@sphereon/ssi-sdk.ms-request-api 0.34.1-next.3 → 0.34.1-next.323

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (6) hide show
  1. package/dist/index.cjs +12 -2
  2. package/dist/index.cjs.map +1 -1
  3. package/dist/index.js +1 -1
  4. package/dist/index.js.map +1 -1
  5. package/package.json +7 -7
  6. package/src/IssuerUtil.ts +1 -1
package/dist/index.cjs CHANGED
@@ -1,7 +1,9 @@
1
1
  "use strict";
2
+ var __create = Object.create;
2
3
  var __defProp = Object.defineProperty;
3
4
  var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
4
5
  var __getOwnPropNames = Object.getOwnPropertyNames;
6
+ var __getProtoOf = Object.getPrototypeOf;
5
7
  var __hasOwnProp = Object.prototype.hasOwnProperty;
6
8
  var __name = (target, value) => __defProp(target, "name", { value, configurable: true });
7
9
  var __commonJS = (cb, mod) => function __require() {
@@ -19,6 +21,14 @@ var __copyProps = (to, from, except, desc) => {
19
21
  }
20
22
  return to;
21
23
  };
24
+ var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__getProtoOf(mod)) : {}, __copyProps(
25
+ // If the importer is in node compatibility mode or this is not an ESM
26
+ // file that has been converted to a CommonJS file using a Babel-
27
+ // compatible transform (i.e. "__esModule" has not been set), then set
28
+ // "default" to the CommonJS "module.exports" for node compatibility.
29
+ isNodeMode || !mod || !mod.__esModule ? __defProp(target, "default", { value: mod, enumerable: true }) : target,
30
+ mod
31
+ ));
22
32
  var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
23
33
 
24
34
  // plugin.schema.json
@@ -235,7 +245,7 @@ module.exports = __toCommonJS(index_exports);
235
245
  var import_ssi_sdk = require("@sphereon/ssi-sdk.ms-authenticator");
236
246
 
237
247
  // src/IssuerUtil.ts
238
- var import_cross_fetch = require("cross-fetch");
248
+ var import_cross_fetch = __toESM(require("cross-fetch"), 1);
239
249
  async function fetchIssuanceRequestMs(issuanceInfo, accessToken, msIdentityHostName) {
240
250
  const requestEndpoint = `${msIdentityHostName}${issuanceInfo.authenticationInfo.azTenantId}/verifiablecredentials/request`;
241
251
  const payload = JSON.stringify(issuanceInfo.issuanceConfig);
@@ -248,7 +258,7 @@ async function fetchIssuanceRequestMs(issuanceInfo, accessToken, msIdentityHostN
248
258
  Authorization: `Bearer ${accessToken}`
249
259
  }
250
260
  };
251
- const response = await (0, import_cross_fetch.fetch)(requestEndpoint, fetchOptions);
261
+ const response = await (0, import_cross_fetch.default)(requestEndpoint, fetchOptions);
252
262
  return await response.json();
253
263
  }
254
264
  __name(fetchIssuanceRequestMs, "fetchIssuanceRequestMs");
package/dist/index.cjs.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../plugin.schema.json","../src/index.ts","../src/agent/MsRequestApi.ts","../src/IssuerUtil.ts"],"sourcesContent":["{\n \"IMsRequestApi\": {\n \"components\": {\n \"schemas\": {\n \"IClientIssueRequest\": {\n \"type\": \"object\",\n \"properties\": {\n \"authenticationInfo\": {\n \"$ref\": \"#/components/schemas/IMsAuthenticationClientCredentialArgs\"\n },\n \"clientIssuanceConfig\": {\n \"$ref\": \"#/components/schemas/IClientIssuanceConfig\"\n },\n \"claims\": {\n \"$ref\": \"#/components/schemas/CredentialSubject\"\n }\n },\n \"required\": [\"authenticationInfo\", \"clientIssuanceConfig\", \"claims\"],\n \"additionalProperties\": false\n },\n \"IMsAuthenticationClientCredentialArgs\": {\n \"type\": \"object\",\n \"properties\": {\n \"azClientId\": {\n \"type\": \"string\"\n },\n \"azTenantId\": {\n \"type\": \"string\"\n },\n \"azClientSecret\": {\n \"type\": \"string\"\n },\n \"credentialManifestUrl\": {\n \"type\": \"string\"\n },\n \"authority\": {\n \"type\": \"string\"\n },\n \"region\": {\n \"type\": \"string\"\n },\n \"scopes\": {\n \"type\": \"array\",\n \"items\": {\n \"type\": \"string\"\n }\n },\n \"skipCache\": {\n \"type\": \"boolean\"\n },\n \"piiLoggingEnabled\": {\n \"type\": \"boolean\"\n },\n \"logLevel\": {\n \"$ref\": \"#/components/schemas/LogLevel\"\n }\n },\n \"required\": [\"azClientId\", \"azTenantId\", \"azClientSecret\"],\n \"additionalProperties\": false,\n \"description\": \"azClientId: clientId of the application you're trying to login azClientSecret: secret of the application you're trying to login azTenantId: your MS Azure tenantId credentialManifestUrl: url of your credential manifest. usually in following format: https://beta.eu.did.msidentity.com/v1.0/<tenant_id>/verifiableCredential/contracts/<verifiable_credential_schema> authority: optional. if not provided, we'll use the azClientId to create the Tenanted format if provided should be one of these two formats: - Tenanted: https://login.microsoftonline.com/{tenant}/, where {tenant} is either the GUID representing the tenant ID or a domain name associated with the tenant. - Work and school accounts: https://login.microsoftonline.com/organizations/. region?: if present will use the provided, if not will make a request to determine the region scopes?: scopes that you want to access via this authentication skipCache?: whether to skip cache piiLoggingEnabled?: if not provided defaults to false logLevel?: can be one of these values: Error = 0, Warning = 1, Info = 2, Verbose = 3, Trace = 4 if not provided defaults to LogLevel.Verbose\"\n },\n \"LogLevel\": {\n \"type\": \"number\",\n \"enum\": [0, 1, 2, 3, 4],\n \"description\": \"Log message level.\"\n },\n \"IClientIssuanceConfig\": {\n \"type\": \"object\",\n \"properties\": {\n \"authority\": {\n \"type\": \"string\"\n },\n \"includeQRCode\": {\n \"type\": \"boolean\"\n },\n \"registration\": {\n \"$ref\": \"#/components/schemas/Registration\"\n },\n \"callback\": {\n \"$ref\": \"#/components/schemas/Callback\"\n },\n \"issuance\": {\n \"$ref\": \"#/components/schemas/IClientIssuance\"\n }\n },\n \"required\": [\"authority\", \"includeQRCode\", \"registration\", \"callback\", \"issuance\"],\n \"additionalProperties\": false\n },\n \"Registration\": {\n \"type\": \"object\",\n \"properties\": {\n \"clientName\": {\n \"type\": \"string\"\n }\n },\n \"required\": [\"clientName\"],\n \"additionalProperties\": false\n },\n \"Callback\": {\n \"type\": \"object\",\n \"properties\": {\n \"url\": {\n \"type\": \"string\"\n },\n \"state\": {\n \"type\": \"string\"\n },\n \"headers\": {\n \"$ref\": \"#/components/schemas/Headers\"\n }\n },\n \"required\": [\"url\", \"state\", \"headers\"],\n \"additionalProperties\": false\n },\n \"Headers\": {\n \"type\": \"object\",\n \"properties\": {\n \"apiKey\": {\n \"type\": \"string\"\n }\n },\n \"required\": [\"apiKey\"],\n \"additionalProperties\": false\n },\n \"IClientIssuance\": {\n \"type\": \"object\",\n \"properties\": {\n \"type\": {\n \"type\": \"string\"\n },\n \"manifest\": {\n \"type\": \"string\"\n },\n \"pin\": {\n \"$ref\": \"#/components/schemas/Pin\"\n }\n },\n \"required\": [\"type\", \"manifest\", \"pin\"],\n \"additionalProperties\": false\n },\n \"Pin\": {\n \"type\": \"object\",\n \"properties\": {\n \"value\": {\n \"type\": \"string\"\n },\n \"length\": {\n \"type\": \"number\"\n }\n },\n \"required\": [\"value\", \"length\"],\n \"additionalProperties\": false\n },\n \"CredentialSubject\": {\n \"type\": \"object\"\n },\n \"IIssueRequestResponse\": {\n \"type\": \"object\",\n \"properties\": {\n \"id\": {\n \"type\": \"string\"\n },\n \"requestId\": {\n \"type\": \"string\"\n },\n \"url\": {\n \"type\": \"string\"\n },\n \"expiry\": {\n \"type\": \"string\",\n \"format\": \"date-time\"\n },\n \"pin\": {\n \"type\": \"string\"\n }\n },\n \"required\": [\"id\", \"requestId\", \"url\", \"expiry\", \"pin\"],\n \"additionalProperties\": false\n }\n },\n \"methods\": {\n \"issuanceRequestMsVc\": {\n \"description\": \"\",\n \"arguments\": {\n \"$ref\": \"#/components/schemas/IClientIssueRequest\"\n },\n \"returnType\": {\n \"$ref\": \"#/components/schemas/IIssueRequestResponse\"\n }\n }\n }\n }\n }\n}\n","/**\n * @public\n */\nconst schema = require('../plugin.schema.json')\nexport { schema }\nexport { MsRequestApi } from './agent/MsRequestApi'\nexport * from './types/IMsRequestApi'\nexport * from './IssuerUtil'\n","import {\n assertEntraCredentialManifestUrlInCorrectRegion,\n IMSClientCredentialAuthInfo,\n determineMSAuthId,\n getMSClientCredentialAccessToken,\n newMSClientCredentialAuthenticator,\n} from '@sphereon/ssi-sdk.ms-authenticator'\nimport { IAgentPlugin } from '@veramo/core'\nimport { fetchIssuanceRequestMs, generatePin } from '../IssuerUtil'\nimport {\n IClientIssueRequest,\n IIssueRequest,\n IIssueRequestResponse,\n IMsRequestApi,\n IRequiredContext,\n Issuance,\n IssuanceConfig,\n} from '../types/IMsRequestApi'\n\n/**\n * {@inheritDoc IMsRequestApi}\n */\nexport class MsRequestApi implements IAgentPlugin {\n private clients: Map<string, IMSClientCredentialAuthInfo> = new Map<string, IMSClientCredentialAuthInfo>()\n\n readonly methods: IMsRequestApi = {\n issuanceRequestMsVc: this.issuanceRequestMsVc.bind(this),\n }\n\n /** {@inheritDoc IMsRequestApi.issuanceRequestMsVc} */\n private async issuanceRequestMsVc(clientIssueRequest: IClientIssueRequest, context: IRequiredContext): Promise<IIssueRequestResponse> {\n const id = determineMSAuthId(clientIssueRequest.authenticationInfo)\n if (!this.clients.has(id)) {\n this.clients.set(id, await newMSClientCredentialAuthenticator(clientIssueRequest.authenticationInfo))\n }\n const clientInfo = this.clients.get(id)\n if (!clientInfo) {\n throw Error(`Could not get client from arguments for id: ${id}`)\n }\n const authResult = await getMSClientCredentialAccessToken(clientIssueRequest.authenticationInfo, {\n confidentialClient: clientInfo.confidentialClient,\n })\n const accessToken = authResult.accessToken\n\n const msIdentityHostName = await assertEntraCredentialManifestUrlInCorrectRegion(clientIssueRequest.authenticationInfo)\n\n // Config Request and App Config File should be a parameter to this function\n if (!clientIssueRequest.authenticationInfo.azTenantId) {\n throw new Error('azTenantId is missing.')