@sphereon/ssi-sdk.oid4vci-holder 0.32.0 → 0.32.1-feature.MWALL.715.47

package/src/agent/OID4VCIHolderService.ts

@@ -1,6 +1,8 @@
 import { LOG } from '@sphereon/oid4vci-client'
 import {
   CredentialConfigurationSupported,
+  CredentialSupportedSdJwtVc,
+  CredentialConfigurationSupportedSdJwtVcV1_0_13,
   CredentialOfferFormatV1_0_11,
   CredentialResponse,
   getSupportedCredentials,
@@ -30,6 +32,7 @@ import {
   OriginalVerifiableCredential,
   sdJwtDecodedCredentialToUniformCredential,
   SdJwtDecodedVerifiableCredential,
+  SdJwtTypeMetadata,
   W3CVerifiableCredential,
   WrappedVerifiableCredential,
 } from '@sphereon/ssi-types'
@@ -54,31 +57,47 @@ import {
   VerificationResult,
   VerifyCredentialToAcceptArgs,
 } from '../types/IOID4VCIHolder'
-import { getCredentialBrandingFrom, issuerLocaleBrandingFrom } from './OIDC4VCIBrandingMapper'
+import { oid4vciGetCredentialBrandingFrom, sdJwtGetCredentialBrandingFrom, issuerLocaleBrandingFrom } from './OIDC4VCIBrandingMapper'
 
 export const getCredentialBranding = async (args: GetCredentialBrandingArgs): Promise<Record<string, Array<IBasicCredentialLocaleBranding>>> => {
   const { credentialsSupported, context } = args
   const credentialBranding: Record<string, Array<IBasicCredentialLocaleBranding>> = {}
   await Promise.all(
-    Object.entries(credentialsSupported).map(async ([configId, credentialsConfigSupported]) => {
-      const mappedLocaleBranding = await getCredentialBrandingFrom({
-        credentialDisplay: credentialsConfigSupported.display,
-        issuerCredentialSubject:
-          // @ts-ignore // FIXME SPRIND-123 add proper support for type recognition as claim display can be located elsewhere for v13
-          credentialsSupported.claims !== undefined ? credentialsConfigSupported.claims : credentialsConfigSupported.credentialSubject,
-      })
-
+    Object.entries(credentialsSupported).map(async ([configId, credentialsConfigSupported]): Promise<void> => {
+      let sdJwtTypeMetadata: SdJwtTypeMetadata | undefined
+      if (credentialsConfigSupported.format === 'vc+sd-jwt') {
+        const vct = (<CredentialSupportedSdJwtVc | CredentialConfigurationSupportedSdJwtVcV1_0_13>credentialsConfigSupported).vct
+        if (vct.startsWith('http')) {
+          try {
+            sdJwtTypeMetadata = await context.agent.fetchSdJwtTypeMetadataFromVctUrl({ vct })
+          } catch {
+            // For now, we are just going to ignore and continue without any branding as we still have a fallback
+          }
+        }
+      }
+      let mappedLocaleBranding: Array<IBasicCredentialLocaleBranding> = []
+      if (sdJwtTypeMetadata) {
+        mappedLocaleBranding = await sdJwtGetCredentialBrandingFrom({
+          credentialDisplay: sdJwtTypeMetadata.display,
+          claimsMetadata: sdJwtTypeMetadata.claims,
+        })
+      } else {
+        mappedLocaleBranding = await oid4vciGetCredentialBrandingFrom({
+          credentialDisplay: credentialsConfigSupported.display,
+          issuerCredentialSubject:
+            // @ts-ignore // FIXME SPRIND-123 add proper support for type recognition as claim display can be located elsewhere for v13
+            credentialsSupported.claims !== undefined ? credentialsConfigSupported.claims : credentialsConfigSupported.credentialSubject,
+        })
+      }
       // TODO we should make the mapper part of the plugin, so that the logic for getting the branding becomes more clear and easier to use
       const localeBranding = await Promise.all(
-        (mappedLocaleBranding ?? []).map(
+        mappedLocaleBranding.map(
           async (localeBranding): Promise<IBasicCredentialLocaleBranding> => await context.agent.ibCredentialLocaleBrandingFrom({ localeBranding }),
         ),
       )
-
       const defaultCredentialType = 'VerifiableCredential'
       const configSupportedTypes = getTypesFromCredentialSupported(credentialsConfigSupported)
       const credentialTypes: Array<string> = configSupportedTypes.length === 0 ? asArray(defaultCredentialType) : configSupportedTypes
-
       const filteredCredentialTypes = credentialTypes.filter((type: string): boolean => type !== defaultCredentialType)
       credentialBranding[filteredCredentialTypes[0]] = localeBranding // TODO for now taking the first type
     }),

