilterV2BaseItems"
653
- }
654
- },
655
- required: ["type"]
656
- },
657
- OneOfNumberStringBoolean: {
658
- type: ["boolean", "number", "string"]
659
- },
660
- OneOfNumberString: {
661
- type: ["number", "string"]
662
- },
663
- FilterV2Base: {
664
- type: "object",
665
- properties: {
666
- const: {
667
- $ref: "#/components/schemas/OneOfNumberStringBoolean"
668
- },
669
- enum: {
670
- type: "array",
671
- items: {
672
- $ref: "#/components/schemas/OneOfNumberStringBoolean"
673
- }
674
- },
675
- exclusiveMinimum: {
676
- $ref: "#/components/schemas/OneOfNumberString"
677
- },
678
- exclusiveMaximum: {
679
- $ref: "#/components/schemas/OneOfNumberString"
680
- },
681
- format: {
682
- type: "string"
683
- },
684
- formatMaximum: {
685
- type: "string"
686
- },
687
- formatMinimum: {
688
- type: "string"
689
- },
690
- formatExclusiveMaximum: {
691
- type: "string"
692
- },
693
- formatExclusiveMinimum: {
694
- type: "string"
695
- },
696
- minLength: {
697
- type: "number"
698
- },
699
- maxLength: {
700
- type: "number"
701
- },
702
- minimum: {
703
- $ref: "#/components/schemas/OneOfNumberString"
704
- },
705
- maximum: {
706
- $ref: "#/components/schemas/OneOfNumberString"
707
- },
708
- not: {
709
- type: "object"
710
- },
711
- pattern: {
712
- type: "string"
713
- },
714
- type: {
715
- type: "string"
716
- },
717
- contains: {
718
- $ref: "#/components/schemas/FilterV2Base"
719
- },
720
- items: {
721
- $ref: "#/components/schemas/FilterV2BaseItems"
722
- }
723
- }
724
- },
725
- FilterV2BaseItems: {
726
- type: "object",
727
- properties: {
728
- const: {
729
- $ref: "#/components/schemas/OneOfNumberStringBoolean"
730
- },
731
- enum: {
732
- type: "array",
733
- items: {
734
- $ref: "#/components/schemas/OneOfNumberStringBoolean"
735
- }
736
- },
737
- exclusiveMinimum: {
738
- $ref: "#/components/schemas/OneOfNumberString"
739
- },
740
- exclusiveMaximum: {
741
- $ref: "#/components/schemas/OneOfNumberString"
742
- },
743
- format: {
744
- type: "string"
745
- },
746
- formatMaximum: {
747
- type: "string"
748
- },
749
- formatMinimum: {
750
- type: "string"
751
- },
752
- formatExclusiveMaximum: {
753
- type: "string"
754
- },
755
- formatExclusiveMinimum: {
756
- type: "string"
757
- },
758
- minLength: {
759
- type: "number"
760
- },
761
- maxLength: {
762
- type: "number"
763
- },
764
- minimum: {
765
- $ref: "#/components/schemas/OneOfNumberString"
766
- },
767
- maximum: {
768
- $ref: "#/components/schemas/OneOfNumberString"
769
- },
770
- not: {
771
- type: "object"
772
- },
773
- pattern: {
774
- type: "string"
775
- },
776
- type: {
777
- type: "string"
778
- },
779
- contains: {
780
- $ref: "#/components/schemas/FilterV2Base"
781
- },
782
- items: {
783
- $ref: "#/components/schemas/FilterV2BaseItems"
784
- }
785
- },
786
- required: ["type"]
787
- },
788
- HolderSubject: {
789
- type: "object",
790
- properties: {
791
- field_id: {
792
- type: "array",
793
- items: {
794
- type: "string"
795
- }
796
- },
797
- directive: {
798
- $ref: "#/components/schemas/Optionality"
799
- }
800
- },
801
- required: ["field_id", "directive"]
802
- },
803
- GetOIDProviderMetadataResponse: {
804
- $ref: "#/components/schemas/EbsiOpenIDMetadata"
805
- },
806
- EbsiOpenIDMetadata: {
807
- anyOf: [
808
- {
809
- type: "object",
810
- properties: {
811
- presentation_definition_endpoint: {
812
- type: "string"
813
- },
814
- authorization_endpoint: {
815
- anyOf: [
816
- {
817
- $ref: "#/components/schemas/Schema"
818
- },
819
- {
820
- type: "string"
821
- }
822
- ]
823
- },
824
- issuer: {
825
- anyOf: [
826
- {
827
- $ref: "#/components/schemas/ResponseIss"
828
- },
829
- {
830
- type: "string"
831
- }
832
- ]
833
- },
834
- response_types_supported: {
835
- anyOf: [
836
- {
837
- type: "array",
838
- items: {
839
- $ref: "#/components/schemas/ResponseType"
840
- }
841
- },
842
- {
843
- $ref: "#/components/schemas/ResponseType"
844
- }
845
- ]
846
- },
847
- scopes_supported: {
848
- anyOf: [
849
- {
850
- type: "array",
851
- items: {
852
- $ref: "#/components/schemas/Scope"
853
- }
854
- },
855
- {
856
- $ref: "#/components/schemas/Scope"
857
- }
858
- ]
859
- },
860
- subject_types_supported: {
861
- anyOf: [
862
- {
863
- type: "array",
864
- items: {
865
- $ref: "#/components/schemas/SubjectType"
866
- }
867
- },
868
- {
869
- $ref: "#/components/schemas/SubjectType"
870
- }
871
- ]
872
- },
873
- id_token_signing_alg_values_supported: {
874
- anyOf: [
875
- {
876
- type: "array",
877
- items: {
878
- $ref: "#/components/schemas/SigningAlgo"
879
- }
880
- },
881
- {
882
- $ref: "#/components/schemas/SigningAlgo"
883
- }
884
- ]
885
- },
886
- request_object_signing_alg_values_supported: {
887
- anyOf: [
888
- {
889
- type: "array",
890
- items: {
891
- $ref: "#/components/schemas/SigningAlgo"
892
- }
893
- },
894
- {
895
- $ref: "#/components/schemas/SigningAlgo"
896
- }
897
- ]
898
- },
899
- subject_syntax_types_supported: {
900
- type: "array",
901
- items: {
902
- type: "string"
903
- }
904
- },
905
- token_endpoint: {
906
- type: "string"
907
- },
908
- userinfo_endpoint: {
909
- type: "string"
910
- },
911
- jwks_uri: {
912
- type: "string"
913
- },
914
- registration_endpoint: {
915
- type: "string"
916
- },
917
- response_modes_supported: {
918
- anyOf: [
919
- {
920
- type: "array",
921
- items: {
922
- $ref: "#/components/schemas/ResponseMode"
923
- }
924
- },
925
- {
926
- $ref: "#/components/schemas/ResponseMode"
927
- }
928
- ]
929
- },
930
- grant_types_supported: {
931
- anyOf: [
932
- {
933
- type: "array",
934
- items: {
935
- $ref: "#/components/schemas/GrantType"
936
- }
937
- },
938
- {
939
- $ref: "#/components/schemas/GrantType"
940
- }
941
- ]
942
- },
943
- acr_values_supported: {
944
- anyOf: [
945
- {
946
- type: "array",
947
- items: {
948
- $ref: "#/components/schemas/AuthenticationContextReferences"
949
- }
950
- },
951
- {
952
- $ref: "#/components/schemas/AuthenticationContextReferences"
953
- }
954
- ]
955
- },
956
- id_token_encryption_alg_values_supported: {
957
- anyOf: [
958
- {
959
- type: "array",
960
- items: {
961
- $ref: "#/components/schemas/SigningAlgo"
962
- }
963
- },
964
- {
965
- $ref: "#/components/schemas/SigningAlgo"
966
- }
967
- ]
968
- },
969
- id_token_encryption_enc_values_supported: {
970
- anyOf: [
971
- {
972
- type: "array",
973
- items: {
974
- type: "string"
975
- }
976
- },
977
- {
978
- type: "string"
979
- }
980
- ],
981
- description: "OPTIONAL. JSON array containing a list of the JWE encryption algorithms (enc values) supported by the OP for the ID Token to encode the Claims in a JWT [JWT]."