\n }\n\n // check if pin is required, if found make sure we set a new random pin\n // pincode is only used when the payload contains claim value pairs which results in an IDTokenhint\n if (clientIssueRequest.clientIssuanceConfig.issuance.pin) {\n clientIssueRequest.clientIssuanceConfig.issuance.pin.value = generatePin(clientIssueRequest.clientIssuanceConfig.issuance.pin.length)\n }\n\n const issuance: Issuance = {\n type: clientIssueRequest.clientIssuanceConfig.issuance.type,\n manifest: clientIssueRequest.clientIssuanceConfig.issuance.manifest,\n pin: clientIssueRequest.clientIssuanceConfig.issuance.pin,\n claims: clientIssueRequest.claims,\n }\n\n const issuanceConfig: IssuanceConfig = {\n authority: clientIssueRequest.clientIssuanceConfig.authority,\n includeQRCode: clientIssueRequest.clientIssuanceConfig.includeQRCode,\n registration: clientIssueRequest.clientIssuanceConfig.registration,\n callback: clientIssueRequest.clientIssuanceConfig.callback,\n issuance: issuance,\n }\n const issueRequest: IIssueRequest = {\n authenticationInfo: clientIssueRequest.authenticationInfo,\n issuanceConfig: issuanceConfig,\n }\n\n const resp = await fetchIssuanceRequestMs(issueRequest, accessToken, msIdentityHostName)\n\n // the response from the VC Request API call is returned to the caller (the UI). It contains the URI to the request which Authenticator can download after\n // it has scanned the QR code. If the payload requested the VC Request service to create the QR code that is returned as well\n // the javascript in the UI will use that QR code to display it on the screen to the user.\n resp.id = issueRequest.issuanceConfig.callback.state // add session id so browser can pull status\n if (issueRequest.issuanceConfig.issuance.pin) {\n resp.pin = issueRequest.issuanceConfig.issuance.pin.value // add pin code so browser can display it\n }\n return resp\n }\n}\n","import { IIssueRequest, IIssueRequestResponse } from './types/IMsRequestApi'\n\nimport { fetch } from 'cross-fetch'\nexport async function fetchIssuanceRequestMs(\n issuanceInfo: IIssueRequest,\n accessToken: string,\n msIdentityHostName: string,\n): Promise<IIssueRequestResponse> {\n const requestEndpoint = `${msIdentityHostName}${issuanceInfo.authenticationInfo.azTenantId}/verifiablecredentials/request`\n\n const payload = JSON.stringify(issuanceInfo.issuanceConfig)\n const fetchOptions = {\n method: 'POST',\n body: payload,\n headers: {\n 'Content-Type': 'application/json',\n 'Content-Length': payload.length.toString(),\n Authorization: `Bearer ${accessToken}`,\n },\n }\n const response = await fetch(requestEndpoint, fetchOptions)\n return await response.json()\n}\n\nexport function generatePin(digits: number) {\n const add = 1\n let max = 12 - add\n max = Math.pow(10, digits + add)\n const min = max / 10 // Math.pow(10, n) basically\n const number = Math.floor(Math.random() * (max - min + 1)) + min\n return ('' + number).substring(add)\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;AAAA;AAAA,gCAAAA,SAAA;AAAA,IAAAA,QAAA;AAAA,MACE,eAAiB;AAAA,QACf,YAAc;AAAA,UACZ,SAAW;AAAA,YACT,qBAAuB;AAAA,cACrB,MAAQ;AAAA,cACR,YAAc;AAAA,gBACZ,oBAAsB;AAAA,kBACpB,MAAQ;AAAA,gBACV;AAAA,gBACA,sBAAwB;AAAA,kBACtB,MAAQ;AAAA,gBACV;AAAA,gBACA,QAAU;AAAA,kBACR,MAAQ;AAAA,gBACV;AAAA,cACF;AAAA,cACA,UAAY,CAAC,sBAAsB,wBAAwB,QAAQ;AAAA,cACnE,sBAAwB;AAAA,YAC1B;AAAA,YACA,uCAAyC;AAAA,cACvC,MAAQ;AAAA,cACR,YAAc;AAAA,gBACZ,YAAc;AAAA,kBACZ,MAAQ;AAAA,gBACV;AAAA,gBACA,YAAc;AAAA,kBACZ,MAAQ;AAAA,gBACV;AAAA,gBACA,gBAAkB;AAAA,kBAChB,MAAQ;AAAA,gBACV;AAAA,gBACA,uBAAyB;AAAA,kBACvB,MAAQ;AAAA,gBACV;AAAA,gBACA,WAAa;AAAA,kBACX,MAAQ;AAAA,gBACV;AAAA,gBACA,QAAU;AAAA,kBACR,MAAQ;AAAA,gBACV;AAAA,gBACA,QAAU;AAAA,kBACR,MAAQ;AAAA,kBACR,OAAS;AAAA,oBACP,MAAQ;AAAA,kBACV;AAAA,gBACF;AAAA,gBACA,WAAa;AAAA,kBACX,MAAQ;AAAA,gBACV;AAAA,gBACA,mBAAqB;AAAA,kBACnB,MAAQ;AAAA,gBACV;AAAA,gBACA,UAAY;AAAA,kBACV,MAAQ;AAAA,gBACV;AAAA,cACF;AAAA,cACA,UAAY,CAAC,cAAc,cAAc,gBAAgB;AAAA,cACzD,sBAAwB;AAAA,cACxB,aAAe;AAAA,YACjB;AAAA,YACA,UAAY;AAAA,cACV,MAAQ;AAAA,cACR,MAAQ,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC;AAAA,cACtB,aAAe;AAAA,YACjB;AAAA,YACA,uBAAyB;AAAA,cACvB,MAAQ;AAAA,cACR,YAAc;AAAA,gBACZ,WAAa;AAAA,kBACX,MAAQ;AAAA,gBACV;AAAA,gBACA,eAAiB;AAAA,kBACf,MAAQ;AAAA,gBACV;AAAA,gBACA,cAAgB;AAAA,kBACd,MAAQ;AAAA,gBACV;AAAA,gBACA,UAAY;AAAA,kBACV,MAAQ;AAAA,gBACV;AAAA,gBACA,UAAY;AAAA,kBACV,MAAQ;AAAA,gBACV;AAAA,cACF;AAAA,cACA,UAAY,CAAC,aAAa,iBAAiB,gBAAgB,YAAY,UAAU;AAAA,cACjF,sBAAwB;AAAA,YAC1B;AAAA,YACA,cAAgB;AAAA,cACd,MAAQ;AAAA,cACR,YAAc;AAAA,gBACZ,YAAc;AAAA,kBACZ,MAAQ;AAAA,gBACV;AAAA,cACF;AAAA,cACA,UAAY,CAAC,YAAY;AAAA,cACzB,sBAAwB;AAAA,YAC1B;AAAA,YACA,UAAY;AAAA,cACV,MAAQ;AAAA,cACR,YAAc;AAAA,gBACZ,KAAO;AAAA,kBACL,MAAQ;AAAA,gBACV;AAAA,gBACA,OAAS;AAAA,kBACP,MAAQ;AAAA,gBACV;AAAA,gBACA,SAAW;AAAA,kBACT,MAAQ;AAAA,gBACV;AAAA,cACF;AAAA,cACA,UAAY,CAAC,OAAO,SAAS,SAAS;AAAA,cACtC,sBAAwB;AAAA,YAC1B;AAAA,YACA,SAAW;AAAA,cACT,MAAQ;AAAA,cACR,YAAc;AAAA,gBACZ,QAAU;AAAA,kBACR,MAAQ;AAAA,gBACV;AAAA,cACF;AAAA,cACA,UAAY,CAAC,QAAQ;AAAA,cACrB,sBAAwB;AAAA,YAC1B;AAAA,YACA,iBAAmB;AAAA,cACjB,MAAQ;AAAA,cACR,YAAc;AAAA,gBACZ,MAAQ;AAAA,kBACN,MAAQ;AAAA,gBACV;AAAA,gBACA,UAAY;AAAA,kBACV,MAAQ;AAAA,gBACV;AAAA,gBACA,KAAO;AAAA,kBACL,MAAQ;AAAA,gBACV;AAAA,cACF;AAAA,cACA,UAAY,CAAC,QAAQ,YAAY,KAAK;AAAA,cACtC,sBAAwB;AAAA,YAC1B;AAAA,YACA,KAAO;AAAA,cACL,MAAQ;AAAA,cACR,YAAc;AAAA,gBACZ,OAAS;AAAA,kBACP,MAAQ;AAAA,gBACV;AAAA,gBACA,QAAU;AAAA,kBACR,MAAQ;AAAA,gBACV;AAAA,cACF;AAAA,cACA,UAAY,CAAC,SAAS,QAAQ;AAAA,cAC9B,sBAAwB;AAAA,YAC1B;AAAA,YACA,mBAAqB;AAAA,cACnB,MAAQ;AAAA,YACV;AAAA,YACA,uBAAyB;AAAA,cACvB,MAAQ;AAAA,cACR,YAAc;AAAA,gBACZ,IAAM;AAAA,kBACJ,MAAQ;AAAA,gBACV;AAAA,gBACA,WAAa;AAAA,kBACX,MAAQ;AAAA,gBACV;AAAA,gBACA,KAAO;AAAA,kBACL,MAAQ;AAAA,gBACV;AAAA,gBACA,QAAU;AAAA,kBACR,MAAQ;AAAA,kBACR,QAAU;AAAA,gBACZ;AAAA,gBACA,KAAO;AAAA,kBACL,MAAQ;AAAA,gBACV;AAAA,cACF;AAAA,cACA,UAAY,CAAC,MAAM,aAAa,OAAO,UAAU,KAAK;AAAA,cACtD,sBAAwB;AAAA,YAC1B;AAAA,UACF;AAAA,UACA,SAAW;AAAA,YACT,qBAAuB;AAAA,cACrB,aAAe;AAAA,cACf,WAAa;AAAA,gBACX,MAAQ;AAAA,cACV;AAAA,cACA,YAAc;AAAA,gBACZ,MAAQ;AAAA,cACV;AAAA,YACF;AAAA,UACF;AAAA,QACF;AAAA,MACF;AAAA,IACF;AAAA;AAAA;;;ACjMA;;;;;;;;;;ACAA,qBAMO;;;ACJP,yBAAsB;AACtB,eAAsBC,uBACpBC,cACAC,aACAC,oBAA0B;AAE1B,QAAMC,kBAAkB,GAAGD,kBAAAA,GAAqBF,aAAaI,mBAAmBC,UAAU;AAE1F,QAAMC,UAAUC,KAAKC,UAAUR,aAAaS,cAAc;AAC1D,QAAMC,eAAe;IACnBC,QAAQ;IACRC,MAAMN;IACNO,SAAS;MACP,gBAAgB;MAChB,kBAAkBP,QAAQQ,OAAOC,SAAQ;MACzCC,eAAe,UAAUf,WAAAA;IAC3B;EACF;AACA,QAAMgB,WAAW,UAAMC,0BAAMf,iBAAiBO,YAAAA;AAC9C,SAAO,MAAMO,SAASE,KAAI;AAC5B;AAnBsBpB;AAqBf,SAASqB,YAAYC,QAAc;AACxC,QAAMC,MAAM;AACZ,MAAIC,MAAM,KAAKD;AACfC,QAAMC,KAAKC,IAAI,IAAIJ,SAASC,GAAAA;AAC5B,QAAMI,MAAMH,MAAM;AAClB,QAAMI,SAASH,KAAKI,MAAMJ,KAAKK,OAAM,KAAMN,MAAMG,MAAM,EAAA,IAAMA;AAC7D,UAAQ,KAAKC,QAAQG,UAAUR,GAAAA;AACjC;AAPgBF;;;ADFT,IAAMW,eAAN,MAAMA;EAtBb,OAsBaA;;;EACHC,UAAoD,oBAAIC,IAAAA;EAEvDC,UAAyB;IAChCC,qBAAqB,KAAKA,oBAAoBC,KAAK,IAAI;EACzD;;EAGA,MAAcD,oBAAoBE,oBAAyCC,SAA2D;AACpI,UAAMC,SAAKC,kCAAkBH,mBAAmBI,kBAAkB;AAClE,QAAI,CAAC,KAAKT,QAAQU,IAAIH,EAAAA,GAAK;AACzB,WAAKP,QAAQW,IAAIJ,IAAI,UAAMK,mDAAmCP,mBAAmBI,kBAAkB,CAAA;IACrG;AACA,UAAMI,aAAa,KAAKb,QAAQc,IAAIP,EAAAA;AACpC,QAAI,CAACM,YAAY;AACf,YAAME,MAAM,+CAA+CR,EAAAA,EAAI;IACjE;AACA,UAAMS,aAAa,UAAMC,iDAAiCZ,mBAAmBI,oBAAoB;MAC/FS,oBAAoBL,WAAWK;IACjC,CAAA;AACA,UAAMC,cAAcH,WAAWG;AAE/B,UAAMC,qBAAqB,UAAMC,gEAAgDhB,mBAAmBI,kBAAkB;AAGtH,QAAI,CAACJ,mBAAmBI,mBAAmBa,YAAY;AACrD,YAAM,IAAIP,MAAM,wBAAA;IAClB;AAIA,QAAIV,mBAAmBkB,qBAAqBC,SAASC,KAAK;AACxDpB,yBAAmBkB,qBAAqBC,SAASC,IAAIC,QAAQC,YAAYtB,mBAAmBkB,qBAAqBC,SAASC,IAAIG,MAAM;IACtI;AAEA,UAAMJ,WAAqB;MACzBK,MAAMxB,mBAAmBkB,qBAAqBC,SAASK;MACvDC,UAAUzB,mBAAmBkB,qBAAqBC,SAASM;MAC3DL,KAAKpB,mBAAmBkB,qBAAqBC,SAASC;MACtDM,QAAQ1B,mBAAmB0B;IAC7B;AAEA,UAAMC,iBAAiC;MACrCC,WAAW5B,mBAAmBkB,qBAAqBU;MACnDC,eAAe7B,mBAAmBkB,qBAAqBW;MACvDC,cAAc9B,mBAAmBkB,qBAAqBY;MACtDC,UAAU/B,mBAAmBkB,qBAAqBa;MAClDZ;IACF;AACA,UAAMa,eAA8B;MAClC5B,oBAAoBJ,mBAAmBI;MACvCuB;IACF;AAEA,UAAMM,OAAO,MAAMC,uBAAuBF,cAAclB,aAAaC,kBAAAA;AAKrEkB,SAAK/B,KAAK8B,aAAaL,eAAeI,SAASI;AAC/C,QAAIH,aAAaL,eAAeR,SAASC,KAAK;AAC5Ca,WAAKb,MAAMY,aAAaL,eAAeR,SAASC,IAAIC;IACtD;AACA,WAAOY;EACT;AACF;;;ADpFA,IAAMG,SAASC;","names":["module","fetchIssuanceRequestMs","issuanceInfo","accessToken","msIdentityHostName","requestEndpoint","authenticationInfo","azTenantId","payload","JSON","stringify","issuanceConfig","fetchOptions","method","body","headers","length","toString","Authorization","response","fetch","json","generatePin","digits","add","max","Math","pow","min","number","floor","random","substring","MsRequestApi","clients","Map","methods","issuanceRequestMsVc","bind","clientIssueRequest","context","id","determineMSAuthId","authenticationInfo","has","set","newMSClientCredentialAuthenticator","clientInfo","get","Error","authResult","getMSClientCredentialAccessToken","confidentialClient","accessToken","msIdentityHostName","assertEntraCredentialManifestUrlInCorrectRegion","azTenantId","clientIssuanceConfig","issuance","pin","value","generatePin","length","type","manifest","claims","issuanceConfig","authority","includeQRCode","registration","callback","issueRequest","resp","fetchIssuanceRequestMs","state","schema","require"]}
1
+ {"version":3,"sources":["../plugin.schema.json","../src/index.ts","../src/agent/MsRequestApi.ts","../src/IssuerUtil.ts"],"sourcesContent":["{\n \"IMsRequestApi\": {\n \"components\": {\n \"schemas\": {\n \"IClientIssueRequest\": {\n \"type\": \"object\",\n \"properties\": {\n \"authenticationInfo\": {\n \"$ref\": \"#/components/schemas/IMsAuthenticationClientCredentialArgs\"\n },\n \"clientIssuanceConfig\": {\n \"$ref\": \"#/components/schemas/IClientIssuanceConfig\"\n },\n \"claims\": {\n \"$ref\": \"#/components/schemas/CredentialSubject\"\n }\n },\n \"required\": [\"authenticationInfo\", \"clientIssuanceConfig\", \"claims\"],\n \"additionalProperties\": false\n },\n \"IMsAuthenticationClientCredentialArgs\": {\n \"type\": \"object\",\n \"properties\": {\n \"azClientId\": {\n \"type\": \"string\"\n },\n \"azTenantId\": {\n \"type\": \"string\"\n },\n \"azClientSecret\": {\n \"type\": \"string\"\n },\n \"credentialManifestUrl\": {\n \"type\": \"string\"\n },\n \"authority\": {\n \"type\": \"string\"\n },\n \"region\": {\n \"type\": \"string\"\n },\n \"scopes\": {\n \"type\": \"array\",\n \"items\": {\n \"type\": \"string\"\n }\n },\n \"skipCache\": {\n \"type\": \"boolean\"\n },\n \"piiLoggingEnabled\": {\n \"type\": \"boolean\"\n },\n \"logLevel\": {\n \"$ref\": \"#/components/schemas/LogLevel\"\n }\n },\n \"required\": [\"azClientId\", \"azTenantId\", \"azClientSecret\"],\n \"additionalProperties\": false,\n \"description\": \"azClientId: clientId of the application you're trying to login azClientSecret: secret of the application you're trying to login azTenantId: your MS Azure tenantId credentialManifestUrl: url of your credential manifest. usually in following format: https://beta.eu.did.msidentity.com/v1.0/<tenant_id>/verifiableCredential/contracts/<verifiable_credential_schema> authority: optional. if not provided, we'll use the azClientId to create the Tenanted format if provided should be one of these two formats: - Tenanted: https://login.microsoftonline.com/{tenant}/, where {tenant} is either the GUID representing the tenant ID or a domain name associated with the tenant. - Work and school accounts: https://login.microsoftonline.com/organizations/. region?: if present will use the provided, if not will make a request to determine the region scopes?: scopes that you want to access via this authentication skipCache?: whether to skip cache piiLoggingEnabled?: if not provided defaults to false logLevel?: can be one of these values: Error = 0, Warning = 1, Info = 2, Verbose = 3, Trace = 4 if not provided defaults to LogLevel.Verbose\"\n },\n \"LogLevel\": {\n \"type\": \"number\",\n \"enum\": [0, 1, 2, 3, 4],\n \"description\": \"Log message level.\"\n },\n \"IClientIssuanceConfig\": {\n \"type\": \"object\",\n \"properties\": {\n \"authority\": {\n \"type\": \"string\"\n },\n \"includeQRCode\": {\n \"type\": \"boolean\"\n },\n \"registration\": {\n \"$ref\": \"#/components/schemas/Registration\"\n },\n \"callback\": {\n \"$ref\": \"#/components/schemas/Callback\"\n },\n \"issuance\": {\n \"$ref\": \"#/components/schemas/IClientIssuance\"\n }\n },\n \"required\": [\"authority\", \"includeQRCode\", \"registration\", \"callback\", \"issuance\"],\n \"additionalProperties\": false\n },\n \"Registration\": {\n \"type\": \"object\",\n \"properties\": {\n \"clientName\": {\n \"type\": \"string\"\n }\n },\n \"required\": [\"clientName\"],\n \"additionalProperties\": false\n },\n \"Callback\": {\n \"type\": \"object\",\n \"properties\": {\n \"url\": {\n \"type\": \"string\"\n },\n \"state\": {\n \"type\": \"string\"\n },\n \"headers\": {\n \"$ref\": \"#/components/schemas/Headers\"\n }\n },\n \"required\": [\"url\", \"state\", \"headers\"],\n \"additionalProperties\": false\n },\n \"Headers\": {\n \"type\": \"object\",\n \"properties\": {\n \"apiKey\": {\n \"type\": \"string\"\n }\n },\n \"required\": [\"apiKey\"],\n \"additionalProperties\": false\n },\n \"IClientIssuance\": {\n \"type\": \"object\",\n \"properties\": {\n \"type\": {\n \"type\": \"string\"\n },\n \"manifest\": {\n \"type\": \"string\"\n },\n \"pin\": {\n \"$ref\": \"#/components/schemas/Pin\"\n }\n },\n \"required\": [\"type\", \"manifest\", \"pin\"],\n \"additionalProperties\": false\n },\n \"Pin\": {\n \"type\": \"object\",\n \"properties\": {\n \"value\": {\n \"type\": \"string\"\n },\n \"length\": {\n \"type\": \"number\"\n }\n },\n \"required\": [\"value\", \"length\"],\n \"additionalProperties\": false\n },\n \"CredentialSubject\": {\n \"type\": \"object\"\n },\n \"IIssueRequestResponse\": {\n \"type\": \"object\",\n \"properties\": {\n \"id\": {\n \"type\": \"string\"\n },\n \"requestId\": {\n \"type\": \"string\"\n },\n \"url\": {\n \"type\": \"string\"\n },\n \"expiry\": {\n \"type\": \"string\",\n \"format\": \"date-time\"\n },\n \"pin\": {\n \"type\": \"string\"\n }\n },\n \"required\": [\"id\", \"requestId\", \"url\", \"expiry\", \"pin\"],\n \"additionalProperties\": false\n }\n },\n \"methods\": {\n \"issuanceRequestMsVc\": {\n \"description\": \"\",\n \"arguments\": {\n \"$ref\": \"#/components/schemas/IClientIssueRequest\"\n },\n \"returnType\": {\n \"$ref\": \"#/components/schemas/IIssueRequestResponse\"\n }\n }\n }\n }\n }\n}\n","/**\n * @public\n */\nconst schema = require('../plugin.schema.json')\nexport { schema }\nexport { MsRequestApi } from './agent/MsRequestApi'\nexport * from './types/IMsRequestApi'\nexport * from './IssuerUtil'\n","import {\n assertEntraCredentialManifestUrlInCorrectRegion,\n IMSClientCredentialAuthInfo,\n determineMSAuthId,\n getMSClientCredentialAccessToken,\n newMSClientCredentialAuthenticator,\n} from '@sphereon/ssi-sdk.ms-authenticator'\nimport { IAgentPlugin } from '@veramo/core'\nimport { fetchIssuanceRequestMs, generatePin } from '../IssuerUtil'\nimport {\n IClientIssueRequest,\n IIssueRequest,\n IIssueRequestResponse,\n IMsRequestApi,\n IRequiredContext,\n Issuance,\n IssuanceConfig,\n} from '../types/IMsRequestApi'\n\n/**\n * {@inheritDoc IMsRequestApi}\n */\nexport class MsRequestApi implements IAgentPlugin {\n private clients: Map<string, IMSClientCredentialAuthInfo> = new Map<string, IMSClientCredentialAuthInfo>()\n\n readonly methods: IMsRequestApi = {\n issuanceRequestMsVc: this.issuanceRequestMsVc.bind(this),\n }\n\n /** {@inheritDoc IMsRequestApi.issuanceRequestMsVc} */\n private async issuanceRequestMsVc(clientIssueRequest: IClientIssueRequest, context: IRequiredContext): Promise<IIssueRequestResponse> {\n const id = determineMSAuthId(clientIssueRequest.authenticationInfo)\n if (!this.clients.has(id)) {\n this.clients.set(id, await newMSClientCredentialAuthenticator(clientIssueRequest.authenticationInfo))\n }\n const clientInfo = this.clients.get(id)\n if (!clientInfo) {\n throw Error(`Could not get client from arguments for id: ${id}`)\n }\n const authResult = await getMSClientCredentialAccessToken(clientIssueRequest.authenticationInfo, {\n confidentialClient: clientInfo.confidentialClient,\n })\n const accessToken = authResult.accessToken\n\n const msIdentityHostName = await assertEntraCredentialManifestUrlInCorrectRegion(clientIssueRequest.authenticationInfo)\n\n // Config Request and App Config File should be a parameter to this function\n if (!clientIssueRequest.authenticationInfo.azTenantId) {\n throw new Error('azTenantId is missing.')