package/src/agent/OIDC4VCIBrandingMapper.ts

@@ -1,16 +1,79 @@
 import { CredentialsSupportedDisplay, NameAndLocale } from '@sphereon/oid4vci-common'
 import { IBasicCredentialClaim, IBasicCredentialLocaleBranding, IBasicIssuerLocaleBranding } from '@sphereon/ssi-sdk.data-store'
+import { SdJwtClaimDisplayMetadata, SdJwtClaimMetadata, SdJwtClaimPath, SdJwtTypeDisplayMetadata } from '@sphereon/ssi-types'
 import {
-  CredentialLocaleBrandingFromArgs,
   IssuerLocaleBrandingFromArgs,
-  CredentialBrandingFromArgs,
-  CredentialDisplayLocalesFromArgs,
-  IssuerCredentialSubjectLocalesFromArgs,
-  CombineLocalesFromArgs,
+  Oid4vciCombineDisplayLocalesFromArgs,
+  Oid4vciCredentialDisplayLocalesFromArgs,
+  Oid4vciCredentialLocaleBrandingFromArgs,
+  Oid4vciGetCredentialBrandingFromArgs,
+  Oid4vciIssuerCredentialSubjectLocalesFromArgs,
+  SdJwtCombineDisplayLocalesFromArgs,
+  SdJwtCredentialClaimLocalesFromArgs,
+  SdJwtCredentialDisplayLocalesFromArgs,
+  SdJwtCredentialLocaleBrandingFromArgs,
+  SdJwtGetCredentialBrandingFromArgs,
 } from '../types/IOID4VCIHolder'
 
 // FIXME should we not move this to the branding plugin?
-export const credentialLocaleBrandingFrom = async (args: CredentialLocaleBrandingFromArgs): Promise<IBasicCredentialLocaleBranding> => {
+
+export const oid4vciGetCredentialBrandingFrom = async (
+  args: Oid4vciGetCredentialBrandingFromArgs,
+): Promise<Array<IBasicCredentialLocaleBranding>> => {
+  const { credentialDisplay, issuerCredentialSubject } = args
+
+  return oid4vciCombineDisplayLocalesFrom({
+    ...(issuerCredentialSubject && { issuerCredentialSubjectLocales: await oid4vciIssuerCredentialSubjectLocalesFrom({ issuerCredentialSubject }) }),
+    ...(credentialDisplay && { credentialDisplayLocales: await oid4vciCredentialDisplayLocalesFrom({ credentialDisplay }) }),
+  })
+}
+
+export const oid4vciCredentialDisplayLocalesFrom = async (
+  args: Oid4vciCredentialDisplayLocalesFromArgs,
+): Promise<Map<string, CredentialsSupportedDisplay>> => {
+  const { credentialDisplay } = args
+  return credentialDisplay.reduce((localeDisplays, display) => {
+    const localeKey = display.locale || ''
+    localeDisplays.set(localeKey, display)
+    return localeDisplays
+  }, new Map<string, CredentialsSupportedDisplay>())
+}
+
+export const oid4vciIssuerCredentialSubjectLocalesFrom = async (
+  args: Oid4vciIssuerCredentialSubjectLocalesFromArgs,
+): Promise<Map<string, Array<IBasicCredentialClaim>>> => {
+  const { issuerCredentialSubject } = args
+  const localeClaims = new Map<string, Array<IBasicCredentialClaim>>()
+
+  const processClaimObject = (claim: any, parentKey: string = ''): void => {
+    Object.entries(claim).forEach(([key, value]): void => {
+      if (key === 'mandatory' || key === 'value_type') {
+        return
+      }
+
+      if (key === 'display' && Array.isArray(value)) {
+        value.forEach(({ name, locale = '' }: NameAndLocale): void => {
+          if (!name) {
+            return
+          }
+
+          //const localeKey = locale || ''
+          if (!localeClaims.has(locale)) {
+            localeClaims.set(locale, [])
+          }
+          localeClaims.get(locale)!.push({ key: parentKey, name })
+        })
+      } else if (typeof value === 'object' && value !== null) {
+        processClaimObject(value, parentKey ? `${parentKey}.${key}` : key)
+      }
+    })
+  }
+
+  processClaimObject(issuerCredentialSubject)
+  return localeClaims
+}
+
+export const oid4vciCredentialLocaleBrandingFrom = async (args: Oid4vciCredentialLocaleBrandingFromArgs): Promise<IBasicCredentialLocaleBranding> => {
   const { credentialDisplay } = args
 
