npm - @sphereon/ssi-sdk.oid4vci-holder - Versions diffs - 0.34.1-feat.SSISDK.35.64 → 0.34.1-feat.SSISDK.55.244 - Mend

@sphereon/ssi-sdk.oid4vci-holder 0.34.1-feat.SSISDK.35.64 → 0.34.1-feat.SSISDK.55.244

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (14) hide show

package/dist/index.cjs +427 -444
package/dist/index.cjs.map +1 -1
package/dist/index.d.cts +4 -4
package/dist/index.d.ts +4 -4
package/dist/index.js +409 -426
package/dist/index.js.map +1 -1
package/package.json +24 -24
package/src/agent/OID4VCIHolder.ts +17 -30
package/src/machines/firstPartyMachine.ts +1 -1
package/src/machines/oid4vciMachine.ts +1 -1
package/src/mappers/OIDC4VCIBrandingMapper.ts +1 -1
package/src/services/OID4VCIHolderService.ts +42 -63
package/src/types/FirstPartyMachine.ts +5 -6
package/src/types/IOID4VCIHolder.ts +2 -2

package/dist/index.cjs CHANGED Viewed

@@ -100,6 +100,7 @@ __export(index_exports, {
   RequestType: () => RequestType,
   SupportedLanguage: () => SupportedLanguage,
   createConfig: () => createConfig,
+  extractCredentialFromResponse: () => extractCredentialFromResponse,
   getBasicIssuerLocaleBranding: () => getBasicIssuerLocaleBranding,
   getCredentialBranding: () => getCredentialBranding,
   getCredentialConfigsBasedOnFormatPref: () => getCredentialConfigsBasedOnFormatPref,
@@ -140,9 +141,11 @@ var import_ssi_sdk_ext5 = require("@sphereon/ssi-sdk-ext.did-utils");
 var import_ssi_sdk_ext6 = require("@sphereon/ssi-sdk-ext.identifier-resolution");
 var import_ssi_sdk_ext7 = require("@sphereon/ssi-sdk-ext.key-utils");
 var import_ssi_sdk2 = require("@sphereon/ssi-sdk.core");
-var import_ssi_sdk3 = require("@sphereon/ssi-sdk.data-store");
+var import_ssi_sdk3 = require("@sphereon/ssi-sdk.data-store-types");
+var import_ssi_sdk4 = require("@sphereon/ssi-sdk.data-store-types");
 var import_ssi_types2 = require("@sphereon/ssi-types");
 var import_utils2 = require("@veramo/utils");
+var import_cross_fetch = __toESM(require("cross-fetch"), 1);
 var import_did_jwt = require("did-jwt");
 var import_uuid2 = require("uuid");
@@ -1062,9 +1065,295 @@ var import_ssi_sdk_ext = require("@sphereon/ssi-sdk-ext.did-resolver-jwk");
 var import_ssi_sdk_ext2 = require("@sphereon/ssi-sdk-ext.did-utils");
 var import_ssi_sdk_ext3 = require("@sphereon/ssi-sdk-ext.identifier-resolution");
 var import_ssi_sdk_ext4 = require("@sphereon/ssi-sdk-ext.key-utils");
+var import_ssi_sdk = require("@sphereon/ssi-sdk.core");
 var import_ssi_types = require("@sphereon/ssi-types");
 var import_utils = require("@veramo/utils");
+// src/machines/firstPartyMachine.ts
+var import_xstate2 = require("xstate");
+var import_oid4vci_common2 = require("@sphereon/oid4vci-common");
+// src/services/FirstPartyMachineServices.ts
+var import_oid4vci_client = require("@sphereon/oid4vci-client");
+var import_uuid = require("uuid");
+var sendAuthorizationChallengeRequest = /* @__PURE__ */ __name(async (args) => {
+  const { openID4VCIClientState, authSession, presentationDuringIssuanceSession } = args;
+  const oid4vciClient = await import_oid4vci_client.OpenID4VCIClient.fromState({
+    state: openID4VCIClientState
+  });
+  return oid4vciClient.acquireAuthorizationChallengeCode({
+    clientId: oid4vciClient.clientId ?? (0, import_uuid.v4)(),
+    ...authSession && {
+      authSession
+    },
+    ...!authSession && openID4VCIClientState.credentialOffer?.preAuthorizedCode && {
+      issuerState: openID4VCIClientState.credentialOffer?.preAuthorizedCode
+    },
+    ...!authSession && openID4VCIClientState.credentialOffer?.issuerState && {
+      issuerState: openID4VCIClientState.credentialOffer?.issuerState
+    },
+    ...presentationDuringIssuanceSession && {
+      presentationDuringIssuanceSession
+    }
+  });
+}, "sendAuthorizationChallengeRequest");
+var createConfig = /* @__PURE__ */ __name(async (args, context) => {
+  const { presentationUri } = args;
+  if (!presentationUri) {
+    return Promise.reject(Error("Missing presentation uri in context"));
+  }
+  return context.agent.siopCreateConfig({
+    url: presentationUri
+  });
+}, "createConfig");
+var getSiopRequest = /* @__PURE__ */ __name(async (args, context) => {
+  const { didAuthConfig, presentationUri } = args;
+  if (presentationUri === void 0) {
+    return Promise.reject(Error("Missing presentation uri in context"));
+  }
+  if (didAuthConfig === void 0) {
+    return Promise.reject(Error("Missing did auth config in context"));
+  }
+  return context.agent.siopGetSiopRequest({
+    didAuthConfig,
+    url: presentationUri
+  });
+}, "getSiopRequest");
+var sendAuthorizationResponse = /* @__PURE__ */ __name(async (args, context) => {
+  const { didAuthConfig, authorizationRequestData, selectedCredentials } = args;
+  const responseData = await context.agent.siopSendResponse({
+    authorizationRequestData,
+    selectedCredentials,
+    didAuthConfig,
+    isFirstParty: true
+  });
+  return responseData.body.presentation_during_issuance_session;
+}, "sendAuthorizationResponse");
+// src/machines/firstPartyMachine.ts
+var firstPartyMachineStates = {
+  [FirstPartyMachineStateTypes.sendAuthorizationChallengeRequest]: {
+    id: FirstPartyMachineStateTypes.sendAuthorizationChallengeRequest,
+    invoke: {
+      src: FirstPartyMachineServices.sendAuthorizationChallengeRequest,
+      onDone: {
+        target: FirstPartyMachineStateTypes.done,
+        actions: (0, import_xstate2.assign)({
+          authorizationCodeResponse: /* @__PURE__ */ __name((_ctx, _event) => _event.data, "authorizationCodeResponse")
+        })
+      },
+      onError: [
+        {
+          target: FirstPartyMachineStateTypes.createConfig,
+          cond: /* @__PURE__ */ __name((_ctx, _event) => _event.data.error === import_oid4vci_common2.AuthorizationChallengeError.insufficient_authorization, "cond"),
+          actions: (0, import_xstate2.assign)({
+            authSession: /* @__PURE__ */ __name((_ctx, _event) => _event.data.auth_session, "authSession"),
+            presentationUri: /* @__PURE__ */ __name((_ctx, _event) => _event.data.presentation, "presentationUri")
+          })
+        },
+        {
+          target: FirstPartyMachineStateTypes.error,
+          actions: (0, import_xstate2.assign)({
+            error: /* @__PURE__ */ __name((_ctx, _event) => ({
+              title: translate("oid4vci_machine_send_authorization_challenge_request_error_title"),
+              message: _event.data.message,
+              stack: _event.data.stack
+            }), "error")
+          })
+        }
+      ]
+    }
+  },
+  [FirstPartyMachineStateTypes.createConfig]: {
+    id: FirstPartyMachineStateTypes.createConfig,
+    invoke: {
+      src: FirstPartyMachineServices.createConfig,
+      onDone: {
+        target: FirstPartyMachineStateTypes.getSiopRequest,
+        actions: (0, import_xstate2.assign)({
+          didAuthConfig: /* @__PURE__ */ __name((_ctx, _event) => _event.data, "didAuthConfig")
+        })
+      },
+      onError: {
+        target: FirstPartyMachineStateTypes.error,
+        actions: (0, import_xstate2.assign)({
+          error: /* @__PURE__ */ __name((_ctx, _event) => ({
+            title: translate("oid4vci_machine_create_config_error_title"),
+            message: _event.data.message,
+            stack: _event.data.stack
+          }), "error")
+        })
+      }
+    }
+  },
+  [FirstPartyMachineStateTypes.getSiopRequest]: {
+    id: FirstPartyMachineStateTypes.getSiopRequest,
+    invoke: {