\n }\n\n // check if pin is required, if found make sure we set a new random pin\n // pincode is only used when the payload contains claim value pairs which results in an IDTokenhint\n if (clientIssueRequest.clientIssuanceConfig.issuance.pin) {\n clientIssueRequest.clientIssuanceConfig.issuance.pin.value = generatePin(clientIssueRequest.clientIssuanceConfig.issuance.pin.length)\n }\n\n const issuance: Issuance = {\n type: clientIssueRequest.clientIssuanceConfig.issuance.type,\n manifest: clientIssueRequest.clientIssuanceConfig.issuance.manifest,\n pin: clientIssueRequest.clientIssuanceConfig.issuance.pin,\n claims: clientIssueRequest.claims,\n }\n\n const issuanceConfig: IssuanceConfig = {\n authority: clientIssueRequest.clientIssuanceConfig.authority,\n includeQRCode: clientIssueRequest.clientIssuanceConfig.includeQRCode,\n registration: clientIssueRequest.clientIssuanceConfig.registration,\n callback: clientIssueRequest.clientIssuanceConfig.callback,\n issuance: issuance,\n }\n const issueRequest: IIssueRequest = {\n authenticationInfo: clientIssueRequest.authenticationInfo,\n issuanceConfig: issuanceConfig,\n }\n\n const resp = await fetchIssuanceRequestMs(issueRequest, accessToken, msIdentityHostName)\n\n // the response from the VC Request API call is returned to the caller (the UI). It contains the URI to the request which Authenticator can download after\n // it has scanned the QR code. If the payload requested the VC Request service to create the QR code that is returned as well\n // the javascript in the UI will use that QR code to display it on the screen to the user.\n resp.id = issueRequest.issuanceConfig.callback.state // add session id so browser can pull status\n if (issueRequest.issuanceConfig.issuance.pin) {\n resp.pin = issueRequest.issuanceConfig.issuance.pin.value // add pin code so browser can display it\n }\n return resp\n }\n}\n","import { IIssueRequest, IIssueRequestResponse } from './types/IMsRequestApi'\n\nimport fetch from 'cross-fetch'\nexport async function fetchIssuanceRequestMs(\n issuanceInfo: IIssueRequest,\n accessToken: string,\n msIdentityHostName: string,\n): Promise<IIssueRequestResponse> {\n const requestEndpoint = `${msIdentityHostName}${issuanceInfo.authenticationInfo.azTenantId}/verifiablecredentials/request`\n\n const payload = JSON.stringify(issuanceInfo.issuanceConfig)\n const fetchOptions = {\n method: 'POST',\n body: payload,\n headers: {\n 'Content-Type': 'application/json',\n 'Content-Length': payload.length.toString(),\n Authorization: `Bearer ${accessToken}`,\n },\n }\n const response = await fetch(requestEndpoint, fetchOptions)\n return await response.json()\n}\n\nexport function generatePin(digits: number) {\n const add = 1\n let max = 12 - add\n max = Math.pow(10, digits + add)\n const min = max / 10 // Math.pow(10, n) basically\n const number = Math.floor(Math.random() * (max - min + 1)) + min\n return ('' + number).substring(add)\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA;AAAA,gCAAAA,SAAA;AAAA,IAAAA,QAAA;AAAA,MACE,eAAiB;AAAA,QACf,YAAc;AAAA,UACZ,SAAW;AAAA,YACT,qBAAuB;AAAA,cACrB,MAAQ;AAAA,cACR,YAAc;AAAA,gBACZ,oBAAsB;AAAA,kBACpB,MAAQ;AAAA,gBACV;AAAA,gBACA,sBAAwB;AAAA,kBACtB,MAAQ;AAAA,gBACV;AAAA,gBACA,QAAU;AAAA,kBACR,MAAQ;AAAA,gBACV;AAAA,cACF;AAAA,cACA,UAAY,CAAC,sBAAsB,wBAAwB,QAAQ;AAAA,cACnE,sBAAwB;AAAA,YAC1B;AAAA,YACA,uCAAyC;AAAA,cACvC,MAAQ;AAAA,cACR,YAAc;AAAA,gBACZ,YAAc;AAAA,kBACZ,MAAQ;AAAA,gBACV;AAAA,gBACA,YAAc;AAAA,kBACZ,MAAQ;AAAA,gBACV;AAAA,gBACA,gBAAkB;AAAA,kBAChB,MAAQ;AAAA,gBACV;AAAA,gBACA,uBAAyB;AAAA,kBACvB,MAAQ;AAAA,gBACV;AAAA,gBACA,WAAa;AAAA,kBACX,MAAQ;AAAA,gBACV;AAAA,gBACA,QAAU;AAAA,kBACR,MAAQ;AAAA,gBACV;AAAA,gBACA,QAAU;AAAA,kBACR,MAAQ;AAAA,kBACR,OAAS;AAAA,oBACP,MAAQ;AAAA,kBACV;AAAA,gBACF;AAAA,gBACA,WAAa;AAAA,kBACX,MAAQ;AAAA,gBACV;AAAA,gBACA,mBAAqB;AAAA,kBACnB,MAAQ;AAAA,gBACV;AAAA,gBACA,UAAY;AAAA,kBACV,MAAQ;AAAA,gBACV;AAAA,cACF;AAAA,cACA,UAAY,CAAC,cAAc,cAAc,gBAAgB;AAAA,cACzD,sBAAwB;AAAA,cACxB,aAAe;AAAA,YACjB;AAAA,YACA,UAAY;AAAA,cACV,MAAQ;AAAA,cACR,MAAQ,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC;AAAA,cACtB,aAAe;AAAA,YACjB;AAAA,YACA,uBAAyB;AAAA,cACvB,MAAQ;AAAA,cACR,YAAc;AAAA,gBACZ,WAAa;AAAA,kBACX,MAAQ;AAAA,gBACV;AAAA,gBACA,eAAiB;AAAA,kBACf,MAAQ;AAAA,gBACV;AAAA,gBACA,cAAgB;AAAA,kBACd,MAAQ;AAAA,gBACV;AAAA,gBACA,UAAY;AAAA,kBACV,MAAQ;AAAA,gBACV;AAAA,gBACA,UAAY;AAAA,kBACV,MAAQ;AAAA,gBACV;AAAA,cACF;AAAA,cACA,UAAY,CAAC,aAAa,iBAAiB,gBAAgB,YAAY,UAAU;AAAA,cACjF,sBAAwB;AAAA,YAC1B;AAAA,YACA,cAAgB;AAAA,cACd,MAAQ;AAAA,cACR,YAAc;AAAA,gBACZ,YAAc;AAAA,kBACZ,MAAQ;AAAA,gBACV;AAAA,cACF;AAAA,cACA,UAAY,CAAC,YAAY;AAAA,cACzB,sBAAwB;AAAA,YAC1B;AAAA,YACA,UAAY;AAAA,cACV,MAAQ;AAAA,cACR,YAAc;AAAA,gBACZ,KAAO;AAAA,kBACL,MAAQ;AAAA,gBACV;AAAA,gBACA,OAAS;AAAA,kBACP,MAAQ;AAAA,gBACV;AAAA,gBACA,SAAW;AAAA,kBACT,MAAQ;AAAA,gBACV;AAAA,cACF;AAAA,cACA,UAAY,CAAC,OAAO,SAAS,SAAS;AAAA,cACtC,sBAAwB;AAAA,YAC1B;AAAA,YACA,SAAW;AAAA,cACT,MAAQ;AAAA,cACR,YAAc;AAAA,gBACZ,QAAU;AAAA,kBACR,MAAQ;AAAA,gBACV;AAAA,cACF;AAAA,cACA,UAAY,CAAC,QAAQ;AAAA,cACrB,sBAAwB;AAAA,YAC1B;AAAA,YACA,iBAAmB;AAAA,cACjB,MAAQ;AAAA,cACR,YAAc;AAAA,gBACZ,MAAQ;AAAA,kBACN,MAAQ;AAAA,gBACV;AAAA,gBACA,UAAY;AAAA,kBACV,MAAQ;AAAA,gBACV;AAAA,gBACA,KAAO;AAAA,kBACL,MAAQ;AAAA,gBACV;AAAA,cACF;AAAA,cACA,UAAY,CAAC,QAAQ,YAAY,KAAK;AAAA,cACtC,sBAAwB;AAAA,YAC1B;AAAA,YACA,KAAO;AAAA,cACL,MAAQ;AAAA,cACR,YAAc;AAAA,gBACZ,OAAS;AAAA,kBACP,MAAQ;AAAA,gBACV;AAAA,gBACA,QAAU;AAAA,kBACR,MAAQ;AAAA,gBACV;AAAA,cACF;AAAA,cACA,UAAY,CAAC,SAAS,QAAQ;AAAA,cAC9B,sBAAwB;AAAA,YAC1B;AAAA,YACA,mBAAqB;AAAA,cACnB,MAAQ;AAAA,YACV;AAAA,YACA,uBAAyB;AAAA,cACvB,MAAQ;AAAA,cACR,YAAc;AAAA,gBACZ,IAAM;AAAA,kBACJ,MAAQ;AAAA,gBACV;AAAA,gBACA,WAAa;AAAA,kBACX,MAAQ;AAAA,gBACV;AAAA,gBACA,KAAO;AAAA,kBACL,MAAQ;AAAA,gBACV;AAAA,gBACA,QAAU;AAAA,kBACR,MAAQ;AAAA,kBACR,QAAU;AAAA,gBACZ;AAAA,gBACA,KAAO;AAAA,kBACL,MAAQ;AAAA,gBACV;AAAA,cACF;AAAA,cACA,UAAY,CAAC,MAAM,aAAa,OAAO,UAAU,KAAK;AAAA,cACtD,sBAAwB;AAAA,YAC1B;AAAA,UACF;AAAA,UACA,SAAW;AAAA,YACT,qBAAuB;AAAA,cACrB,aAAe;AAAA,cACf,WAAa;AAAA,gBACX,MAAQ;AAAA,cACV;AAAA,cACA,YAAc;AAAA,gBACZ,MAAQ;AAAA,cACV;AAAA,YACF;AAAA,UACF;AAAA,QACF;AAAA,MACF;AAAA,IACF;AAAA;AAAA;;;ACjMA;;;;;;;;;;ACAA,qBAMO;;;ACJP,yBAAkB;AAClB,eAAsBC,uBACpBC,cACAC,aACAC,oBAA0B;AAE1B,QAAMC,kBAAkB,GAAGD,kBAAAA,GAAqBF,aAAaI,mBAAmBC,UAAU;AAE1F,QAAMC,UAAUC,KAAKC,UAAUR,aAAaS,cAAc;AAC1D,QAAMC,eAAe;IACnBC,QAAQ;IACRC,MAAMN;IACNO,SAAS;MACP,gBAAgB;MAChB,kBAAkBP,QAAQQ,OAAOC,SAAQ;MACzCC,eAAe,UAAUf,WAAAA;IAC3B;EACF;AACA,QAAMgB,WAAW,UAAMC,mBAAAA,SAAMf,iBAAiBO,YAAAA;AAC9C,SAAO,MAAMO,SAASE,KAAI;AAC5B;AAnBsBpB;AAqBf,SAASqB,YAAYC,QAAc;AACxC,QAAMC,MAAM;AACZ,MAAIC,MAAM,KAAKD;AACfC,QAAMC,KAAKC,IAAI,IAAIJ,SAASC,GAAAA;AAC5B,QAAMI,MAAMH,MAAM;AAClB,QAAMI,SAASH,KAAKI,MAAMJ,KAAKK,OAAM,KAAMN,MAAMG,MAAM,EAAA,IAAMA;AAC7D,UAAQ,KAAKC,QAAQG,UAAUR,GAAAA;AACjC;AAPgBF;;;ADFT,IAAMW,eAAN,MAAMA;EAtBb,OAsBaA;;;EACHC,UAAoD,oBAAIC,IAAAA;EAEvDC,UAAyB;IAChCC,qBAAqB,KAAKA,oBAAoBC,KAAK,IAAI;EACzD;;EAGA,MAAcD,oBAAoBE,oBAAyCC,SAA2D;AACpI,UAAMC,SAAKC,kCAAkBH,mBAAmBI,kBAAkB;AAClE,QAAI,CAAC,KAAKT,QAAQU,IAAIH,EAAAA,GAAK;AACzB,WAAKP,QAAQW,IAAIJ,IAAI,UAAMK,mDAAmCP,mBAAmBI,kBAAkB,CAAA;IACrG;AACA,UAAMI,aAAa,KAAKb,QAAQc,IAAIP,EAAAA;AACpC,QAAI,CAACM,YAAY;AACf,YAAME,MAAM,+CAA+CR,EAAAA,EAAI;IACjE;AACA,UAAMS,aAAa,UAAMC,iDAAiCZ,mBAAmBI,oBAAoB;MAC/FS,oBAAoBL,WAAWK;IACjC,CAAA;AACA,UAAMC,cAAcH,WAAWG;AAE/B,UAAMC,qBAAqB,UAAMC,gEAAgDhB,mBAAmBI,kBAAkB;AAGtH,QAAI,CAACJ,mBAAmBI,mBAAmBa,YAAY;AACrD,YAAM,IAAIP,MAAM,wBAAA;IAClB;AAIA,QAAIV,mBAAmBkB,qBAAqBC,SAASC,KAAK;AACxDpB,yBAAmBkB,qBAAqBC,SAASC,IAAIC,QAAQC,YAAYtB,mBAAmBkB,qBAAqBC,SAASC,IAAIG,MAAM;IACtI;AAEA,UAAMJ,WAAqB;MACzBK,MAAMxB,mBAAmBkB,qBAAqBC,SAASK;MACvDC,UAAUzB,mBAAmBkB,qBAAqBC,SAASM;MAC3DL,KAAKpB,mBAAmBkB,qBAAqBC,SAASC;MACtDM,QAAQ1B,mBAAmB0B;IAC7B;AAEA,UAAMC,iBAAiC;MACrCC,WAAW5B,mBAAmBkB,qBAAqBU;MACnDC,eAAe7B,mBAAmBkB,qBAAqBW;MACvDC,cAAc9B,mBAAmBkB,qBAAqBY;MACtDC,UAAU/B,mBAAmBkB,qBAAqBa;MAClDZ;IACF;AACA,UAAMa,eAA8B;MAClC5B,oBAAoBJ,mBAAmBI;MACvCuB;IACF;AAEA,UAAMM,OAAO,MAAMC,uBAAuBF,cAAclB,aAAaC,kBAAAA;AAKrEkB,SAAK/B,KAAK8B,aAAaL,eAAeI,SAASI;AAC/C,QAAIH,aAAaL,eAAeR,SAASC,KAAK;AAC5Ca,WAAKb,MAAMY,aAAaL,eAAeR,SAASC,IAAIC;IACtD;AACA,WAAOY;EACT;AACF;;;ADpFA,IAAMG,SAASC;","names":["module","fetchIssuanceRequestMs","issuanceInfo","accessToken","msIdentityHostName","requestEndpoint","authenticationInfo","azTenantId","payload","JSON","stringify","issuanceConfig","fetchOptions","method","body","headers","length","toString","Authorization","response","fetch","json","generatePin","digits","add","max","Math","pow","min","number","floor","random","substring","MsRequestApi","clients","Map","methods","issuanceRequestMsVc","bind","clientIssueRequest","context","id","determineMSAuthId","authenticationInfo","has","set","newMSClientCredentialAuthenticator","clientInfo","get","Error","authResult","getMSClientCredentialAccessToken","confidentialClient","accessToken","msIdentityHostName","assertEntraCredentialManifestUrlInCorrectRegion","azTenantId","clientIssuanceConfig","issuance","pin","value","generatePin","length","type","manifest","claims","issuanceConfig","authority","includeQRCode","registration","callback","issueRequest","resp","fetchIssuanceRequestMs","state","schema","require"]}
package/dist/index.js CHANGED