   return {
@@ -59,6 +122,126 @@ export const credentialLocaleBrandingFrom = async (args: CredentialLocaleBrandin
   }
 }
 
+export const oid4vciCombineDisplayLocalesFrom = async (
+  args: Oid4vciCombineDisplayLocalesFromArgs,
+): Promise<Array<IBasicCredentialLocaleBranding>> => {
+  const {
+    credentialDisplayLocales = new Map<string, CredentialsSupportedDisplay>(),
+    issuerCredentialSubjectLocales = new Map<string, Array<IBasicCredentialClaim>>(),
+  } = args
+
+  const locales: Array<string> = Array.from(new Set([...issuerCredentialSubjectLocales.keys(), ...credentialDisplayLocales.keys()]))
+
+  return Promise.all(
+    locales.map(async (locale: string): Promise<IBasicCredentialLocaleBranding> => {
+      const display = credentialDisplayLocales.get(locale)
+      const claims = issuerCredentialSubjectLocales.get(locale)
+
+      return {
+        ...(display && (await oid4vciCredentialLocaleBrandingFrom({ credentialDisplay: display }))),
+        ...(locale.length > 0 && { locale }),
+        claims,
+      }
+    }),
+  )
+}
+
+export const sdJwtGetCredentialBrandingFrom = async (args: SdJwtGetCredentialBrandingFromArgs): Promise<Array<IBasicCredentialLocaleBranding>> => {
+  const { credentialDisplay, claimsMetadata } = args
+
+  return sdJwtCombineDisplayLocalesFrom({
+    ...(claimsMetadata && { claimsMetadata: await sdJwtCredentialClaimLocalesFrom({ claimsMetadata }) }),
+    ...(credentialDisplay && { credentialDisplayLocales: await sdJwtCredentialDisplayLocalesFrom({ credentialDisplay }) }),
+  })
+}
+
+export const sdJwtCredentialDisplayLocalesFrom = async (
+  args: SdJwtCredentialDisplayLocalesFromArgs,
+): Promise<Map<string, SdJwtTypeDisplayMetadata>> => {
+  const { credentialDisplay } = args
+  return credentialDisplay.reduce((localeDisplays, display) => {
+    const localeKey = display.lang || ''
+    localeDisplays.set(localeKey, display)
+    return localeDisplays
+  }, new Map<string, SdJwtTypeDisplayMetadata>())
+}
+
+export const sdJwtCredentialClaimLocalesFrom = async (
+  args: SdJwtCredentialClaimLocalesFromArgs,
+): Promise<Map<string, Array<IBasicCredentialClaim>>> => {
+  const { claimsMetadata } = args
+  const localeClaims = new Map<string, Array<IBasicCredentialClaim>>()
+
+  claimsMetadata.forEach((claim: SdJwtClaimMetadata): void => {
+    claim.display?.forEach((display: SdJwtClaimDisplayMetadata): void => {
+      const { lang = '', label } = display
+      const key = claim.path.map((value: SdJwtClaimPath) => String(value)).join('.')
+      if (!localeClaims.has(lang)) {
+        localeClaims.set(lang, [])
+      }
+      localeClaims.get(lang)!.push({ key, name: label })
+    })
+  })
+
+  return localeClaims
+}
+
+export const sdJwtCredentialLocaleBrandingFrom = async (args: SdJwtCredentialLocaleBrandingFromArgs): Promise<IBasicCredentialLocaleBranding> => {
+  const { credentialDisplay } = args
+
+  return {
+    ...(credentialDisplay.name && {
+      alias: credentialDisplay.name,
+    }),
+    ...(credentialDisplay.lang && {
+      locale: credentialDisplay.lang,
+    }),
+    ...(credentialDisplay.rendering?.simple?.logo && {
+      logo: {
+        ...(credentialDisplay.rendering.simple.logo.uri && {
+          uri: credentialDisplay.rendering.simple.logo.uri,
+        }),
+        ...(credentialDisplay.rendering.simple.logo.alt_text && {
+          alt: credentialDisplay.rendering.simple.logo.alt_text,
+        }),
+      },
+    }),
+    ...(credentialDisplay.description && {
+      description: credentialDisplay.description,
+    }),
+    ...(credentialDisplay.rendering?.simple?.text_color && {
+      text: {
+        color: credentialDisplay.rendering.simple.text_color,
+      },
+    }),
+    ...(credentialDisplay.rendering?.simple?.background_color && {
+      background: {
+        color: credentialDisplay.rendering.simple.background_color,
+      },
+    }),
+  }
+}
+
+export const sdJwtCombineDisplayLocalesFrom = async (args: SdJwtCombineDisplayLocalesFromArgs): Promise<Array<IBasicCredentialLocaleBranding>> => {