982
- },
983
- userinfo_signing_alg_values_supported: {
984
- anyOf: [
985
- {
986
- type: "array",
987
- items: {
988
- $ref: "#/components/schemas/SigningAlgo"
989
- }
990
- },
991
- {
992
- $ref: "#/components/schemas/SigningAlgo"
993
- }
994
- ]
995
- },
996
- userinfo_encryption_alg_values_supported: {
997
- anyOf: [
998
- {
999
- type: "array",
1000
- items: {
1001
- $ref: "#/components/schemas/SigningAlgo"
1002
- }
1003
- },
1004
- {
1005
- $ref: "#/components/schemas/SigningAlgo"
1006
- }
1007
- ]
1008
- },
1009
- userinfo_encryption_enc_values_supported: {
1010
- anyOf: [
1011
- {
1012
- type: "array",
1013
- items: {
1014
- type: "string"
1015
- }
1016
- },
1017
- {
1018
- type: "string"
1019
- }
1020
- ],
1021
- description: "OPTIONAL. JSON array containing a list of the JWE encryption algorithms (enc values) [JWA] supported by the UserInfo Endpoint to encode the Claims in a JWT [JWT]."
1022
- },
1023
- request_object_encryption_alg_values_supported: {
1024
- anyOf: [
1025
- {
1026
- type: "array",
1027
- items: {
1028
- $ref: "#/components/schemas/SigningAlgo"
1029
- }
1030
- },
1031
- {
1032
- $ref: "#/components/schemas/SigningAlgo"
1033
- }
1034
- ]
1035
- },
1036
- request_object_encryption_enc_values_supported: {
1037
- anyOf: [
1038
- {
1039
- type: "array",
1040
- items: {
1041
- type: "string"
1042
- }
1043
- },
1044
- {
1045
- type: "string"
1046
- }
1047
- ],
1048
- description: "OPTIONAL. JSON array containing a list of the JWE encryption algorithms (enc values) supported by the OP for Request Objects. These algorithms are used both when the Request Object is passed by value and when it is passed by reference."
1049
- },
1050
- token_endpoint_auth_methods_supported: {
1051
- anyOf: [
1052
- {
1053
- type: "array",
1054
- items: {
1055
- $ref: "#/components/schemas/TokenEndpointAuthMethod"
1056
- }
1057
- },
1058
- {
1059
- $ref: "#/components/schemas/TokenEndpointAuthMethod"
1060
- }
1061
- ]
1062
- },
1063
- token_endpoint_auth_signing_alg_values_supported: {
1064
- anyOf: [
1065
- {
1066
- type: "array",
1067
- items: {
1068
- $ref: "#/components/schemas/SigningAlgo"
1069
- }
1070
- },
1071
- {
1072
- $ref: "#/components/schemas/SigningAlgo"
1073
- }
1074
- ]
1075
- },
1076
- display_values_supported: {
1077
- anyOf: [
1078
- {
1079
- type: "array",
1080
- items: {}
1081
- },
1082
- {}
1083
- ],
1084
- description: "OPTIONAL. JSON array containing a list of the display parameter values that the OpenID Provider supports. These values are described in Section 3.1.2.1 of OpenID Connect Core 1.0 [OpenID.Core]."
1085
- },
1086
- claim_types_supported: {
1087
- anyOf: [
1088
- {
1089
- type: "array",
1090
- items: {
1091
- $ref: "#/components/schemas/ClaimType"
1092
- }
1093
- },
1094
- {
1095
- $ref: "#/components/schemas/ClaimType"
1096
- }
1097
- ],
1098
- description: "OPTIONAL. JSON array containing a list of the Claim Types that the OpenID Provider supports. These Claim Types are described in Section 5.6 of OpenID Connect Core 1.0 [OpenID.Core]. Values defined by this specification are normal, aggregated, and distributed. If omitted, the implementation supports only normal Claims."
1099
- },
1100
- claims_supported: {
1101
- anyOf: [
1102
- {
1103
- type: "array",
1104
- items: {
1105
- type: "string"
1106
- }
1107
- },
1108
- {
1109
- type: "string"
1110
- }
1111
- ],
1112
- description: "RECOMMENDED. JSON array containing a list of the Claim Names of the Claims that the OpenID Provider MAY be able to supply values for. Note that for privacy or other reasons, this might not be an exhaustive list."
1113
- },
1114
- service_documentation: {
1115
- type: "string"
1116
- },
1117
- claims_locales_supported: {
1118
- anyOf: [
1119
- {
1120
- type: "array",
1121
- items: {
1122
- type: "string"
1123
- }
1124
- },
1125
- {
1126
- type: "string"
1127
- }
1128
- ]
1129
- },
1130
- ui_locales_supported: {
1131
- anyOf: [
1132
- {
1133
- type: "array",
1134
- items: {
1135
- type: "string"
1136
- }
1137
- },
1138
- {
1139
- type: "string"
1140
- }
1141
- ]
1142
- },
1143
- claims_parameter_supported: {
1144
- type: "boolean"
1145
- },
1146
- request_parameter_supported: {
1147
- type: "boolean"
1148
- },
1149
- request_uri_parameter_supported: {
1150
- type: "boolean"
1151
- },
1152
- require_request_uri_registration: {
1153
- type: "boolean"
1154
- },
1155
- op_policy_uri: {
1156
- type: "string"
1157
- },
1158
- op_tos_uri: {
1159
- type: "string"
1160
- },
1161
- client_id: {
1162
- type: "string"
1163
- },
1164
- redirect_uris: {
1165
- type: "array",
1166
- items: {
1167
- type: "string"
1168
- }
1169
- },
1170
- client_name: {
1171
- type: "string"
1172
- },
1173
- token_endpoint_auth_method: {
1174
- type: "string"
1175
- },
1176
- application_type: {
1177
- type: "string"
1178
- },
1179
- response_types: {
1180
- type: "string"
1181
- },
1182
- grant_types: {
1183
- type: "string"
1184
- },
1185
- vp_formats: {
1186
- $ref: "#/components/schemas/Format"
1187
- }
1188
- }
1189
- },
1190
- {
1191
- type: "object",
1192
- properties: {
1193
- presentation_definition_endpoint: {
1194
- type: "string"
1195
- },
1196
- authorization_endpoint: {
1197
- anyOf: [
1198
- {
1199
- $ref: "#/components/schemas/Schema"
1200
- },
1201
- {
1202
- type: "string"
1203
- }
1204
- ]
1205
- },
1206
- issuer: {
1207
- anyOf: [
1208
- {
1209
- $ref: "#/components/schemas/ResponseIss"
1210
- },
1211
- {
1212
- type: "string"
1213
- }
1214
- ]
1215
- },
1216
- response_types_supported: {
1217
- anyOf: [
1218
- {
1219
- type: "array",
1220
- items: {
1221
- $ref: "#/components/schemas/ResponseType"
1222
- }
1223
- },
1224
- {
1225
- $ref: "#/components/schemas/ResponseType"
1226
- }
1227
- ]
1228
- },
1229
- scopes_supported: {
1230
- anyOf: [
1231
- {
1232
- type: "array",
1233
- items: {
1234
- $ref: "#/components/schemas/Scope"
1235
- }
1236
- },
1237
- {
1238
- $ref: "#/components/schemas/Scope"
1239
- }
1240
- ]
1241
- },
1242
- subject_types_supported: {
1243
- anyOf: [
1244
- {
1245
- type: "array",
1246
- items: {
1247
- $ref: "#/components/schemas/SubjectType"
1248
- }
1249
- },
1250
- {
1251
- $ref: "#/components/schemas/SubjectType"
1252
- }
1253
- ]
1254
- },
1255
- id_token_signing_alg_values_supported: {
1256
- anyOf: [
1257
- {
1258
- type: "array",
1259
- items: {
1260
- $ref: "#/components/schemas/SigningAlgo"
1261
- }
1262
- },
1263
- {
1264
- $ref: "#/components/schemas/SigningAlgo"
1265
- }
1266
- ]
1267
- },
1268
- request_object_signing_alg_values_supported: {
1269
- anyOf: [
1270
- {
1271
- type: "array",
1272
- items: {
1273
- $ref: "#/components/schemas/SigningAlgo"
1274
- }
1275
- },
1276
- {
1277
- $ref: "#/components/schemas/SigningAlgo"
1278
- }
1279
- ]
1280
- },
1281
- subject_syntax_types_supported: {
1282
- type: "array",
1283
- items: {
1284
- type: "string"
1285
- }
1286
- },
1287
- token_endpoint: {
1288
- type: "string"
1289
- },
1290
- userinfo_endpoint: {
1291
- type: "string"
1292
- },
1293
- jwks_uri: {
1294
- type: "string"
1295
- },
1296
- registration_endpoint: {
1297
- type: "string"
1298
- },
1299
- response_modes_supported: {
1300
- anyOf: [
1301
- {
1302
- type: "array",
1303
- items: {
1304
- $ref: "#/components/schemas/ResponseMode"
1305
- }
1306
- },
1307
- {
1308
- $ref: "#/components/schemas/ResponseMode"
1309
- }
1310
- ]
1311
- },
1312
- grant_types_supported: {
1313
- anyOf: [
1314
- {
1315
- type: "array",
1316
- items: {
1317
- $ref: "#/components/schemas/GrantType"
1318
- }
1319
- },
1320
- {
1321
- $ref: "#/components/schemas/GrantType"
1322
- }
1323
- ]
1324
- },
1325
- acr_values_supported: {
1326
- anyOf: [
1327
- {
1328
- type: "array",
1329
- items: {
1330
- $ref: "#/components/schemas/AuthenticationContextReferences"
1331
- }
1332
- },
1333
- {
1334
- $ref: "#/components/schemas/AuthenticationContextReferences"
1335
- }
1336
- ]
1337
- },
1338
- id_token_encryption_alg_values_supported: {
1339
- anyOf: [
1340
- {
1341
- type: "array",
1342
- items: {
1343
- $ref: "#/components/schemas/SigningAlgo"
1344
- }
1345
- },
1346
- {
1347
- $ref: "#/components/schemas/SigningAlgo"
1348
- }
1349
- ]
1350
- },
1351
- id_token_encryption_enc_values_supported: {
1352
- anyOf: [
1353
- {
1354
- type: "array",
1355
- items: {
1356
- type: "string"
1357
- }
1358
- },
1359
- {
1360
- type: "string"
1361
- }
1362
- ],
1363
- description: "OPTIONAL. JSON array containing a list of the JWE encryption algorithms (enc values) supported by the OP for the ID Token to encode the Claims in a JWT [JWT]."