@@ -209,7 +209,7 @@ var require_plugin_schema = __commonJS({
209
209
  import { assertEntraCredentialManifestUrlInCorrectRegion, determineMSAuthId, getMSClientCredentialAccessToken, newMSClientCredentialAuthenticator } from "@sphereon/ssi-sdk.ms-authenticator";
210
210
 
211
211
  // src/IssuerUtil.ts
212
- import { fetch } from "cross-fetch";
212
+ import fetch from "cross-fetch";
213
213
  async function fetchIssuanceRequestMs(issuanceInfo, accessToken, msIdentityHostName) {
214
214
  const requestEndpoint = `${msIdentityHostName}${issuanceInfo.authenticationInfo.azTenantId}/verifiablecredentials/request`;
215
215
  const payload = JSON.stringify(issuanceInfo.issuanceConfig);
package/dist/index.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../plugin.schema.json","../src/agent/MsRequestApi.ts","../src/IssuerUtil.ts","../src/index.ts"],"sourcesContent":["{\n \"IMsRequestApi\": {\n \"components\": {\n \"schemas\": {\n \"IClientIssueRequest\": {\n \"type\": \"object\",\n \"properties\": {\n \"authenticationInfo\": {\n \"$ref\": \"#/components/schemas/IMsAuthenticationClientCredentialArgs\"\n },\n \"clientIssuanceConfig\": {\n \"$ref\": \"#/components/schemas/IClientIssuanceConfig\"\n },\n \"claims\": {\n \"$ref\": \"#/components/schemas/CredentialSubject\"\n }\n },\n \"required\": [\"authenticationInfo\", \"clientIssuanceConfig\", \"claims\"],\n \"additionalProperties\": false\n },\n \"IMsAuthenticationClientCredentialArgs\": {\n \"type\": \"object\",\n \"properties\": {\n \"azClientId\": {\n \"type\": \"string\"\n },\n \"azTenantId\": {\n \"type\": \"string\"\n },\n \"azClientSecret\": {\n \"type\": \"string\"\n },\n \"credentialManifestUrl\": {\n \"type\": \"string\"\n },\n \"authority\": {\n \"type\": \"string\"\n },\n \"region\": {\n \"type\": \"string\"\n },\n \"scopes\": {\n \"type\": \"array\",\n \"items\": {\n \"type\": \"string\"\n }\n },\n \"skipCache\": {\n \"type\": \"boolean\"\n },\n \"piiLoggingEnabled\": {\n \"type\": \"boolean\"\n },\n \"logLevel\": {\n \"$ref\": \"#/components/schemas/LogLevel\"\n }\n },\n \"required\": [\"azClientId\", \"azTenantId\", \"azClientSecret\"],\n \"additionalProperties\": false,\n \"description\": \"azClientId: clientId of the application you're trying to login azClientSecret: secret of the application you're trying to login azTenantId: your MS Azure tenantId credentialManifestUrl: url of your credential manifest. usually in following format: https://beta.eu.did.msidentity.com/v1.0/<tenant_id>/verifiableCredential/contracts/<verifiable_credential_schema> authority: optional. if not provided, we'll use the azClientId to create the Tenanted format if provided should be one of these two formats: - Tenanted: https://login.microsoftonline.com/{tenant}/, where {tenant} is either the GUID representing the tenant ID or a domain name associated with the tenant. - Work and school accounts: https://login.microsoftonline.com/organizations/. region?: if present will use the provided, if not will make a request to determine the region scopes?: scopes that you want to access via this authentication skipCache?: whether to skip cache piiLoggingEnabled?: if not provided defaults to false logLevel?: can be one of these values: Error = 0, Warning = 1, Info = 2, Verbose = 3, Trace = 4 if not provided defaults to LogLevel.Verbose\"\n },\n \"LogLevel\": {\n \"type\": \"number\",\n \"enum\": [0, 1, 2, 3, 4],\n \"description\": \"Log message level.\"\n },\n \"IClientIssuanceConfig\": {\n \"type\": \"object\",\n \"properties\": {\n \"authority\": {\n \"type\": \"string\"\n },\n \"includeQRCode\": {\n \"type\": \"boolean\"\n },\n \"registration\": {\n \"$ref\": \"#/components/schemas/Registration\"\n },\n \"callback\": {\n \"$ref\": \"#/components/schemas/Callback\"\n },\n \"issuance\": {\n \"$ref\": \"#/components/schemas/IClientIssuance\"\n }\n },\n \"required\": [\"authority\", \"includeQRCode\", \"registration\", \"callback\", \"issuance\"],\n \"additionalProperties\": false\n },\n \"Registration\": {\n \"type\": \"object\",\n \"properties\": {\n \"clientName\": {\n \"type\": \"string\"\n }\n },\n \"required\": [\"clientName\"],\n \"additionalProperties\": false\n },\n \"Callback\": {\n \"type\": \"object\",\n \"properties\": {\n \"url\": {\n \"type\": \"string\"\n },\n \"state\": {\n \"type\": \"string\"\n },\n \"headers\": {\n \"$ref\": \"#/components/schemas/Headers\"\n }\n },\n \"required\": [\"url\", \"state\", \"headers\"],\n \"additionalProperties\": false\n },\n \"Headers\": {\n \"type\": \"object\",\n \"properties\": {\n \"apiKey\": {\n \"type\": \"string\"\n }\n },\n \"required\": [\"apiKey\"],\n \"additionalProperties\": false\n },\n \"IClientIssuance\": {\n \"type\": \"object\",\n \"properties\": {\n \"type\": {\n \"type\": \"string\"\n },\n \"manifest\": {\n \"type\": \"string\"\n },\n \"pin\": {\n \"$ref\": \"#/components/schemas/Pin\"\n }\n },\n \"required\": [\"type\", \"manifest\", \"pin\"],\n \"additionalProperties\": false\n },\n \"Pin\": {\n \"type\": \"object\",\n \"properties\": {\n \"value\": {\n \"type\": \"string\"\n },\n \"length\": {\n \"type\": \"number\"\n }\n },\n \"required\": [\"value\", \"length\"],\n \"additionalProperties\": false\n },\n \"CredentialSubject\": {\n \"type\": \"object\"\n },\n \"IIssueRequestResponse\": {\n \"type\": \"object\",\n \"properties\": {\n \"id\": {\n \"type\": \"string\"\n },\n \"requestId\": {\n \"type\": \"string\"\n },\n \"url\": {\n \"type\": \"string\"\n },\n \"expiry\": {\n \"type\": \"string\",\n \"format\": \"date-time\"\n },\n \"pin\": {\n \"type\": \"string\"\n }\n },\n \"required\": [\"id\", \"requestId\", \"url\", \"expiry\", \"pin\"],\n \"additionalProperties\": false\n }\n },\n \"methods\": {\n \"issuanceRequestMsVc\": {\n \"description\": \"\",\n \"arguments\": {\n \"$ref\": \"#/components/schemas/IClientIssueRequest\"\n },\n \"returnType\": {\n \"$ref\": \"#/components/schemas/IIssueRequestResponse\"\n }\n }\n }\n }\n }\n}\n","import {\n assertEntraCredentialManifestUrlInCorrectRegion,\n IMSClientCredentialAuthInfo,\n determineMSAuthId,\n getMSClientCredentialAccessToken,\n newMSClientCredentialAuthenticator,\n} from '@sphereon/ssi-sdk.ms-authenticator'\nimport { IAgentPlugin } from '@veramo/core'\nimport { fetchIssuanceRequestMs, generatePin } from '../IssuerUtil'\nimport {\n IClientIssueRequest,\n IIssueRequest,\n IIssueRequestResponse,\n IMsRequestApi,\n IRequiredContext,\n Issuance,\n IssuanceConfig,\n} from '../types/IMsRequestApi'\n\n/**\n * {@inheritDoc IMsRequestApi}\n */\nexport class MsRequestApi implements IAgentPlugin {\n private clients: Map<string, IMSClientCredentialAuthInfo> = new Map<string, IMSClientCredentialAuthInfo>()\n\n readonly methods: IMsRequestApi = {\n issuanceRequestMsVc: this.issuanceRequestMsVc.bind(this),\n }\n\n /** {@inheritDoc IMsRequestApi.issuanceRequestMsVc} */\n private async issuanceRequestMsVc(clientIssueRequest: IClientIssueRequest, context: IRequiredContext): Promise<IIssueRequestResponse> {\n const id = determineMSAuthId(clientIssueRequest.authenticationInfo)\n if (!this.clients.has(id)) {\n this.clients.set(id, await newMSClientCredentialAuthenticator(clientIssueRequest.authenticationInfo))\n }\n const clientInfo = this.clients.get(id)\n if (!clientInfo) {\n throw Error(`Could not get client from arguments for id: ${id}`)\n }\n const authResult = await getMSClientCredentialAccessToken(clientIssueRequest.authenticationInfo, {\n confidentialClient: clientInfo.confidentialClient,\n })\n const accessToken = authResult.accessToken\n\n const msIdentityHostName = await assertEntraCredentialManifestUrlInCorrectRegion(clientIssueRequest.authenticationInfo)\n\n // Config Request and App Config File should be a parameter to this function\n if (!clientIssueRequest.authenticationInfo.azTenantId) {\n throw new Error('azTenantId is missing.')\n }\n\n // check if pin is required, if found make sure we set a new random pin\n // pincode is only used when the payload contains claim value pairs which results in an IDTokenhint\n if (clientIssueRequest.clientIssuanceConfig.issuance.pin) {\n clientIssueRequest.clientIssuanceConfig.issuance.pin.value = generatePin(clientIssueRequest.clientIssuanceConfig.issuance.pin.length)\n }\n\n const issuance: Issuance = {\n type: clientIssueRequest.clientIssuanceConfig.issuance.type,\n manifest: clientIssueRequest.clientIssuanceConfig.issuance.manifest,\n pin: clientIssueRequest.clientIssuanceConfig.issuance.pin,\n claims: clientIssueRequest.claims,\n }\n\n const issuanceConfig: IssuanceConfig = {\n authority: clientIssueRequest.clientIssuanceConfig.authority,\n includeQRCode: clientIssueRequest.clientIssuanceConfig.includeQRCode,\n registration: clientIssueRequest.clientIssuanceConfig.registration,\n callback: clientIssueRequest.clientIssuanceConfig.callback,\n issuance: issuance,\n }\n const issueRequest: IIssueRequest = {\n authenticationInfo: clientIssueRequest.authenticationInfo,\n issuanceConfig: issuanceConfig,\n }\n\n const resp = await fetchIssuanceRequestMs(issueRequest, accessToken, msIdentityHostName)\n\n // the response from the VC Request API call is returned to the caller (the UI). It contains the URI to the request which Authenticator can download after\n // it has scanned the QR code. If the payload requested the VC Request service to create the QR code that is returned as well\n // the javascript in the UI will use that QR code to display it on the screen to the user.