+      src: FirstPartyMachineServices.getSiopRequest,
+      onDone: {
+        target: FirstPartyMachineStateTypes.selectCredentials,
+        actions: (0, import_xstate2.assign)({
+          authorizationRequestData: /* @__PURE__ */ __name((_ctx, _event) => _event.data, "authorizationRequestData")
+        })
+      },
+      onError: {
+        target: FirstPartyMachineStateTypes.error,
+        actions: (0, import_xstate2.assign)({
+          error: /* @__PURE__ */ __name((_ctx, _event) => ({
+            title: translate("siopV2_machine_get_request_error_title"),
+            message: _event.data.message,
+            stack: _event.data.stack
+          }), "error")
+        })
+      }
+    }
+  },
+  [FirstPartyMachineStateTypes.selectCredentials]: {
+    id: FirstPartyMachineStateTypes.selectCredentials,
+    on: {
+      [FirstPartyMachineEvents.SET_SELECTED_CREDENTIALS]: {
+        actions: (0, import_xstate2.assign)({
+          selectedCredentials: /* @__PURE__ */ __name((_ctx, _event) => _event.data, "selectedCredentials")
+        })
+      },
+      [FirstPartyMachineEvents.NEXT]: {
+        target: FirstPartyMachineStateTypes.sendAuthorizationResponse
+      },
+      [FirstPartyMachineEvents.DECLINE]: {
+        target: FirstPartyMachineStateTypes.declined
+      },
+      [FirstPartyMachineEvents.PREVIOUS]: {
+        target: FirstPartyMachineStateTypes.aborted
+      }
+    }
+  },
+  [FirstPartyMachineStateTypes.sendAuthorizationResponse]: {
+    id: FirstPartyMachineStateTypes.sendAuthorizationResponse,
+    invoke: {
+      src: FirstPartyMachineServices.sendAuthorizationResponse,
+      onDone: {
+        target: FirstPartyMachineStateTypes.sendAuthorizationChallengeRequest,
+        actions: (0, import_xstate2.assign)({
+          presentationDuringIssuanceSession: /* @__PURE__ */ __name((_ctx, _event) => _event.data, "presentationDuringIssuanceSession")
+        })
+      },
+      onError: {
+        target: FirstPartyMachineStateTypes.error,
+        actions: (0, import_xstate2.assign)({
+          error: /* @__PURE__ */ __name((_ctx, _event) => ({
+            title: translate("oid4vci_machine_get_request_error_title"),
+            message: _event.data.message,
+            stack: _event.data.stack
+          }), "error")
+        })
+      }
+    }
+  },
+  [FirstPartyMachineStateTypes.aborted]: {
+    id: FirstPartyMachineStateTypes.aborted,
+    type: "final"
+  },
+  [FirstPartyMachineStateTypes.declined]: {
+    id: FirstPartyMachineStateTypes.declined,
+    type: "final"
+  },
+  [FirstPartyMachineStateTypes.error]: {
+    id: FirstPartyMachineStateTypes.error,
+    type: "final"
+  },
+  [FirstPartyMachineStateTypes.done]: {
+    id: FirstPartyMachineStateTypes.done,
+    type: "final"
+  }
+};
+var createFirstPartyActivationMachine = /* @__PURE__ */ __name((opts) => {
+  const initialContext = {
+    openID4VCIClientState: opts.openID4VCIClientState,
+    contact: opts.contact,
+    selectedCredentials: []
+  };
+  return (0, import_xstate2.createMachine)({
+    id: opts?.machineId ?? "FirstParty",
+    predictableActionArguments: true,
+    initial: FirstPartyMachineStateTypes.sendAuthorizationChallengeRequest,
+    context: initialContext,
+    states: firstPartyMachineStates,
+    schema: {
+      events: {},
+      services: {}
+    }
+  });
+}, "createFirstPartyActivationMachine");
+var FirstPartyMachine = class _FirstPartyMachine {
+  static {
+    __name(this, "FirstPartyMachine");
+  }
+  static _instance;
+  static hasInstance() {
+    return _FirstPartyMachine._instance !== void 0;
+  }
+  static get instance() {
+    if (!_FirstPartyMachine._instance) {
+      throw Error("Please initialize ESIMActivation machine first");