1364
- },
1365
- userinfo_signing_alg_values_supported: {
1366
- anyOf: [
1367
- {
1368
- type: "array",
1369
- items: {
1370
- $ref: "#/components/schemas/SigningAlgo"
1371
- }
1372
- },
1373
- {
1374
- $ref: "#/components/schemas/SigningAlgo"
1375
- }
1376
- ]
1377
- },
1378
- userinfo_encryption_alg_values_supported: {
1379
- anyOf: [
1380
- {
1381
- type: "array",
1382
- items: {
1383
- $ref: "#/components/schemas/SigningAlgo"
1384
- }
1385
- },
1386
- {
1387
- $ref: "#/components/schemas/SigningAlgo"
1388
- }
1389
- ]
1390
- },
1391
- userinfo_encryption_enc_values_supported: {
1392
- anyOf: [
1393
- {
1394
- type: "array",
1395
- items: {
1396
- type: "string"
1397
- }
1398
- },
1399
- {
1400
- type: "string"
1401
- }
1402
- ],
1403
- description: "OPTIONAL. JSON array containing a list of the JWE encryption algorithms (enc values) [JWA] supported by the UserInfo Endpoint to encode the Claims in a JWT [JWT]."
1404
- },
1405
- request_object_encryption_alg_values_supported: {
1406
- anyOf: [
1407
- {
1408
- type: "array",
1409
- items: {
1410
- $ref: "#/components/schemas/SigningAlgo"
1411
- }
1412
- },
1413
- {
1414
- $ref: "#/components/schemas/SigningAlgo"
1415
- }
1416
- ]
1417
- },
1418
- request_object_encryption_enc_values_supported: {
1419
- anyOf: [
1420
- {
1421
- type: "array",
1422
- items: {
1423
- type: "string"
1424
- }
1425
- },
1426
- {
1427
- type: "string"
1428
- }
1429
- ],
1430
- description: "OPTIONAL. JSON array containing a list of the JWE encryption algorithms (enc values) supported by the OP for Request Objects. These algorithms are used both when the Request Object is passed by value and when it is passed by reference."
1431
- },
1432
- token_endpoint_auth_methods_supported: {
1433
- anyOf: [
1434
- {
1435
- type: "array",
1436
- items: {
1437
- $ref: "#/components/schemas/TokenEndpointAuthMethod"
1438
- }
1439
- },
1440
- {
1441
- $ref: "#/components/schemas/TokenEndpointAuthMethod"
1442
- }
1443
- ]
1444
- },
1445
- token_endpoint_auth_signing_alg_values_supported: {
1446
- anyOf: [
1447
- {
1448
- type: "array",
1449
- items: {
1450
- $ref: "#/components/schemas/SigningAlgo"
1451
- }
1452
- },
1453
- {
1454
- $ref: "#/components/schemas/SigningAlgo"
1455
- }
1456
- ]
1457
- },
1458
- display_values_supported: {
1459
- anyOf: [
1460
- {
1461
- type: "array",
1462
- items: {}
1463
- },
1464
- {}
1465
- ],
1466
- description: "OPTIONAL. JSON array containing a list of the display parameter values that the OpenID Provider supports. These values are described in Section 3.1.2.1 of OpenID Connect Core 1.0 [OpenID.Core]."
1467
- },
1468
- claim_types_supported: {
1469
- anyOf: [
1470
- {
1471
- type: "array",
1472
- items: {
1473
- $ref: "#/components/schemas/ClaimType"
1474
- }
1475
- },
1476
- {
1477
- $ref: "#/components/schemas/ClaimType"
1478
- }
1479
- ],
1480
- description: "OPTIONAL. JSON array containing a list of the Claim Types that the OpenID Provider supports. These Claim Types are described in Section 5.6 of OpenID Connect Core 1.0 [OpenID.Core]. Values defined by this specification are normal, aggregated, and distributed. If omitted, the implementation supports only normal Claims."
1481
- },
1482
- claims_supported: {
1483
- anyOf: [
1484
- {
1485
- type: "array",
1486
- items: {
1487
- type: "string"
1488
- }
1489
- },
1490
- {
1491
- type: "string"
1492
- }
1493
- ],
1494
- description: "RECOMMENDED. JSON array containing a list of the Claim Names of the Claims that the OpenID Provider MAY be able to supply values for. Note that for privacy or other reasons, this might not be an exhaustive list."