\n resp.id = issueRequest.issuanceConfig.callback.state // add session id so browser can pull status\n if (issueRequest.issuanceConfig.issuance.pin) {\n resp.pin = issueRequest.issuanceConfig.issuance.pin.value // add pin code so browser can display it\n }\n return resp\n }\n}\n","import { IIssueRequest, IIssueRequestResponse } from './types/IMsRequestApi'\n\nimport { fetch } from 'cross-fetch'\nexport async function fetchIssuanceRequestMs(\n issuanceInfo: IIssueRequest,\n accessToken: string,\n msIdentityHostName: string,\n): Promise<IIssueRequestResponse> {\n const requestEndpoint = `${msIdentityHostName}${issuanceInfo.authenticationInfo.azTenantId}/verifiablecredentials/request`\n\n const payload = JSON.stringify(issuanceInfo.issuanceConfig)\n const fetchOptions = {\n method: 'POST',\n body: payload,\n headers: {\n 'Content-Type': 'application/json',\n 'Content-Length': payload.length.toString(),\n Authorization: `Bearer ${accessToken}`,\n },\n }\n const response = await fetch(requestEndpoint, fetchOptions)\n return await response.json()\n}\n\nexport function generatePin(digits: number) {\n const add = 1\n let max = 12 - add\n max = Math.pow(10, digits + add)\n const min = max / 10 // Math.pow(10, n) basically\n const number = Math.floor(Math.random() * (max - min + 1)) + min\n return ('' + number).substring(add)\n}\n","/**\n * @public\n */\nconst schema = require('../plugin.schema.json')\nexport { schema }\nexport { MsRequestApi } from './agent/MsRequestApi'\nexport * from './types/IMsRequestApi'\nexport * from './IssuerUtil'\n"],"mappings":";;;;;;;;AAAA;AAAA;AAAA;AAAA,MACE,eAAiB;AAAA,QACf,YAAc;AAAA,UACZ,SAAW;AAAA,YACT,qBAAuB;AAAA,cACrB,MAAQ;AAAA,cACR,YAAc;AAAA,gBACZ,oBAAsB;AAAA,kBACpB,MAAQ;AAAA,gBACV;AAAA,gBACA,sBAAwB;AAAA,kBACtB,MAAQ;AAAA,gBACV;AAAA,gBACA,QAAU;AAAA,kBACR,MAAQ;AAAA,gBACV;AAAA,cACF;AAAA,cACA,UAAY,CAAC,sBAAsB,wBAAwB,QAAQ;AAAA,cACnE,sBAAwB;AAAA,YAC1B;AAAA,YACA,uCAAyC;AAAA,cACvC,MAAQ;AAAA,cACR,YAAc;AAAA,gBACZ,YAAc;AAAA,kBACZ,MAAQ;AAAA,gBACV;AAAA,gBACA,YAAc;AAAA,kBACZ,MAAQ;AAAA,gBACV;AAAA,gBACA,gBAAkB;AAAA,kBAChB,MAAQ;AAAA,gBACV;AAAA,gBACA,uBAAyB;AAAA,kBACvB,MAAQ;AAAA,gBACV;AAAA,gBACA,WAAa;AAAA,kBACX,MAAQ;AAAA,gBACV;AAAA,gBACA,QAAU;AAAA,kBACR,MAAQ;AAAA,gBACV;AAAA,gBACA,QAAU;AAAA,kBACR,MAAQ;AAAA,kBACR,OAAS;AAAA,oBACP,MAAQ;AAAA,kBACV;AAAA,gBACF;AAAA,gBACA,WAAa;AAAA,kBACX,MAAQ;AAAA,gBACV;AAAA,gBACA,mBAAqB;AAAA,kBACnB,MAAQ;AAAA,gBACV;AAAA,gBACA,UAAY;AAAA,kBACV,MAAQ;AAAA,gBACV;AAAA,cACF;AAAA,cACA,UAAY,CAAC,cAAc,cAAc,gBAAgB;AAAA,cACzD,sBAAwB;AAAA,cACxB,aAAe;AAAA,YACjB;AAAA,YACA,UAAY;AAAA,cACV,MAAQ;AAAA,cACR,MAAQ,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC;AAAA,cACtB,aAAe;AAAA,YACjB;AAAA,YACA,uBAAyB;AAAA,cACvB,MAAQ;AAAA,cACR,YAAc;AAAA,gBACZ,WAAa;AAAA,kBACX,MAAQ;AAAA,gBACV;AAAA,gBACA,eAAiB;AAAA,kBACf,MAAQ;AAAA,gBACV;AAAA,gBACA,cAAgB;AAAA,kBACd,MAAQ;AAAA,gBACV;AAAA,gBACA,UAAY;AAAA,kBACV,MAAQ;AAAA,gBACV;AAAA,gBACA,UAAY;AAAA,kBACV,MAAQ;AAAA,gBACV;AAAA,cACF;AAAA,cACA,UAAY,CAAC,aAAa,iBAAiB,gBAAgB,YAAY,UAAU;AAAA,cACjF,sBAAwB;AAAA,YAC1B;AAAA,YACA,cAAgB;AAAA,cACd,MAAQ;AAAA,cACR,YAAc;AAAA,gBACZ,YAAc;AAAA,kBACZ,MAAQ;AAAA,gBACV;AAAA,cACF;AAAA,cACA,UAAY,CAAC,YAAY;AAAA,cACzB,sBAAwB;AAAA,YAC1B;AAAA,YACA,UAAY;AAAA,cACV,MAAQ;AAAA,cACR,YAAc;AAAA,gBACZ,KAAO;AAAA,kBACL,MAAQ;AAAA,gBACV;AAAA,gBACA,OAAS;AAAA,kBACP,MAAQ;AAAA,gBACV;AAAA,gBACA,SAAW;AAAA,kBACT,MAAQ;AAAA,gBACV;AAAA,cACF;AAAA,cACA,UAAY,CAAC,OAAO,SAAS,SAAS;AAAA,cACtC,sBAAwB;AAAA,YAC1B;AAAA,YACA,SAAW;AAAA,cACT,MAAQ;AAAA,cACR,YAAc;AAAA,gBACZ,QAAU;AAAA,kBACR,MAAQ;AAAA,gBACV;AAAA,cACF;AAAA,cACA,UAAY,CAAC,QAAQ;AAAA,cACrB,sBAAwB;AAAA,YAC1B;AAAA,YACA,iBAAmB;AAAA,cACjB,MAAQ;AAAA,cACR,YAAc;AAAA,gBACZ,MAAQ;AAAA,kBACN,MAAQ;AAAA,gBACV;AAAA,gBACA,UAAY;AAAA,kBACV,MAAQ;AAAA,gBACV;AAAA,gBACA,KAAO;AAAA,kBACL,MAAQ;AAAA,gBACV;AAAA,cACF;AAAA,cACA,UAAY,CAAC,QAAQ,YAAY,KAAK;AAAA,cACtC,sBAAwB;AAAA,YAC1B;AAAA,YACA,KAAO;AAAA,cACL,MAAQ;AAAA,cACR,YAAc;AAAA,gBACZ,OAAS;AAAA,kBACP,MAAQ;AAAA,gBACV;AAAA,gBACA,QAAU;AAAA,kBACR,MAAQ;AAAA,gBACV;AAAA,cACF;AAAA,cACA,UAAY,CAAC,SAAS,QAAQ;AAAA,cAC9B,sBAAwB;AAAA,YAC1B;AAAA,YACA,mBAAqB;AAAA,cACnB,MAAQ;AAAA,YACV;AAAA,YACA,uBAAyB;AAAA,cACvB,MAAQ;AAAA,cACR,YAAc;AAAA,gBACZ,IAAM;AAAA,kBACJ,MAAQ;AAAA,gBACV;AAAA,gBACA,WAAa;AAAA,kBACX,MAAQ;AAAA,gBACV;AAAA,gBACA,KAAO;AAAA,kBACL,MAAQ;AAAA,gBACV;AAAA,gBACA,QAAU;AAAA,kBACR,MAAQ;AAAA,kBACR,QAAU;AAAA,gBACZ;AAAA,gBACA,KAAO;AAAA,kBACL,MAAQ;AAAA,gBACV;AAAA,cACF;AAAA,cACA,UAAY,CAAC,MAAM,aAAa,OAAO,UAAU,KAAK;AAAA,cACtD,sBAAwB;AAAA,YAC1B;AAAA,UACF;AAAA,UACA,SAAW;AAAA,YACT,qBAAuB;AAAA,cACrB,aAAe;AAAA,cACf,WAAa;AAAA,gBACX,MAAQ;AAAA,cACV;AAAA,cACA,YAAc;AAAA,gBACZ,MAAQ;AAAA,cACV;AAAA,YACF;AAAA,UACF;AAAA,QACF;AAAA,MACF;AAAA,IACF;AAAA;AAAA;;;ACjMA,SACEA,iDAEAC,mBACAC,kCACAC,0CACK;;;ACJP,SAASC,aAAa;AACtB,eAAsBC,uBACpBC,cACAC,aACAC,oBAA0B;AAE1B,QAAMC,kBAAkB,GAAGD,kBAAAA,GAAqBF,aAAaI,mBAAmBC,UAAU;AAE1F,QAAMC,UAAUC,KAAKC,UAAUR,aAAaS,cAAc;AAC1D,QAAMC,eAAe;IACnBC,QAAQ;IACRC,MAAMN;IACNO,SAAS;MACP,gBAAgB;MAChB,kBAAkBP,QAAQQ,OAAOC,SAAQ;MACzCC,eAAe,UAAUf,WAAAA;IAC3B;EACF;AACA,QAAMgB,WAAW,MAAMC,MAAMf,iBAAiBO,YAAAA;AAC9C,SAAO,MAAMO,SAASE,KAAI;AAC5B;AAnBsBpB;AAqBf,SAASqB,YAAYC,QAAc;AACxC,QAAMC,MAAM;AACZ,MAAIC,MAAM,KAAKD;AACfC,QAAMC,KAAKC,IAAI,IAAIJ,SAASC,GAAAA;AAC5B,QAAMI,MAAMH,MAAM;AAClB,QAAMI,SAASH,KAAKI,MAAMJ,KAAKK,OAAM,KAAMN,MAAMG,MAAM,EAAA,IAAMA;AAC7D,UAAQ,KAAKC,QAAQG,UAAUR,GAAAA;AACjC;AAPgBF;;;ADFT,IAAMW,eAAN,MAAMA;EAtBb,OAsBaA;;;EACHC,UAAoD,oBAAIC,IAAAA;EAEvDC,UAAyB;IAChCC,qBAAqB,KAAKA,oBAAoBC,KAAK,IAAI;EACzD;;EAGA,MAAcD,oBAAoBE,oBAAyCC,SAA2D;AACpI,UAAMC,KAAKC,kBAAkBH,mBAAmBI,kBAAkB;AAClE,QAAI,CAAC,KAAKT,QAAQU,IAAIH,EAAAA,GAAK;AACzB,WAAKP,QAAQW,IAAIJ,IAAI,MAAMK,mCAAmCP,mBAAmBI,kBAAkB,CAAA;IACrG;AACA,UAAMI,aAAa,KAAKb,QAAQc,IAAIP,EAAAA;AACpC,QAAI,CAACM,YAAY;AACf,YAAME,MAAM,+CAA+CR,EAAAA,EAAI;IACjE;AACA,UAAMS,aAAa,MAAMC,iCAAiCZ,mBAAmBI,oBAAoB;MAC/FS,oBAAoBL,WAAWK;IACjC,CAAA;AACA,UAAMC,cAAcH,WAAWG;AAE/B,UAAMC,qBAAqB,MAAMC,gDAAgDhB,mBAAmBI,kBAAkB;AAGtH,QAAI,CAACJ,mBAAmBI,mBAAmBa,YAAY;AACrD,YAAM,IAAIP,MAAM,wBAAA;IAClB;AAIA,QAAIV,mBAAmBkB,qBAAqBC,SAASC,KAAK;AACxDpB,yBAAmBkB,qBAAqBC,SAASC,IAAIC,QAAQC,YAAYtB,mBAAmBkB,qBAAqBC,SAASC,IAAIG,MAAM;IACtI;AAEA,UAAMJ,WAAqB;MACzBK,MAAMxB,mBAAmBkB,qBAAqBC,SAASK;MACvDC,UAAUzB,mBAAmBkB,qBAAqBC,SAASM;MAC3DL,KAAKpB,mBAAmBkB,qBAAqBC,SAASC;MACtDM,QAAQ1B,mBAAmB0B;IAC7B;AAEA,UAAMC,iBAAiC;MACrCC,WAAW5B,mBAAmBkB,qBAAqBU;MACnDC,eAAe7B,mBAAmBkB,qBAAqBW;MACvDC,cAAc9B,mBAAmBkB,qBAAqBY;MACtDC,UAAU/B,mBAAmBkB,qBAAqBa;MAClDZ;IACF;AACA,UAAMa,eAA8B;MAClC5B,oBAAoBJ,mBAAmBI;MACvCuB;IACF;AAEA,UAAMM,OAAO,MAAMC,uBAAuBF,cAAclB,aAAaC,kBAAAA;AAKrEkB,SAAK/B,KAAK8B,aAAaL,eAAeI,SAASI;AAC/C,QAAIH,aAAaL,eAAeR,SAASC,KAAK;AAC5Ca,WAAKb,MAAMY,aAAaL,eAAeR,SAASC,IAAIC;IACtD;AACA,WAAOY;EACT;AACF;;;AEpFA,IAAMG,SAASC;","names":["assertEntraCredentialManifestUrlInCorrectRegion","determineMSAuthId","getMSClientCredentialAccessToken","newMSClientCredentialAuthenticator","fetch","fetchIssuanceRequestMs","issuanceInfo","accessToken","msIdentityHostName","requestEndpoint","authenticationInfo","azTenantId","payload","JSON","stringify","issuanceConfig","fetchOptions","method","body","headers","length","toString","Authorization","response","fetch","json","generatePin","digits","add","max","Math","pow","min","number","floor","random","substring","MsRequestApi","clients","Map","methods","issuanceRequestMsVc","bind","clientIssueRequest","context","id","determineMSAuthId","authenticationInfo","has","set","newMSClientCredentialAuthenticator","clientInfo","get","Error","authResult","getMSClientCredentialAccessToken","confidentialClient","accessToken","msIdentityHostName","assertEntraCredentialManifestUrlInCorrectRegion","azTenantId","clientIssuanceConfig","issuance","pin","value","generatePin","length","type","manifest","claims","issuanceConfig","authority","includeQRCode","registration","callback","issueRequest","resp","fetchIssuanceRequestMs","state","schema","require"]}
1