+  const { credentialDisplayLocales = new Map<string, SdJwtTypeDisplayMetadata>(), claimsMetadata = new Map<string, Array<IBasicCredentialClaim>>() } =
+    args
+
+  const locales: Array<string> = Array.from(new Set([...claimsMetadata.keys(), ...credentialDisplayLocales.keys()]))
+
+  return Promise.all(
+    locales.map(async (locale: string): Promise<IBasicCredentialLocaleBranding> => {
+      const display = credentialDisplayLocales.get(locale)
+      const claims = claimsMetadata.get(locale)
+
+      return {
+        ...(display && (await sdJwtCredentialLocaleBrandingFrom({ credentialDisplay: display }))),
+        ...(locale.length > 0 && { locale }),
+        claims,
+      }
+    }),
+  )
+}
+
 // TODO since dynamicRegistrationClientMetadata can also be on a RP, we should start using this mapper in a more general way
 export const issuerLocaleBrandingFrom = async (args: IssuerLocaleBrandingFromArgs): Promise<IBasicIssuerLocaleBranding> => {
   const { issuerDisplay, dynamicRegistrationClientMetadata } = args
@@ -108,77 +291,3 @@ export const issuerLocaleBrandingFrom = async (args: IssuerLocaleBrandingFromArg
     }),
   }
 }
-
-export const getCredentialBrandingFrom = async (args: CredentialBrandingFromArgs): Promise<Array<IBasicCredentialLocaleBranding>> => {
-  const { credentialDisplay, issuerCredentialSubject } = args
-
-  return combineDisplayLocalesFrom({
-    ...(issuerCredentialSubject && { issuerCredentialSubjectLocales: await issuerCredentialSubjectLocalesFrom({ issuerCredentialSubject }) }),
-    ...(credentialDisplay && { credentialDisplayLocales: await credentialDisplayLocalesFrom({ credentialDisplay }) }),
-  })
-}
-
-const credentialDisplayLocalesFrom = async (args: CredentialDisplayLocalesFromArgs): Promise<Map<string, CredentialsSupportedDisplay>> => {
-  const { credentialDisplay } = args
-  return credentialDisplay.reduce((localeDisplays, display) => {
-    const localeKey = display.locale || ''
-    localeDisplays.set(localeKey, display)
-    return localeDisplays
-  }, new Map<string, CredentialsSupportedDisplay>())
-}
-
-const issuerCredentialSubjectLocalesFrom = async (
-  args: IssuerCredentialSubjectLocalesFromArgs,
-): Promise<Map<string, Array<IBasicCredentialClaim>>> => {
-  const { issuerCredentialSubject } = args
-  const localeClaims = new Map<string, Array<IBasicCredentialClaim>>()
-
-  const processClaimObject = (claim: any, parentKey: string = ''): void => {
-    Object.entries(claim).forEach(([key, value]): void => {
-      if (key === 'mandatory' || key === 'value_type') {
-        return
-      }
-
-      if (key === 'display' && Array.isArray(value)) {
-        value.forEach(({ name, locale }: NameAndLocale): void => {
-          if (!name) {
-            return
-          }
-
-          const localeKey = locale || ''
-          if (!localeClaims.has(localeKey)) {
-            localeClaims.set(localeKey, [])
-          }
-          localeClaims.get(localeKey)!.push({ key: parentKey, name })
-        })
-      } else if (typeof value === 'object' && value !== null) {
-        processClaimObject(value, parentKey ? `${parentKey}.${key}` : key)
-      }
-    })
-  }
-
-  processClaimObject(issuerCredentialSubject)
-  return localeClaims
-}
-
-const combineDisplayLocalesFrom = async (args: CombineLocalesFromArgs): Promise<Array<IBasicCredentialLocaleBranding>> => {
-  const {
-    credentialDisplayLocales = new Map<string, CredentialsSupportedDisplay>(),
-    issuerCredentialSubjectLocales = new Map<string, Array<IBasicCredentialClaim>>(),
-  } = args
-
-  const locales: Array<string> = Array.from(new Set([...issuerCredentialSubjectLocales.keys(), ...credentialDisplayLocales.keys()]))
-
-  return Promise.all(
-    locales.map(async (locale: string): Promise<IBasicCredentialLocaleBranding> => {
-      const display = credentialDisplayLocales.get(locale)
-      const claims = issuerCredentialSubjectLocales.get(locale)
-
-      return {
-        ...(display && (await credentialLocaleBrandingFrom({ credentialDisplay: display }))),
-        ...(locale.length > 0 && { locale }),
-        claims,
-      }
-    }),
-  )
-}