1495
- },
1496
- service_documentation: {
1497
- type: "string"
1498
- },
1499
- claims_locales_supported: {
1500
- anyOf: [
1501
- {
1502
- type: "array",
1503
- items: {
1504
- type: "string"
1505
- }
1506
- },
1507
- {
1508
- type: "string"
1509
- }
1510
- ]
1511
- },
1512
- ui_locales_supported: {
1513
- anyOf: [
1514
- {
1515
- type: "array",
1516
- items: {
1517
- type: "string"
1518
- }
1519
- },
1520
- {
1521
- type: "string"
1522
- }
1523
- ]
1524
- },
1525
- claims_parameter_supported: {
1526
- type: "boolean"
1527
- },
1528
- request_parameter_supported: {
1529
- type: "boolean"
1530
- },
1531
- request_uri_parameter_supported: {
1532
- type: "boolean"
1533
- },
1534
- require_request_uri_registration: {
1535
- type: "boolean"
1536
- },
1537
- op_policy_uri: {
1538
- type: "string"
1539
- },
1540
- op_tos_uri: {
1541
- type: "string"
1542
- },
1543
- client_id: {
1544
- type: "string"
1545
- },
1546
- redirect_uris: {
1547
- type: "array",
1548
- items: {
1549
- type: "string"
1550
- }
1551
- },
1552
- client_name: {
1553
- type: "string"
1554
- },
1555
- token_endpoint_auth_method: {
1556
- type: "string"
1557
- },
1558
- application_type: {
1559
- type: "string"
1560
- },
1561
- response_types: {
1562
- type: "string"
1563
- },
1564
- grant_types: {
1565
- type: "string"
1566
- },
1567
- vp_formats: {
1568
- $ref: "#/components/schemas/Format"
1569
- },
1570
- logo_uri: {
1571
- type: "string"
1572
- },
1573
- client_purpose: {
1574
- type: "string"
1575
- }
1576
- }
1577
- },
1578
- {
1579
- type: "object",
1580
- properties: {
1581
- presentation_definition_endpoint: {
1582
- type: "string"
1583
- },
1584
- authorization_endpoint: {
1585
- anyOf: [
1586
- {
1587
- $ref: "#/components/schemas/Schema"
1588
- },
1589
- {
1590
- type: "string"
1591
- }
1592
- ]
1593
- },
1594
- issuer: {
1595
- anyOf: [
1596
- {
1597
- $ref: "#/components/schemas/ResponseIss"
1598
- },
1599
- {
1600
- type: "string"
1601
- }
1602
- ]
1603
- },
1604
- response_types_supported: {
1605
- anyOf: [
1606
- {
1607
- type: "array",
1608
- items: {
1609
- $ref: "#/components/schemas/ResponseType"
1610
- }
1611
- },
1612
- {
1613
- $ref: "#/components/schemas/ResponseType"
1614
- }
1615
- ]
1616
- },
1617
- scopes_supported: {
1618
- anyOf: [
1619
- {
1620
- type: "array",
1621
- items: {
1622
- $ref: "#/components/schemas/Scope"
1623
- }
1624
- },
1625
- {
1626
- $ref: "#/components/schemas/Scope"
1627
- }
1628
- ]
1629
- },
1630
- subject_types_supported: {
1631
- anyOf: [
1632
- {
1633
- type: "array",
1634
- items: {
1635
- $ref: "#/components/schemas/SubjectType"
1636
- }
1637
- },
1638
- {
1639
- $ref: "#/components/schemas/SubjectType"
1640
- }
1641
- ]
1642
- },
1643
- id_token_signing_alg_values_supported: {
1644
- anyOf: [
1645
- {
1646
- type: "array",
1647
- items: {
1648
- $ref: "#/components/schemas/SigningAlgo"
1649
- }
1650
- },
1651
- {
1652
- $ref: "#/components/schemas/SigningAlgo"
1653
- }
1654
- ]
1655
- },
1656
- request_object_signing_alg_values_supported: {
1657
- anyOf: [
1658
- {
1659
- type: "array",
1660
- items: {
1661
- $ref: "#/components/schemas/SigningAlgo"
1662
- }
1663
- },
1664
- {
1665
- $ref: "#/components/schemas/SigningAlgo"
1666
- }
1667
- ]
1668
- },
1669
- subject_syntax_types_supported: {
1670
- type: "array",
1671
- items: {
1672
- type: "string"
1673
- }
1674
- },
1675
- token_endpoint: {
1676
- type: "string"
1677
- },
1678
- userinfo_endpoint: {
1679
- type: "string"
1680
- },
1681
- jwks_uri: {
1682
- type: "string"
1683
- },
1684
- registration_endpoint: {
1685
- type: "string"
1686
- },
1687
- response_modes_supported: {
1688
- anyOf: [
1689
- {
1690
- type: "array",
1691
- items: {
1692
- $ref: "#/components/schemas/ResponseMode"
1693
- }
1694
- },
1695
- {
1696
- $ref: "#/components/schemas/ResponseMode"
1697
- }
1698
- ]
1699
- },
1700
- grant_types_supported: {
1701
- anyOf: [
1702
- {
1703
- type: "array",
1704
- items: {
1705
- $ref: "#/components/schemas/GrantType"
1706
- }
1707
- },
1708
- {
1709
- $ref: "#/components/schemas/GrantType"
1710
- }
1711
- ]
1712
- },
1713
- acr_values_supported: {
1714
- anyOf: [
1715
- {
1716
- type: "array",
1717
- items: {
1718
- $ref: "#/components/schemas/AuthenticationContextReferences"
1719
- }
1720
- },
1721
- {
1722
- $ref: "#/components/schemas/AuthenticationContextReferences"
1723
- }
1724
- ]
1725
- },
1726
- id_token_encryption_alg_values_supported: {
1727
- anyOf: [
1728
- {
1729
- type: "array",
1730
- items: {
1731
- $ref: "#/components/schemas/SigningAlgo"
1732
- }
1733
- },
1734
- {
1735
- $ref: "#/components/schemas/SigningAlgo"
1736
- }
1737
- ]
1738
- },
1739
- id_token_encryption_enc_values_supported: {
1740
- anyOf: [
1741
- {
1742
- type: "array",
1743
- items: {
1744
- type: "string"
1745
- }
1746
- },
1747
- {
1748
- type: "string"
1749
- }
1750
- ],
1751
- description: "OPTIONAL. JSON array containing a list of the JWE encryption algorithms (enc values) supported by the OP for the ID Token to encode the Claims in a JWT [JWT]."
1752
- },
1753
- userinfo_signing_alg_values_supported: {
1754
- anyOf: [
1755
- {
1756
- type: "array",
1757
- items: {
1758
- $ref: "#/components/schemas/SigningAlgo"
1759
- }
1760
- },
1761
- {
1762
- $ref: "#/components/schemas/SigningAlgo"
1763
- }
1764
- ]
1765
- },
1766
- userinfo_encryption_alg_values_supported: {
1767
- anyOf: [
1768
- {
1769
- type: "array",
1770
- items: {
1771
- $ref: "#/components/schemas/SigningAlgo"
1772
- }
1773
- },
1774
- {
1775
- $ref: "#/components/schemas/SigningAlgo"
1776
- }
1777
- ]
1778
- },
1779
- userinfo_encryption_enc_values_supported: {
1780
- anyOf: [
1781
- {
1782
- type: "array",
1783
- items: {
1784
- type: "string"
1785
- }
1786
- },
1787
- {
1788
- type: "string"
1789
- }
1790
- ],
1791
- description: "OPTIONAL. JSON array containing a list of the JWE encryption algorithms (enc values) [JWA] supported by the UserInfo Endpoint to encode the Claims in a JWT [JWT]."
1792
- },
1793
- request_object_encryption_alg_values_supported: {
1794
- anyOf: [
1795
- {
1796
- type: "array",
1797
- items: {
1798
- $ref: "#/components/schemas/SigningAlgo"
1799
- }
1800
- },
1801
- {
1802
- $ref: "#/components/schemas/SigningAlgo"
1803
- }
1804
- ]
1805
- },
1806
- request_object_encryption_enc_values_supported: {
1807
- anyOf: [
1808
- {
1809
- type: "array",
1810
- items: {
1811
- type: "string"
1812
- }
1813
- },
1814
- {
1815
- type: "string"
1816
- }
1817
- ],
1818
- description: "OPTIONAL. JSON array containing a list of the JWE encryption algorithms (enc values) supported by the OP for Request Objects. These algorithms are used both when the Request Object is passed by value and when it is passed by reference."
1819
- },
1820
- token_endpoint_auth_methods_supported: {
1821
- anyOf: [
1822
- {
1823
- type: "array",
1824
- items: {
1825
- $ref: "#/components/schemas/TokenEndpointAuthMethod"
1826
- }
1827
- },
1828
- {
1829
- $ref: "#/components/schemas/TokenEndpointAuthMethod"
1830
- }
1831
- ]
1832
- },
1833
- token_endpoint_auth_signing_alg_values_supported: {
1834
- anyOf: [
1835
- {
1836
- type: "array",
1837
- items: {
1838
- $ref: "#/components/schemas/SigningAlgo"
1839
- }
1840
- },
1841
- {
1842
- $ref: "#/components/schemas/SigningAlgo"
1843
- }
1844
- ]
1845
- },
1846
- display_values_supported: {
1847
- anyOf: [
1848
- {
1849
- type: "array",
1850
- items: {}
1851
- },
1852
- {}
1853
- ],
1854
- description: "OPTIONAL. JSON array containing a list of the display parameter values that the OpenID Provider supports. These values are described in Section 3.1.2.1 of OpenID Connect Core 1.0 [OpenID.Core]."
1855
- },
1856
- claim_types_supported: {
1857
- anyOf: [
1858
- {
1859
- type: "array",
1860
- items: {
1861
- $ref: "#/components/schemas/ClaimType"
1862
- }
1863
- },
1864
- {
1865
- $ref: "#/components/schemas/ClaimType"
1866
- }
1867
- ],
1868
- description: "OPTIONAL. JSON array containing a list of the Claim Types that the OpenID Provider supports. These Claim Types are described in Section 5.6 of OpenID Connect Core 1.0 [OpenID.Core]. Values defined by this specification are normal, aggregated, and distributed. If omitted, the implementation supports only normal Claims."