+ {"version":3,"sources":["../plugin.schema.json","../src/agent/MsRequestApi.ts","../src/IssuerUtil.ts","../src/index.ts"],"sourcesContent":["{\n \"IMsRequestApi\": {\n \"components\": {\n \"schemas\": {\n \"IClientIssueRequest\": {\n \"type\": \"object\",\n \"properties\": {\n \"authenticationInfo\": {\n \"$ref\": \"#/components/schemas/IMsAuthenticationClientCredentialArgs\"\n },\n \"clientIssuanceConfig\": {\n \"$ref\": \"#/components/schemas/IClientIssuanceConfig\"\n },\n \"claims\": {\n \"$ref\": \"#/components/schemas/CredentialSubject\"\n }\n },\n \"required\": [\"authenticationInfo\", \"clientIssuanceConfig\", \"claims\"],\n \"additionalProperties\": false\n },\n \"IMsAuthenticationClientCredentialArgs\": {\n \"type\": \"object\",\n \"properties\": {\n \"azClientId\": {\n \"type\": \"string\"\n },\n \"azTenantId\": {\n \"type\": \"string\"\n },\n \"azClientSecret\": {\n \"type\": \"string\"\n },\n \"credentialManifestUrl\": {\n \"type\": \"string\"\n },\n \"authority\": {\n \"type\": \"string\"\n },\n \"region\": {\n \"type\": \"string\"\n },\n \"scopes\": {\n \"type\": \"array\",\n \"items\": {\n \"type\": \"string\"\n }\n },\n \"skipCache\": {\n \"type\": \"boolean\"\n },\n \"piiLoggingEnabled\": {\n \"type\": \"boolean\"\n },\n \"logLevel\": {\n \"$ref\": \"#/components/schemas/LogLevel\"\n }\n },\n \"required\": [\"azClientId\", \"azTenantId\", \"azClientSecret\"],\n \"additionalProperties\": false,\n \"description\": \"azClientId: clientId of the application you're trying to login azClientSecret: secret of the application you're trying to login azTenantId: your MS Azure tenantId credentialManifestUrl: url of your credential manifest. usually in following format: https://beta.eu.did.msidentity.com/v1.0/<tenant_id>/verifiableCredential/contracts/<verifiable_credential_schema> authority: optional. if not provided, we'll use the azClientId to create the Tenanted format if provided should be one of these two formats: - Tenanted: https://login.microsoftonline.com/{tenant}/, where {tenant} is either the GUID representing the tenant ID or a domain name associated with the tenant. - Work and school accounts: https://login.microsoftonline.com/organizations/. region?: if present will use the provided, if not will make a request to determine the region scopes?: scopes that you want to access via this authentication skipCache?: whether to skip cache piiLoggingEnabled?: if not provided defaults to false logLevel?: can be one of these values: Error = 0, Warning = 1, Info = 2, Verbose = 3, Trace = 4 if not provided defaults to LogLevel.Verbose\"\n },\n \"LogLevel\": {\n \"type\": \"number\",\n \"enum\": [0, 1, 2, 3, 4],\n \"description\": \"Log message level.\"\n },\n \"IClientIssuanceConfig\": {\n \"type\": \"object\",\n \"properties\": {\n \"authority\": {\n \"type\": \"string\"\n },\n \"includeQRCode\": {\n \"type\": \"boolean\"\n },\n \"registration\": {\n \"$ref\": \"#/components/schemas/Registration\"\n },\n \"callback\": {\n \"$ref\": \"#/components/schemas/Callback\"\n },\n \"issuance\": {\n \"$ref\": \"#/components/schemas/IClientIssuance\"\n }\n },\n \"required\": [\"authority\", \"includeQRCode\", \"registration\", \"callback\", \"issuance\"],\n \"additionalProperties\": false\n },\n \"Registration\": {\n \"type\": \"object\",\n \"properties\": {\n \"clientName\": {\n \"type\": \"string\"\n }\n },\n \"required\": [\"clientName\"],\n \"additionalProperties\": false\n },\n \"Callback\": {\n \"type\": \"object\",\n \"properties\": {\n \"url\": {\n \"type\": \"string\"\n },\n \"state\": {\n \"type\": \"string\"\n },\n \"headers\": {\n \"$ref\": \"#/components/schemas/Headers\"\n }\n },\n \"required\": [\"url\", \"state\", \"headers\"],\n \"additionalProperties\": false\n },\n \"Headers\": {\n \"type\": \"object\",\n \"properties\": {\n \"apiKey\": {\n \"type\": \"string\"\n }\n },\n \"required\": [\"apiKey\"],\n \"additionalProperties\": false\n },\n \"IClientIssuance\": {\n \"type\": \"object\",\n \"properties\": {\n \"type\": {\n \"type\": \"string\"\n },\n \"manifest\": {\n \"type\": \"string\"\n },\n \"pin\": {\n \"$ref\": \"#/components/schemas/Pin\"\n }\n },\n \"required\": [\"type\", \"manifest\", \"pin\"],\n \"additionalProperties\": false\n },\n \"Pin\": {\n \"type\": \"object\",\n \"properties\": {\n \"value\": {\n \"type\": \"string\"\n },\n \"length\": {\n \"type\": \"number\"\n }\n },\n \"required\": [\"value\", \"length\"],\n \"additionalProperties\": false\n },\n \"CredentialSubject\": {\n \"type\": \"object\"\n },\n \"IIssueRequestResponse\": {\n \"type\": \"object\",\n \"properties\": {\n \"id\": {\n \"type\": \"string\"\n },\n \"requestId\": {\n \"type\": \"string\"\n },\n \"url\": {\n \"type\": \"string\"\n },\n \"expiry\": {\n \"type\": \"string\",\n \"format\": \"date-time\"\n },\n \"pin\": {\n \"type\": \"string\"\n }\n },\n \"required\": [\"id\", \"requestId\", \"url\", \"expiry\", \"pin\"],\n \"additionalProperties\": false\n }\n },\n \"methods\": {\n \"issuanceRequestMsVc\": {\n \"description\": \"\",\n \"arguments\": {\n \"$ref\": \"#/components/schemas/IClientIssueRequest\"\n },\n \"returnType\": {\n \"$ref\": \"#/components/schemas/IIssueRequestResponse\"\n }\n }\n }\n }\n }\n}\n","import {\n assertEntraCredentialManifestUrlInCorrectRegion,\n IMSClientCredentialAuthInfo,\n determineMSAuthId,\n getMSClientCredentialAccessToken,\n newMSClientCredentialAuthenticator,\n} from '@sphereon/ssi-sdk.ms-authenticator'\nimport { IAgentPlugin } from '@veramo/core'\nimport { fetchIssuanceRequestMs, generatePin } from '../IssuerUtil'\nimport {\n IClientIssueRequest,\n IIssueRequest,\n IIssueRequestResponse,\n IMsRequestApi,\n IRequiredContext,\n Issuance,\n IssuanceConfig,\n} from '../types/IMsRequestApi'\n\n/**\n * {@inheritDoc IMsRequestApi}\n */\nexport class MsRequestApi implements IAgentPlugin {\n private clients: Map<string, IMSClientCredentialAuthInfo> = new Map<string, IMSClientCredentialAuthInfo>()\n\n readonly methods: IMsRequestApi = {\n issuanceRequestMsVc: this.issuanceRequestMsVc.bind(this),\n }\n\n /** {@inheritDoc IMsRequestApi.issuanceRequestMsVc} */\n private async issuanceRequestMsVc(clientIssueRequest: IClientIssueRequest, context: IRequiredContext): Promise<IIssueRequestResponse> {\n const id = determineMSAuthId(clientIssueRequest.authenticationInfo)\n if (!this.clients.has(id)) {\n this.clients.set(id, await newMSClientCredentialAuthenticator(clientIssueRequest.authenticationInfo))\n }\n const clientInfo = this.clients.get(id)\n if (!clientInfo) {\n throw Error(`Could not get client from arguments for id: ${id}`)\n }\n const authResult = await getMSClientCredentialAccessToken(clientIssueRequest.authenticationInfo, {\n confidentialClient: clientInfo.confidentialClient,\n })\n const accessToken = authResult.accessToken\n\n const msIdentityHostName = await assertEntraCredentialManifestUrlInCorrectRegion(clientIssueRequest.authenticationInfo)\n\n // Config Request and App Config File should be a parameter to this function\n if (!clientIssueRequest.authenticationInfo.azTenantId) {\n throw new Error('azTenantId is missing.')\n }\n\n // check if pin is required, if found make sure we set a new random pin\n // pincode is only used when the payload contains claim value pairs which results in an IDTokenhint\n if (clientIssueRequest.clientIssuanceConfig.issuance.pin) {\n clientIssueRequest.clientIssuanceConfig.issuance.pin.value = generatePin(clientIssueRequest.clientIssuanceConfig.issuance.pin.length)\n }\n\n const issuance: Issuance = {\n type: clientIssueRequest.clientIssuanceConfig.issuance.type,\n manifest: clientIssueRequest.clientIssuanceConfig.issuance.manifest,\n pin: clientIssueRequest.clientIssuanceConfig.issuance.pin,\n claims: clientIssueRequest.claims,\n }\n\n const issuanceConfig: IssuanceConfig = {\n authority: clientIssueRequest.clientIssuanceConfig.authority,\n includeQRCode: clientIssueRequest.clientIssuanceConfig.includeQRCode,\n registration: clientIssueRequest.clientIssuanceConfig.registration,\n callback: clientIssueRequest.clientIssuanceConfig.callback,\n issuance: issuance,\n }\n const issueRequest: IIssueRequest = {\n authenticationInfo: clientIssueRequest.authenticationInfo,\n issuanceConfig: issuanceConfig,\n }\n\n const resp = await fetchIssuanceRequestMs(issueRequest, accessToken, msIdentityHostName)\n\n // the response from the VC Request API call is returned to the caller (the UI). It contains the URI to the request which Authenticator can download after\n // it has scanned the QR code. If the payload requested the VC Request service to create the QR code that is returned as well\n // the javascript in the UI will use that QR code to display it on the screen to the user.