package/src/types/IOID4VCIHolder.ts

@@ -43,6 +43,8 @@ import {
   JoseSignatureAlgorithm,
   JoseSignatureAlgorithmString,
   OriginalVerifiableCredential,
+  SdJwtTypeDisplayMetadata,
+  SdJwtClaimMetadata,
   W3CVerifiableCredential,
   WrappedVerifiableCredential,
   WrappedVerifiablePresentation,
@@ -667,33 +669,55 @@ export type VerifyEBSICredentialIssuerResult = {
   attributes: Attribute[]
 }
 
-export type CredentialLocaleBrandingFromArgs = {
+export type Oid4vciCredentialLocaleBrandingFromArgs = {
   credentialDisplay: CredentialsSupportedDisplay
 }
 
+export type SdJwtCredentialLocaleBrandingFromArgs = {
+  credentialDisplay: SdJwtTypeDisplayMetadata
+}
+
+export type SdJwtGetCredentialBrandingFromArgs = {
+  credentialDisplay?: Array<SdJwtTypeDisplayMetadata>
+  claimsMetadata?: Array<SdJwtClaimMetadata>
+}
+
+export type SdJwtCredentialClaimLocalesFromArgs = {
+  claimsMetadata: Array<SdJwtClaimMetadata>
+}
+
 export type IssuerLocaleBrandingFromArgs = {
   issuerDisplay: MetadataDisplay
   dynamicRegistrationClientMetadata?: DynamicRegistrationClientMetadataDisplay
 }
 
-export type CredentialBrandingFromArgs = {
+export type Oid4vciGetCredentialBrandingFromArgs = {
   credentialDisplay?: Array<CredentialsSupportedDisplay>
   issuerCredentialSubject?: IssuerCredentialSubject
 }
 
-export type CredentialDisplayLocalesFromArgs = {
+export type Oid4vciCredentialDisplayLocalesFromArgs = {
   credentialDisplay: Array<CredentialsSupportedDisplay>
 }
 
-export type IssuerCredentialSubjectLocalesFromArgs = {
+export type SdJwtCredentialDisplayLocalesFromArgs = {
+  credentialDisplay: Array<SdJwtTypeDisplayMetadata>
+}
+
+export type Oid4vciIssuerCredentialSubjectLocalesFromArgs = {
   issuerCredentialSubject: IssuerCredentialSubject
 }
 
-export type CombineLocalesFromArgs = {
+export type Oid4vciCombineDisplayLocalesFromArgs = {
   credentialDisplayLocales?: Map<string, CredentialsSupportedDisplay>
   issuerCredentialSubjectLocales?: Map<string, Array<IBasicCredentialClaim>>
 }
 
+export type SdJwtCombineDisplayLocalesFromArgs = {
+  credentialDisplayLocales?: Map<string, SdJwtTypeDisplayMetadata>
+  claimsMetadata?: Map<string, Array<IBasicCredentialClaim>>
+}
+
 export type DynamicRegistrationClientMetadataDisplay = Pick<
   DynamicRegistrationClientMetadata,
   'client_name' | 'client_uri' | 'contacts' | 'tos_uri' | 'policy_uri' | 'logo_uri'