1869
- },
1870
- claims_supported: {
1871
- anyOf: [
1872
- {
1873
- type: "array",
1874
- items: {
1875
- type: "string"
1876
- }
1877
- },
1878
- {
1879
- type: "string"
1880
- }
1881
- ],
1882
- description: "RECOMMENDED. JSON array containing a list of the Claim Names of the Claims that the OpenID Provider MAY be able to supply values for. Note that for privacy or other reasons, this might not be an exhaustive list."
1883
- },
1884
- service_documentation: {
1885
- type: "string"
1886
- },
1887
- claims_locales_supported: {
1888
- anyOf: [
1889
- {
1890
- type: "array",
1891
- items: {
1892
- type: "string"
1893
- }
1894
- },
1895
- {
1896
- type: "string"
1897
- }
1898
- ]
1899
- },
1900
- ui_locales_supported: {
1901
- anyOf: [
1902
- {
1903
- type: "array",
1904
- items: {
1905
- type: "string"
1906
- }
1907
- },
1908
- {
1909
- type: "string"
1910
- }
1911
- ]
1912
- },
1913
- claims_parameter_supported: {
1914
- type: "boolean"
1915
- },
1916
- request_parameter_supported: {
1917
- type: "boolean"
1918
- },
1919
- request_uri_parameter_supported: {
1920
- type: "boolean"
1921
- },
1922
- require_request_uri_registration: {
1923
- type: "boolean"
1924
- },
1925
- op_policy_uri: {
1926
- type: "string"
1927
- },
1928
- op_tos_uri: {
1929
- type: "string"
1930
- },
1931
- id_token_types_supported: {
1932
- anyOf: [
1933
- {
1934
- type: "array",
1935
- items: {
1936
- $ref: "#/components/schemas/IdTokenType"
1937
- }
1938
- },
1939
- {
1940
- $ref: "#/components/schemas/IdTokenType"
1941
- }
1942
- ]
1943
- },
1944
- vp_formats_supported: {
1945
- $ref: "#/components/schemas/Format"
1946
- }
1947
- }
1948
- }
1949
- ]
1950
- },
1951
- Schema: {
1952
- type: "string",
1953
- enum: ["openid:", "openid-vc:"]
1954
- },
1955
- ResponseIss: {
1956
- type: "string",
1957
- enum: ["https://self-issued.me", "https://self-issued.me/v2", "https://self-issued.me/v2/openid-vc"]
1958
- },
1959
- ResponseType: {
1960
- type: "string",
1961
- enum: ["id_token", "vp_token"]
1962
- },
1963
- Scope: {
1964
- type: "string",
1965
- enum: ["openid", "openid did_authn", "profile", "email", "address", "phone"]
1966
- },
1967
- SubjectType: {
1968
- type: "string",
1969
- enum: ["public", "pairwise"]
1970
- },
1971
- SigningAlgo: {
1972
- type: "string",
1973
- enum: ["EdDSA", "RS256", "PS256", "ES256", "ES256K"]
1974
- },
1975
- ResponseMode: {
1976
- type: "string",
1977
- enum: ["fragment", "form_post", "post", "direct_post", "query"]
1978
- },
1979
- GrantType: {
1980
- type: "string",
1981
- enum: ["authorization_code", "implicit"]
1982
- },
1983
- AuthenticationContextReferences: {
1984
- type: "string",
1985
- enum: ["phr", "phrh"]
1986
- },
1987
- TokenEndpointAuthMethod: {
1988
- type: "string",
1989
- enum: ["client_secret_post", "client_secret_basic", "client_secret_jwt", "private_key_jwt"]
1990
- },
1991
- ClaimType: {
1992
- type: "string",
1993
- enum: ["normal", "aggregated", "distributed"]
1994
- },
1995
- IdTokenType: {
1996
- type: "string",
1997
- enum: ["subject_signed", "attester_signed"]
1998
- }
1999
- },
2000
- methods: {
2001
- ebsiAccessTokenGet: {
2002
- description: "",
2003
- arguments: {
2004
- $ref: "#/components/schemas/EBSIAuthAccessTokenGetArgs"
2005
- },
2006
- returnType: {
2007
- $ref: "#/components/schemas/GetAccessTokenResponse"
2008
- }
2009
- },
2010
- ebsiAuthorizationServerJwks: {
2011
- description: "",
2012
- arguments: {
2013
- $ref: "#/components/schemas/ApiOpts"
2014
- },
2015
- returnType: {
2016
- $ref: "#/components/schemas/GetOIDProviderJwksResponse"
2017
- }
2018
- },
2019
- ebsiPresentationDefinitionGet: {
2020
- description: "",
2021
- arguments: {
2022
- $ref: "#/components/schemas/GetPresentationDefinitionArgs"
2023
- },
2024
- returnType: {
2025
- $ref: "#/components/schemas/GetPresentationDefinitionResponse"
2026
- }
2027
- },
2028
- ebsiWellknownMetadata: {
2029
- description: "",
2030
- arguments: {
2031
- $ref: "#/components/schemas/ApiOpts"
2032
- },
2033
- returnType: {
2034
- $ref: "#/components/schemas/GetOIDProviderMetadataResponse"
2035
- }
2036
- }
2037
- }
2038
- }
2039
- }
2040
- };
2041
- }
2042
- });
2043
-
2044
- // src/index.ts
2045
- import { Loggers } from "@sphereon/ssi-types";
2046
-
2047
- // src/agent/mDLMdoc.ts
2048
- import { com as com3 } from "@sphereon/kmp-mdoc-core";
2049
- import { calculateJwkThumbprint as calculateJwkThumbprint2 } from "@sphereon/ssi-sdk-ext.key-utils";
2050
- import { getCertificateInfo as getCertificateInfo2, pemOrDerToX509Certificate as pemOrDerToX509Certificate2 } from "@sphereon/ssi-sdk-ext.x509-utils";
2051
-
2052
- // src/functions/index.ts
2053
- import { com } from "@sphereon/kmp-mdoc-core";
2054
- import { calculateJwkThumbprint, globalCrypto, verifyRawSignature } from "@sphereon/ssi-sdk-ext.key-utils";
2055
- import { derToPEM, getCertificateInfo, getSubjectDN, pemOrDerToX509Certificate, validateX509CertificateChain } from "@sphereon/ssi-sdk-ext.x509-utils";
2056
- import * as crypto from "crypto";
2057
- import { CryptoEngine, setEngine } from "pkijs";
2058
- import { fromString } from "uint8arrays/from-string";
2059
- var CoseJoseKeyMappingService = com.sphereon.crypto.CoseJoseKeyMappingService;
2060
- var KeyInfo = com.sphereon.crypto.KeyInfo;
2061
- var DateTimeUtils = com.sphereon.kmp.DateTimeUtils;
2062
- var decodeFrom = com.sphereon.kmp.decodeFrom;
2063
- var encodeTo = com.sphereon.kmp.encodeTo;
2064
- var Encoding = com.sphereon.kmp.Encoding;
2065
- var SignatureAlgorithm = com.sphereon.crypto.generic.SignatureAlgorithm;
2066
- var DefaultCallbacks = com.sphereon.crypto.DefaultCallbacks;
2067
- var CoseCryptoService = class {
2068
- static {
2069
- __name(this, "CoseCryptoService");
2070
- }
2071
- context;
2072
- constructor(context) {
2073
- this.context = context;
2074
- }
2075
- setContext(context) {
2076
- this.context = context;
2077
- }
2078
- async signAsync(input, requireX5Chain) {
2079
- if (!this.context) {
2080
- throw Error("No context provided. Please provide a context with the setContext method or constructor");
2081
- }
2082
- const { keyInfo, alg, value } = input;
2083
- let kmsKeyRef = keyInfo.kmsKeyRef ?? void 0;
2084
- if (!kmsKeyRef) {
2085
- const key = keyInfo.key;
2086
- if (key == null) {
2087
- return Promise.reject(Error("No key present in keyInfo. This implementation cannot sign without a key!"));
2088
- }
2089
- const resolvedKeyInfo = com.sphereon.crypto.ResolvedKeyInfo.Static.fromKeyInfo(keyInfo, key);
2090
- const jwkKeyInfo = CoseJoseKeyMappingService.toResolvedJwkKeyInfo(resolvedKeyInfo);
2091