\n resp.id = issueRequest.issuanceConfig.callback.state // add session id so browser can pull status\n if (issueRequest.issuanceConfig.issuance.pin) {\n resp.pin = issueRequest.issuanceConfig.issuance.pin.value // add pin code so browser can display it\n }\n return resp\n }\n}\n","import { IIssueRequest, IIssueRequestResponse } from './types/IMsRequestApi'\n\nimport fetch from 'cross-fetch'\nexport async function fetchIssuanceRequestMs(\n issuanceInfo: IIssueRequest,\n accessToken: string,\n msIdentityHostName: string,\n): Promise<IIssueRequestResponse> {\n const requestEndpoint = `${msIdentityHostName}${issuanceInfo.authenticationInfo.azTenantId}/verifiablecredentials/request`\n\n const payload = JSON.stringify(issuanceInfo.issuanceConfig)\n const fetchOptions = {\n method: 'POST',\n body: payload,\n headers: {\n 'Content-Type': 'application/json',\n 'Content-Length': payload.length.toString(),\n Authorization: `Bearer ${accessToken}`,\n },\n }\n const response = await fetch(requestEndpoint, fetchOptions)\n return await response.json()\n}\n\nexport function generatePin(digits: number) {\n const add = 1\n let max = 12 - add\n max = Math.pow(10, digits + add)\n const min = max / 10 // Math.pow(10, n) basically\n const number = Math.floor(Math.random() * (max - min + 1)) + min\n return ('' + number).substring(add)\n}\n","/**\n * @public\n */\nconst schema = require('../plugin.schema.json')\nexport { schema }\nexport { MsRequestApi } from './agent/MsRequestApi'\nexport * from './types/IMsRequestApi'\nexport * from './IssuerUtil'\n"],"mappings":";;;;;;;;AAAA;AAAA;AAAA;AAAA,MACE,eAAiB;AAAA,QACf,YAAc;AAAA,UACZ,SAAW;AAAA,YACT,qBAAuB;AAAA,cACrB,MAAQ;AAAA,cACR,YAAc;AAAA,gBACZ,oBAAsB;AAAA,kBACpB,MAAQ;AAAA,gBACV;AAAA,gBACA,sBAAwB;AAAA,kBACtB,MAAQ;AAAA,gBACV;AAAA,gBACA,QAAU;AAAA,kBACR,MAAQ;AAAA,gBACV;AAAA,cACF;AAAA,cACA,UAAY,CAAC,sBAAsB,wBAAwB,QAAQ;AAAA,cACnE,sBAAwB;AAAA,YAC1B;AAAA,YACA,uCAAyC;AAAA,cACvC,MAAQ;AAAA,cACR,YAAc;AAAA,gBACZ,YAAc;AAAA,kBACZ,MAAQ;AAAA,gBACV;AAAA,gBACA,YAAc;AAAA,kBACZ,MAAQ;AAAA,gBACV;AAAA,gBACA,gBAAkB;AAAA,kBAChB,MAAQ;AAAA,gBACV;AAAA,gBACA,uBAAyB;AAAA,kBACvB,MAAQ;AAAA,gBACV;AAAA,gBACA,WAAa;AAAA,kBACX,MAAQ;AAAA,gBACV;AAAA,gBACA,QAAU;AAAA,kBACR,MAAQ;AAAA,gBACV;AAAA,gBACA,QAAU;AAAA,kBACR,MAAQ;AAAA,kBACR,OAAS;AAAA,oBACP,MAAQ;AAAA,kBACV;AAAA,gBACF;AAAA,gBACA,WAAa;AAAA,kBACX,MAAQ;AAAA,gBACV;AAAA,gBACA,mBAAqB;AAAA,kBACnB,MAAQ;AAAA,gBACV;AAAA,gBACA,UAAY;AAAA,kBACV,MAAQ;AAAA,gBACV;AAAA,cACF;AAAA,cACA,UAAY,CAAC,cAAc,cAAc,gBAAgB;AAAA,cACzD,sBAAwB;AAAA,cACxB,aAAe;AAAA,YACjB;AAAA,YACA,UAAY;AAAA,cACV,MAAQ;AAAA,cACR,MAAQ,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC;AAAA,cACtB,aAAe;AAAA,YACjB;AAAA,YACA,uBAAyB;AAAA,cACvB,MAAQ;AAAA,cACR,YAAc;AAAA,gBACZ,WAAa;AAAA,kBACX,MAAQ;AAAA,gBACV;AAAA,gBACA,eAAiB;AAAA,kBACf,MAAQ;AAAA,gBACV;AAAA,gBACA,cAAgB;AAAA,kBACd,MAAQ;AAAA,gBACV;AAAA,gBACA,UAAY;AAAA,kBACV,MAAQ;AAAA,gBACV;AAAA,gBACA,UAAY;AAAA,kBACV,MAAQ;AAAA,gBACV;AAAA,cACF;AAAA,cACA,UAAY,CAAC,aAAa,iBAAiB,gBAAgB,YAAY,UAAU;AAAA,cACjF,sBAAwB;AAAA,YAC1B;AAAA,YACA,cAAgB;AAAA,cACd,MAAQ;AAAA,cACR,YAAc;AAAA,gBACZ,YAAc;AAAA,kBACZ,MAAQ;AAAA,gBACV;AAAA,cACF;AAAA,cACA,UAAY,CAAC,YAAY;AAAA,cACzB,sBAAwB;AAAA,YAC1B;AAAA,YACA,UAAY;AAAA,cACV,MAAQ;AAAA,cACR,YAAc;AAAA,gBACZ,KAAO;AAAA,kBACL,MAAQ;AAAA,gBACV;AAAA,gBACA,OAAS;AAAA,kBACP,MAAQ;AAAA,gBACV;AAAA,gBACA,SAAW;AAAA,kBACT,MAAQ;AAAA,gBACV;AAAA,cACF;AAAA,cACA,UAAY,CAAC,OAAO,SAAS,SAAS;AAAA,cACtC,sBAAwB;AAAA,YAC1B;AAAA,YACA,SAAW;AAAA,cACT,MAAQ;AAAA,cACR,YAAc;AAAA,gBACZ,QAAU;AAAA,kBACR,MAAQ;AAAA,gBACV;AAAA,cACF;AAAA,cACA,UAAY,CAAC,QAAQ;AAAA,cACrB,sBAAwB;AAAA,YAC1B;AAAA,YACA,iBAAmB;AAAA,cACjB,MAAQ;AAAA,cACR,YAAc;AAAA,gBACZ,MAAQ;AAAA,kBACN,MAAQ;AAAA,gBACV;AAAA,gBACA,UAAY;AAAA,kBACV,MAAQ;AAAA,gBACV;AAAA,gBACA,KAAO;AAAA,kBACL,MAAQ;AAAA,gBACV;AAAA,cACF;AAAA,cACA,UAAY,CAAC,QAAQ,YAAY,KAAK;AAAA,cACtC,sBAAwB;AAAA,YAC1B;AAAA,YACA,KAAO;AAAA,cACL,MAAQ;AAAA,cACR,YAAc;AAAA,gBACZ,OAAS;AAAA,kBACP,MAAQ;AAAA,gBACV;AAAA,gBACA,QAAU;AAAA,kBACR,MAAQ;AAAA,gBACV;AAAA,cACF;AAAA,cACA,UAAY,CAAC,SAAS,QAAQ;AAAA,cAC9B,sBAAwB;AAAA,YAC1B;AAAA,YACA,mBAAqB;AAAA,cACnB,MAAQ;AAAA,YACV;AAAA,YACA,uBAAyB;AAAA,cACvB,MAAQ;AAAA,cACR,YAAc;AAAA,gBACZ,IAAM;AAAA,kBACJ,MAAQ;AAAA,gBACV;AAAA,gBACA,WAAa;AAAA,kBACX,MAAQ;AAAA,gBACV;AAAA,gBACA,KAAO;AAAA,kBACL,MAAQ;AAAA,gBACV;AAAA,gBACA,QAAU;AAAA,kBACR,MAAQ;AAAA,kBACR,QAAU;AAAA,gBACZ;AAAA,gBACA,KAAO;AAAA,kBACL,MAAQ;AAAA,gBACV;AAAA,cACF;AAAA,cACA,UAAY,CAAC,MAAM,aAAa,OAAO,UAAU,KAAK;AAAA,cACtD,sBAAwB;AAAA,YAC1B;AAAA,UACF;AAAA,UACA,SAAW;AAAA,YACT,qBAAuB;AAAA,cACrB,aAAe;AAAA,cACf,WAAa;AAAA,gBACX,MAAQ;AAAA,cACV;AAAA,cACA,YAAc;AAAA,gBACZ,MAAQ;AAAA,cACV;AAAA,YACF;AAAA,UACF;AAAA,QACF;AAAA,MACF;AAAA,IACF;AAAA;AAAA;;;ACjMA,SACEA,iDAEAC,mBACAC,kCACAC,0CACK;;;ACJP,OAAOC,WAAW;AAClB,eAAsBC,uBACpBC,cACAC,aACAC,oBAA0B;AAE1B,QAAMC,kBAAkB,GAAGD,kBAAAA,GAAqBF,aAAaI,mBAAmBC,UAAU;AAE1F,QAAMC,UAAUC,KAAKC,UAAUR,aAAaS,cAAc;AAC1D,QAAMC,eAAe;IACnBC,QAAQ;IACRC,MAAMN;IACNO,SAAS;MACP,gBAAgB;MAChB,kBAAkBP,QAAQQ,OAAOC,SAAQ;MACzCC,eAAe,UAAUf,WAAAA;IAC3B;EACF;AACA,QAAMgB,WAAW,MAAMC,MAAMf,iBAAiBO,YAAAA;AAC9C,SAAO,MAAMO,SAASE,KAAI;AAC5B;AAnBsBpB;AAqBf,SAASqB,YAAYC,QAAc;AACxC,QAAMC,MAAM;AACZ,MAAIC,MAAM,KAAKD;AACfC,QAAMC,KAAKC,IAAI,IAAIJ,SAASC,GAAAA;AAC5B,QAAMI,MAAMH,MAAM;AAClB,QAAMI,SAASH,KAAKI,MAAMJ,KAAKK,OAAM,KAAMN,MAAMG,MAAM,EAAA,IAAMA;AAC7D,UAAQ,KAAKC,QAAQG,UAAUR,GAAAA;AACjC;AAPgBF;;;ADFT,IAAMW,eAAN,MAAMA;EAtBb,OAsBaA;;;EACHC,UAAoD,oBAAIC,IAAAA;EAEvDC,UAAyB;IAChCC,qBAAqB,KAAKA,oBAAoBC,KAAK,IAAI;EACzD;;EAGA,MAAcD,oBAAoBE,oBAAyCC,SAA2D;AACpI,UAAMC,KAAKC,kBAAkBH,mBAAmBI,kBAAkB;AAClE,QAAI,CAAC,KAAKT,QAAQU,IAAIH,EAAAA,GAAK;AACzB,WAAKP,QAAQW,IAAIJ,IAAI,MAAMK,mCAAmCP,mBAAmBI,kBAAkB,CAAA;IACrG;AACA,UAAMI,aAAa,KAAKb,QAAQc,IAAIP,EAAAA;AACpC,QAAI,CAACM,YAAY;AACf,YAAME,MAAM,+CAA+CR,EAAAA,EAAI;IACjE;AACA,UAAMS,aAAa,MAAMC,iCAAiCZ,mBAAmBI,oBAAoB;MAC/FS,oBAAoBL,WAAWK;IACjC,CAAA;AACA,UAAMC,cAAcH,WAAWG;AAE/B,UAAMC,qBAAqB,MAAMC,gDAAgDhB,mBAAmBI,kBAAkB;AAGtH,QAAI,CAACJ,mBAAmBI,mBAAmBa,YAAY;AACrD,YAAM,IAAIP,MAAM,wBAAA;IAClB;AAIA,QAAIV,mBAAmBkB,qBAAqBC,SAASC,KAAK;AACxDpB,yBAAmBkB,qBAAqBC,SAASC,IAAIC,QAAQC,YAAYtB,mBAAmBkB,qBAAqBC,SAASC,IAAIG,MAAM;IACtI;AAEA,UAAMJ,WAAqB;MACzBK,MAAMxB,mBAAmBkB,qBAAqBC,SAASK;MACvDC,UAAUzB,mBAAmBkB,qBAAqBC,SAASM;MAC3DL,KAAKpB,mBAAmBkB,qBAAqBC,SAASC;MACtDM,QAAQ1B,mBAAmB0B;IAC7B;AAEA,UAAMC,iBAAiC;MACrCC,WAAW5B,mBAAmBkB,qBAAqBU;MACnDC,eAAe7B,mBAAmBkB,qBAAqBW;MACvDC,cAAc9B,mBAAmBkB,qBAAqBY;MACtDC,UAAU/B,mBAAmBkB,qBAAqBa;MAClDZ;IACF;AACA,UAAMa,eAA8B;MAClC5B,oBAAoBJ,mBAAmBI;MACvCuB;IACF;AAEA,UAAMM,OAAO,MAAMC,uBAAuBF,cAAclB,aAAaC,kBAAAA;AAKrEkB,SAAK/B,KAAK8B,aAAaL,eAAeI,SAASI;AAC/C,QAAIH,aAAaL,eAAeR,SAASC,KAAK;AAC5Ca,WAAKb,MAAMY,aAAaL,eAAeR,SAASC,IAAIC;IACtD;AACA,WAAOY;EACT;AACF;;;AEpFA,IAAMG,SAASC;","names":["assertEntraCredentialManifestUrlInCorrectRegion","determineMSAuthId","getMSClientCredentialAccessToken","newMSClientCredentialAuthenticator","fetch","fetchIssuanceRequestMs","issuanceInfo","accessToken","msIdentityHostName","requestEndpoint","authenticationInfo","azTenantId","payload","JSON","stringify","issuanceConfig","fetchOptions","method","body","headers","length","toString","Authorization","response","fetch","json","generatePin","digits","add","max","Math","pow","min","number","floor","random","substring","MsRequestApi","clients","Map","methods","issuanceRequestMsVc","bind","clientIssueRequest","context","id","determineMSAuthId","authenticationInfo","has","set","newMSClientCredentialAuthenticator","clientInfo","get","Error","authResult","getMSClientCredentialAccessToken","confidentialClient","accessToken","msIdentityHostName","assertEntraCredentialManifestUrlInCorrectRegion","azTenantId","clientIssuanceConfig","issuance","pin","value","generatePin","length","type","manifest","claims","issuanceConfig","authority","includeQRCode","registration","callback","issueRequest","resp","fetchIssuanceRequestMs","state","schema","require"]}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@sphereon/ssi-sdk.ms-request-api",
3
- "version": "0.34.1-next.3+6c49ea2f",
3
+ "version": "0.34.1-next.323+d3f5079e",
4
4
  "source": "src/index.ts",
5
5
  "type": "module",
6
6
  "main": "./dist/index.cjs",
@@ -24,16 +24,16 @@
24
24
  },
25
25
  "scripts": {
26
26
  "build": "tsup --config ../../tsup.config.ts --tsconfig ../../tsconfig.tsup.json",
27
- "generate-plugin-schema": "ts-node ../../packages/dev/bin/sphereon.js dev generate-plugin-schema"
27
+ "generate-plugin-schema": "tsx ../../packages/dev/bin/sphereon.js dev generate-plugin-schema"
28
28
  },
29
29
  "dependencies": {
30
- "@sphereon/ssi-sdk.ms-authenticator": "0.34.1-next.3+6c49ea2f",
30
+ "@sphereon/ssi-sdk.ms-authenticator": "0.34.1-next.323+d3f5079e",
31
31
  "@veramo/core": "4.2.0",
32
- "cross-fetch": "^3.1.8"
32
+ "cross-fetch": "^4.1.0"
33
33
  },
34
34
  "devDependencies": {
35
- "@sphereon/ssi-sdk.agent-config": "0.34.1-next.3+6c49ea2f",
36
- "@sphereon/ssi-sdk.credential-store": "0.34.1-next.3+6c49ea2f",
35
+ "@sphereon/ssi-sdk.agent-config": "0.34.1-next.323+d3f5079e",
36
+ "@sphereon/ssi-sdk.credential-store": "0.34.1-next.323+d3f5079e",
37
37
  "@types/express": "^4.17.21",
38
38
  "@types/express-session": "^1.18.0",
39
39
  "@types/node": "^20.17.1",
@@ -74,5 +74,5 @@
74
74
  "API",
75
75
  "Issuer"
76
76
  ],
77
- "gitHead": "6c49ea2f9c1bc61641ca2c98e3aa0a5b48018d91"
77
+ "gitHead": "d3f5079e9d38e5e63abb8695829b724a03180a47"
78
78
  }
package/src/IssuerUtil.ts CHANGED
@@ -1,6 +1,6 @@
1
1
  import { IIssueRequest, IIssueRequestResponse } from './types/IMsRequestApi'
2
2
 
3
- import { fetch } from 'cross-fetch'
3
+ import fetch from 'cross-fetch'
4
4
  export async function fetchIssuanceRequestMs(
5
5
  issuanceInfo: IIssueRequest,
6
6
  accessToken: string,