- const kid = jwkKeyInfo.kid ?? calculateJwkThumbprint({
2092
- jwk: jwkKeyInfo.key.toJsonDTO()
2093
- }) ?? jwkKeyInfo.key.getKidAsString(true);
2094
- if (!kid) {
2095
- return Promise.reject(Error("No kid present and not kmsKeyRef provided"));
2096
- }
2097
- kmsKeyRef = kid;
2098
- }
2099
- const result = await this.context.agent.keyManagerSign({
2100
- algorithm: alg.jose.value,
2101
- data: encodeTo(value, Encoding.UTF8),
2102
- encoding: "utf-8",
2103
- keyRef: kmsKeyRef
2104
- });
2105
- return decodeFrom(result, Encoding.UTF8);
2106
- }
2107
- async verify1Async(input, keyInfo, requireX5Chain) {
2108
- const getCertAndKey = /* @__PURE__ */ __name(async (x5c2) => {
2109
- if (requireX5Chain && (!x5c2 || x5c2.length === 0)) {
2110
- return Promise.reject(new Error(`No x5chain was present in the CoseSign headers!`));
2111
- }
2112
- issuerCert = x5c2 ? pemOrDerToX509Certificate(x5c2[0]) : void 0;
2113
- let issuerJwk;
2114
- if (issuerCert) {
2115
- const info = await getCertificateInfo(issuerCert);
2116
- issuerJwk = info.publicKeyJWK;
2117
- }
2118
- return {
2119
- issuerCert,
2120
- issuerJwk
2121
- };
2122
- }, "getCertAndKey");
2123
- const coseKeyInfo = CoseJoseKeyMappingService.toCoseKeyInfo(keyInfo);
2124
- if (coseKeyInfo?.key?.d) {
2125
- throw Error("Do not use private keys to verify!");
2126
- } else if (!input.payload?.value) {
2127
- return Promise.reject(Error("Signature validation without payload not supported"));
2128
- }
2129
- const sign1Json = input.toJson();
2130
- const coseAlg = sign1Json.protectedHeader.alg;
2131
- if (!coseAlg) {
2132
- return Promise.reject(Error("No alg protected header present"));
2133
- }
2134
- let issuerCert;
2135
- let issuerCoseKey;
2136
- let kid = coseKeyInfo?.kid ?? sign1Json.protectedHeader.kid ?? sign1Json.unprotectedHeader?.kid;
2137
- const x5c = coseKeyInfo?.key?.getX509CertificateChain() ?? sign1Json.protectedHeader?.x5chain ?? sign1Json.unprotectedHeader?.x5chain;
2138
- if (!coseKeyInfo || !coseKeyInfo?.key || coseKeyInfo?.key?.x5chain) {
2139
- const certAndKey = await getCertAndKey(x5c);
2140
- issuerCoseKey = certAndKey.issuerJwk ? CoseJoseKeyMappingService.toCoseKey(certAndKey.issuerJwk) : void 0;
2141
- issuerCert = certAndKey.issuerCert;
2142
- }
2143
- if (!issuerCoseKey) {
2144
- if (!coseKeyInfo?.key) {
2145
- return Promise.reject(Error(`Either a x5c needs to be in the headers, or you need to provide a key for verification`));
2146
- }
2147
- if (kid === null) {
2148
- kid = coseKeyInfo.key.getKidAsString(false);
2149
- }
2150
- issuerCoseKey = com.sphereon.crypto.cose.CoseKeyCbor.Static.fromDTO(coseKeyInfo.key);
2151
- }
2152
- const issuerCoseKeyInfo = new KeyInfo(kid, issuerCoseKey, coseKeyInfo.opts, coseKeyInfo.keyVisibility, issuerCoseKey.getSignatureAlgorithm() ?? coseKeyInfo.signatureAlgorithm, x5c, coseKeyInfo.kmsKeyRef, coseKeyInfo.kms, coseKeyInfo.keyType ?? issuerCoseKey.getKty());
2153
- const recalculatedToBeSigned = input.toBeSignedJson(issuerCoseKeyInfo, SignatureAlgorithm.Static.fromCose(coseAlg));
2154
- const key = CoseJoseKeyMappingService.toJoseJwk(issuerCoseKeyInfo.key).toJsonDTO();
2155
- const valid = await verifyRawSignature({
2156
- data: fromString(recalculatedToBeSigned.base64UrlValue, "base64url"),
2157
- signature: fromString(sign1Json.signature, "base64url"),
2158
- key
2159
- });
2160
- return {
2161
- name: "mdoc",
2162
- critical: true,
2163
- error: !valid,
2164
- message: `Signature of '${issuerCert ? getSubjectDN(issuerCert).DN : kid}' was ${valid ? "" : "in"}valid`,
2165
- keyInfo: issuerCoseKeyInfo
2166
- };
2167
- }
2168
- resolvePublicKeyAsync(keyInfo) {
2169
- if (keyInfo.key) {
2170
- return Promise.resolve(CoseJoseKeyMappingService.toResolvedKeyInfo(keyInfo, keyInfo.key));
2171
- }
2172
- return Promise.reject(Error("No key present in keyInfo. This implementation cannot resolve public keys on its own currently!"));
2173
- }
2174
- };
2175
- var X509CallbackService = class {
2176
- static {
2177
- __name(this, "X509CallbackService");
2178
- }
2179
- _trustedCerts;
2180
- constructor(trustedCerts) {
2181
- this.setTrustedCerts(trustedCerts);
2182
- }
2183
- /**
2184
- * A more powerful version of the method below. Allows to verify at a specific time and returns more information
2185
- * @param chain
2186
- * @param trustAnchors
2187
- * @param verificationTime
2188
- */
2189
- async verifyCertificateChain({ chain, trustAnchors = this.getTrustedCerts(), verificationTime, opts }) {
2190
- return await validateX509CertificateChain({
2191
- chain,
2192
- trustAnchors,
2193
- verificationTime,
2194
- opts
2195
- });
2196
- }
2197
- /**
2198
- * This method is the implementation used within the mDL/Mdoc library
2199
- */
2200
- async verifyCertificateChainJS(chainDER, chainPEM, trustedCerts, verificationProfile, verificationTime) {
2201
- const verificationAt = verificationTime ?? DateTimeUtils.Static.DEFAULT.dateTimeLocal();
2202
- let chain = [];
2203
- if (chainDER && chainDER.length > 0) {
2204
- chain = chainDER.map((der) => Uint8Array.from(der));
2205
- }
2206
- if (chainPEM && chainPEM.length > 0) {
2207
- chain = (chain ?? []).concat(chainPEM);
2208
- }
2209
- const result = await validateX509CertificateChain({
2210
- chain,
2211
- trustAnchors: trustedCerts ?? this.getTrustedCerts(),
2212
- verificationTime: new Date(verificationAt.toEpochSeconds().toULong() * 1e3),
2213
- opts: {
2214
- trustRootWhenNoAnchors: true
2215
- }
2216
- });
2217
- const cert = result.certificateChain ? result.certificateChain[result.certificateChain.length - 1] : void 0;
2218
- return {
2219
- publicKey: cert?.publicKeyJWK,
2220
- publicKeyAlgorithm: cert?.publicKeyJWK?.alg,
2221
- name: "x.509",
2222
- critical: result.critical,
2223
- message: result.message,
2224
- error: result.error,
2225
- verificationTime: verificationAt
2226
- };
2227
- }
2228
- setTrustedCerts = /* @__PURE__ */ __name((trustedCertsInPEM) => {
2229
- this._trustedCerts = trustedCertsInPEM?.map((cert) => {
2230
- if (cert.includes("CERTIFICATE")) {
2231
- return cert;
2232
- }
2233
- return derToPEM(cert);
2234
- });
2235
- }, "setTrustedCerts");
2236
- getTrustedCerts = /* @__PURE__ */ __name(() => this._trustedCerts, "getTrustedCerts");
2237
- };
2238
- var defaultCryptoEngine = /* @__PURE__ */ __name(() => {
2239
- if (typeof self !== "undefined") {
2240
- if ("crypto" in self) {
2241
- let engineName = "webcrypto";
2242
- if ("webkitSubtle" in self.crypto) {
2243
- engineName = "safari";
2244
- }
2245
- setEngine(engineName, new CryptoEngine({
2246
- name: engineName,
2247
- crypto
2248
- }));
2249
- }
2250
- } else if (typeof crypto !== "undefined" && "webcrypto" in crypto) {
2251
- const name = "NodeJS ^15";
2252
- const nodeCrypto = crypto.webcrypto;
2253
- setEngine(name, new CryptoEngine({
2254
- name,
2255
- crypto: nodeCrypto
2256
- }));
2257
- } else {
2258
- const name = "crypto";
2259
- setEngine(name, new CryptoEngine({
2260
- name,
2261
- crypto: globalCrypto(false)
2262
- }));
2263
- }
2264
- }, "defaultCryptoEngine");
2265
- defaultCryptoEngine();
2266
- DefaultCallbacks.setCoseCryptoDefault(new CoseCryptoService());
2267
- DefaultCallbacks.setX509Default(new X509CallbackService());
2268
-
2269
- // src/types/ImDLMdoc.ts
2270
- import { com as com2 } from "@sphereon/kmp-mdoc-core";
2271
- var CborByteString = com2.sphereon.cbor.CborByteString;
2272
- var CoseKeyCbor = com2.sphereon.crypto.cose.CoseKeyCbor;
2273
- var CoseCryptoServiceJS = com2.sphereon.crypto.CoseCryptoServiceJS;
2274
- var CoseJoseKeyMappingService2 = com2.sphereon.crypto.CoseJoseKeyMappingService;
2275
- var KeyInfo2 = com2.sphereon.crypto.KeyInfo;
2276
- var DateTimeUtils2 = com2.sphereon.kmp.DateTimeUtils;
2277
- var decodeFrom2 = com2.sphereon.kmp.decodeFrom;
2278
- var encodeTo2 = com2.sphereon.kmp.encodeTo;
2279
- var Encoding2 = com2.sphereon.kmp.Encoding;
2280
- var MdocValidations = com2.sphereon.mdoc.data.MdocValidations;
2281
- var MdocOid4vpService = com2.sphereon.mdoc.oid4vp.MdocOid4vpServiceJs;
2282
- var Jwk = com2.sphereon.crypto.jose.Jwk;
2283
- var Oid4VPPresentationSubmission = com2.sphereon.mdoc.oid4vp.Oid4VPPresentationSubmission;
2284
-
2285
- // src/agent/mDLMdoc.ts
2286
- var mdocSupportMethods = [
2287
- "x509VerifyCertificateChain",
2288
- "x509GetCertificateInfo",
2289
- "mdocVerifyIssuerSigned",
2290
- "mdocOid4vpHolderPresent",
2291
- "mdocOid4vpRPVerify"
2292
- ];
2293
- var MDLMdoc = class {
2294
- static {
2295
- __name(this, "MDLMdoc");
2296
- }
2297
- schema = schema.IMDLMdoc;
2298
- methods = {
2299
- x509VerifyCertificateChain: this.x509VerifyCertificateChain.bind(this),
2300
- x509GetCertificateInfo: this.x509GetCertificateInfo.bind(this),
2301
- mdocVerifyIssuerSigned: this.mdocVerifyIssuerSigned.bind(this),
2302
- mdocOid4vpHolderPresent: this.mdocOid4vpHolderPresent.bind(this),
2303
- mdocOid4vpRPVerify: this.mdocOid4vpRPVerify.bind(this)
2304
- };
2305
- trustAnchors;
2306
- opts;
2307
- constructor(args) {
2308
- this.trustAnchors = args?.trustAnchors ?? [];
2309
- this.opts = args?.opts ?? {
2310
- trustRootWhenNoAnchors: true
2311
- };
2312
- }
2313
- /**
2314
- * Processes and verifies the provided mdoc, generates device response and presentation submission tokens.
2315
- *
2316
- * @param {MdocOid4vpPresentArgs} args - An object containing arguments for mdoc oid4vp holder presentation.
2317
- * @param {IRequiredContext} _context - Required context for the operation.
2318
- * @return {Promise<MdocOid4VPPresentationAuth>} A promise that resolves to an object containing vp_token and presentation_submission.
2319
- */
2320
- async mdocOid4vpHolderPresent(args, _context) {
2321
- const { mdocs, presentationDefinition, trustAnchors, verifications, mdocHolderNonce, authorizationRequestNonce, responseUri, clientId } = args;
2322
- const oid4vpService = new MdocOid4vpService();
2323
- const validate = /* @__PURE__ */ __name(async (mdoc) => {
2324
- try {
2325
- const result = await MdocValidations.fromDocumentAsync(mdoc, null, trustAnchors ?? this.trustAnchors, DateTimeUtils2.Static.DEFAULT.dateTimeLocal((verifications?.verificationTime?.getTime() ?? Date.now()) / 1e3), verifications?.allowExpiredDocuments);
2326
- if (result.error) {
2327
- console.log(JSON.stringify(result, null, 2));
2328
- }
2329
- return result;
2330
- } catch (e) {
2331
- console.log(e);
2332
- return {
2333
- error: true,
2334
- verifications: [
2335
- {
2336
- name: "mdoc",
2337
- error: true,
2338
- critical: true,
2339
- message: e.message
2340
- }
2341
- ]
2342
- };
2343
- }
2344
- }, "validate");
2345
- const allMatches = oid4vpService.matchDocumentsAndDescriptors(mdocHolderNonce, mdocs, presentationDefinition);
2346
- const docsAndDescriptors = [];
2347
- let lastError = void 0;
2348
- for (let match of allMatches) {
2349
- if (match.document) {
2350
- const result = await validate(match.document);
2351
- if (!result.error || responseUri.includes("openid.net")) {
2352
- try {
2353
- const cborKey = result.keyInfo?.key ? CoseKeyCbor.Static.fromDTO(result.keyInfo.key) : void 0;
2354
- if (!cborKey) {
2355
- throw Error("No key found in result");
2356
- }
2357
- let jwk = CoseJoseKeyMappingService2.toJoseJwk(cborKey).toJsonDTO();
2358
- if (!result.keyInfo?.kmsKeyRef) {
2359
- const keyInfo = result.keyInfo;
2360
- const kid = jwk.kid ?? calculateJwkThumbprint2({
2361
- jwk
2362
- });
2363
- const key = await _context.agent.keyManagerGet({
2364
- kid
2365
- });
2366
- const kms = key.kms;
2367
- const kmsKeyRef = key.meta?.kmsKeyRef;
2368
- const updateCborKey = cborKey.copy(false, cborKey.kty, cborKey.kid ?? new CborByteString(decodeFrom2(kid, Encoding2.UTF8)));
2369
- const deviceKeyInfo = KeyInfo2.Static.fromDTO(keyInfo).copy(kid, updateCborKey, keyInfo.opts, keyInfo.keyVisibility, keyInfo.signatureAlgorithm, keyInfo.x5c, kmsKeyRef, kms);
2370
- const updateMatch = match.copy(match.inputDescriptor, match.document, match.documentError, deviceKeyInfo);
2371
- match = updateMatch;
2372
- }
2373
- } catch (e) {
2374
- console.log(`We tied to ammend key info from the KMS, but failed. Potential trouble ahead ${e.message}`, e);
2375
- }
2376
- docsAndDescriptors.push(match);
2377
- } else if (result.error) {
2378
- lastError = result;
2379
- }
2380
- }
2381
- }
2382
- if (docsAndDescriptors.length === 0) {
2383
- if (lastError) {
2384
- return Promise.reject(Error(lastError.verifications[0].message ?? "No matching documents found"));
2385
- }
2386
- return Promise.reject(Error("No matching documents found"));
2387
- }
2388
- const deviceResponse = await oid4vpService.createDeviceResponse(docsAndDescriptors, presentationDefinition, clientId, responseUri, authorizationRequestNonce);
2389
- const vp_token = encodeTo2(deviceResponse.cborEncode(), Encoding2.BASE64URL);
2390
- const presentation_submission = Oid4VPPresentationSubmission.Static.fromPresentationDefinition(presentationDefinition);
2391
- return {
2392
- vp_token,
2393
- presentation_submission
2394
- };
2395
- }
2396
- /**
2397
- * Verifies on the Relying Party (RP) side for mdoc (mobile document) OIDC4VP (OpenID Connect for Verifiable Presentations).
2398
- *
2399
- * @param {MdocOid4vpRPVerifyArgs} args - The arguments required for verification, including the vp_token, presentation_submission, and trustAnchors.
2400
- * @param {IRequiredContext} _context - The required context for this method.
2401
- * @return {Promise<MdocOid4vpRPVerifyResult>} - A promise that resolves to an object containing error status,
2402
- * validated documents, and the original presentation submission.
2403
- */
2404
- async mdocOid4vpRPVerify(args, _context) {
2405
- const { vp_token, presentation_submission, trustAnchors } = args;
2406
- const deviceResponse = com3.sphereon.mdoc.data.device.DeviceResponseCbor.Static.cborDecode(decodeFrom2(vp_token, Encoding2.BASE64URL));
2407
- if (!deviceResponse.documents) {
2408
- return Promise.reject(Error(`No documents found in vp_token`));
2409
- }
2410
- let error = false;
2411
- const documents = await Promise.all(deviceResponse.documents.map(async (document) => {
2412
- try {
2413
- const validations = await MdocValidations.fromDocumentAsync(document, null, trustAnchors ?? this.trustAnchors);
2414
- if (!validations || validations.error) {
2415
- error = true;
2416
- }
2417
- if (presentation_submission.descriptor_map.find((m) => m.id === document.docType.value) === null) {
2418
- error = true;
2419
- validations.verifications.push({
2420
- name: "mdoc",
2421
- error,
2422
- critical: error,
2423
- message: `No descriptor map id with document type ${document.docType.value} present`
2424
- });
2425
- }
2426
- return {
2427
- document: document.toJson(),
2428
- validations
2429
- };
2430
- } catch (e) {
2431
- error = true;
2432
- return {
2433
- document: document.toJson(),
2434
- validations: {
2435
- error: true,
2436
- verifications: [
2437
- {
2438
- name: "mdoc",
2439
- error,
2440
- critical: true,
2441
- message: e.message
2442
- }
2443
- ]
2444
- }
2445
- };
2446
- }
2447
- }));
2448
- if (error) {
2449
- console.log(JSON.stringify(documents, null, 2));
2450
- }
2451
- return {
2452
- error,
2453
- documents,
2454
- presentation_submission
2455
- };
2456
- }
2457
- /**
2458
- * Verifies the issuer-signed Mobile Document (mDoc) using the provided arguments and context.
2459
- *
2460
- * @param {MdocVerifyIssuerSignedArgs} args - The arguments required for verification, including input and key information.
2461
- * @param {IRequiredContext} context - The context encompassing necessary dependencies and configurations.
2462
- * @return {Promise<IVerifySignatureResult<KeyType>>} A promise that resolves to the result of the signature verification, including key information if available.
2463
- */
2464
- async mdocVerifyIssuerSigned(args, context) {
2465
- const { input, keyInfo, requireX5Chain } = args;
2466
- const coseKeyInfo = keyInfo && CoseJoseKeyMappingService2.toCoseKeyInfo(keyInfo);
2467
- const verification = await new CoseCryptoServiceJS(new CoseCryptoService(context)).verify1(com3.sphereon.crypto.cose.CoseSign1Json.Static.fromDTO(input).toCbor(), coseKeyInfo, requireX5Chain);
2468
- return {
2469
- ...verification,
2470
- keyInfo
2471
- };
2472
- }
2473
- /**
2474
- * Verifies an X.509 certificate chain against a set of trust anchors.
2475
- *
2476
- * @param {VerifyCertificateChainArgs} args - The arguments required for verifying the certificate chain.
2477
- * This includes the certificate chain to be verified and any additional trust anchors to be used.
2478
- * @param {IRequiredContext} _context - The context required for verification, including necessary dependencies and settings.
2479
- * @return {Promise<X509ValidationResult>} A promise that resolves to the result of the validation process, indicating the success or failure of the certificate chain verification.
2480
- */
2481
- async x509VerifyCertificateChain(args, _context) {
2482
- const mergedAnchors = [
2483
- ...this.trustAnchors,
2484
- ...args.trustAnchors ?? []
2485
- ];
2486
- const trustAnchors = new Set(mergedAnchors);
2487
- const validationResult = await new X509CallbackService(Array.from(mergedAnchors)).verifyCertificateChain({
2488
- ...args,
2489
- trustAnchors: Array.from(trustAnchors),
2490
- opts: {
2491
- ...args?.opts,
2492
- ...this.opts
2493
- }
2494
- });
2495
- console.log(`x509 validation for ${validationResult.error ? "Error" : "Success"}. message: ${validationResult.message}, details: ${validationResult.detailMessage}`);
2496
- return validationResult;
2497
- }
2498
- /**
2499
- * Extracts information from a list of X509 certificates.
2500
- *
2501
- * @param {GetX509CertificateInfoArgs} args - Arguments required to retrieve certificate information,
2502
- * including the certificates and optional Subject Alternative Name (SAN) type filter.
2503
- * @param {IRequiredContext} context - The context required for the operation, which may include
2504
- * logging, configuration, and other operational details.
2505
- * @return {Promise<CertificateInfo[]>} A promise that resolves with an array of certificate
2506
- * information objects, each containing details extracted from individual certificates.
2507
- */
2508
- async x509GetCertificateInfo(args, context) {
2509
- const certificates = args.certificates.map((cert) => pemOrDerToX509Certificate2(cert));
2510
- return await Promise.all(certificates.map((cert) => getCertificateInfo2(cert, args.sanTypeFilter && {
2511
- sanTypeFilter: args.sanTypeFilter
2512
- })));
2513
- }
2514
- };
2515
-
2516
- // src/index.ts
2517
- var logger = Loggers.DEFAULT.get("sphereon:mdoc");
2518
- var schema = require_plugin_schema();
2519
- export {
2520
- CborByteString,
2521
- CoseCryptoService,
2522
- CoseCryptoServiceJS,
2523
- CoseJoseKeyMappingService2 as CoseJoseKeyMappingService,
2524
- CoseKeyCbor,
2525
- DateTimeUtils2 as DateTimeUtils,
2526
- Encoding2 as Encoding,
2527
- Jwk,
2528
- KeyInfo2 as KeyInfo,
2529
- MDLMdoc,
2530
- MdocOid4vpService,
2531
- MdocValidations,
2532
- Oid4VPPresentationSubmission,
2533
- X509CallbackService,
2534
- decodeFrom2 as decodeFrom,
2535
- encodeTo2 as encodeTo,
2536
- logger,
2537
- mdocSupportMethods,
2538
- schema
1
+ "use strict";
2
+ var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
3
+ if (k2 === undefined) k2 = k;
4
+ var desc = Object.getOwnPropertyDescriptor(m, k);
5
+ if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
6
+ desc = { enumerable: true, get: function() { return m[k]; } };
7
+ }
8
+ Object.defineProperty(o, k2, desc);
9
+ }) : (function(o, m, k, k2) {
10
+ if (k2 === undefined) k2 = k;
11
+ o[k2] = m[k];
12
+ }));
13
+ var __exportStar = (this && this.__exportStar) || function(m, exports) {
14
+ for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
2539
15
  };
16
+ Object.defineProperty(exports, "__esModule", { value: true });
17
+ exports.mdocSupportMethods = exports.MDLMdoc = exports.schema = exports.logger = void 0;
18
+ const ssi_types_1 = require("@sphereon/ssi-types");
19
+ exports.logger = ssi_types_1.Loggers.DEFAULT.get('sphereon:mdoc');
20
+ const schema = require('../plugin.schema.json');
21
+ exports.schema = schema;
22
+ var mDLMdoc_1 = require("./agent/mDLMdoc");
23
+ Object.defineProperty(exports, "MDLMdoc", { enumerable: true, get: function () { return mDLMdoc_1.MDLMdoc; } });
24
+ Object.defineProperty(exports, "mdocSupportMethods", { enumerable: true, get: function () { return mDLMdoc_1.mdocSupportMethods; } });
25
+ __exportStar(require("./types/ImDLMdoc"), exports);
26
+ __exportStar(require("./functions"), exports);
2540
27
  //# sourceMappingURL=index.js.map