+    }
+    return _FirstPartyMachine._instance;
+  }
+  static clearInstance(opts) {
+    const { stop } = opts;
+    if (_FirstPartyMachine.hasInstance()) {
+      if (stop) {
+        _FirstPartyMachine.stopInstance();
+      }
+    }
+    _FirstPartyMachine._instance = void 0;
+  }
+  static stopInstance() {
+    if (!_FirstPartyMachine.hasInstance()) {
+      return;
+    }
+    _FirstPartyMachine.instance.stop();
+    _FirstPartyMachine._instance = void 0;
+  }
+  static newInstance(opts) {
+    const { agentContext } = opts;
+    const services = {
+      [FirstPartyMachineServices.sendAuthorizationChallengeRequest]: sendAuthorizationChallengeRequest,
+      [FirstPartyMachineServices.createConfig]: (args) => createConfig(args, agentContext),
+      [FirstPartyMachineServices.getSiopRequest]: (args) => getSiopRequest(args, agentContext),
+      [FirstPartyMachineServices.sendAuthorizationResponse]: (args) => sendAuthorizationResponse(args, agentContext)
+    };
+    const newInst = (0, import_xstate2.interpret)(createFirstPartyActivationMachine(opts).withConfig({
+      services: {
+        ...services,
+        ...opts?.services
+      },
+      guards: {
+        ...opts?.guards
+      }
+    }));
+    if (typeof opts?.subscription === "function") {
+      newInst.onTransition(opts.subscription);
+    }
+    if (opts?.requireCustomNavigationHook !== true) {
+      newInst.onTransition((snapshot) => {
+        if (opts?.stateNavigationListener) {
+          void opts.stateNavigationListener(newInst, snapshot);
+        }
+      });
+    }
+    return newInst;
+  }
+  static getInstance(opts) {
+    if (!_FirstPartyMachine._instance) {
+      if (opts?.requireExisting === true) {
+        throw Error(`Existing FirstPartyMachine instance requested, but none was created at this point!`);
+      }
+      _FirstPartyMachine._instance = _FirstPartyMachine.newInstance(opts);
+    }
+    return _FirstPartyMachine._instance;
+  }
+};
 // src/mappers/OIDC4VCIBrandingMapper.ts
 var oid4vciGetCredentialBrandingFrom = /* @__PURE__ */ __name(async (args) => {
   const { credentialDisplay, issuerCredentialSubject } = args;
@@ -1230,390 +1519,104 @@ var sdJwtCredentialLocaleBrandingFrom = /* @__PURE__ */ __name(async (args) => {
   return {
     ...credentialDisplay.name && {
       alias: credentialDisplay.name
-    },
-    ...credentialDisplay.lang && {
-      locale: credentialDisplay.lang
-    },
-    ...credentialDisplay.rendering?.simple?.logo && {
-      logo: {
-        ...credentialDisplay.rendering.simple.logo.uri && {
-          uri: credentialDisplay.rendering.simple.logo.uri
-        },
-        ...credentialDisplay.rendering.simple.logo.alt_text && {
-          alt: credentialDisplay.rendering.simple.logo.alt_text
-        }
-      }
-    },
-    ...credentialDisplay.description && {
-      description: credentialDisplay.description
-    },
-    ...credentialDisplay.rendering?.simple?.text_color && {
-      text: {
-        color: credentialDisplay.rendering.simple.text_color
-      }
-    },
-    ...credentialDisplay.rendering?.simple?.background_color && {
-      background: {
-        color: credentialDisplay.rendering.simple.background_color
-      }
-    }
-  };
-}, "sdJwtCredentialLocaleBrandingFrom");
-var sdJwtCombineDisplayLocalesFrom = /* @__PURE__ */ __name(async (args) => {
-  const { credentialDisplayLocales = /* @__PURE__ */ new Map(), claimsMetadata = /* @__PURE__ */ new Map() } = args;
-  const locales = Array.from(/* @__PURE__ */ new Set([
-    ...claimsMetadata.keys(),
-    ...credentialDisplayLocales.keys()
-  ]));
-  return Promise.all(locales.map(async (locale) => {
-    const display = credentialDisplayLocales.get(locale);
-    const claims = claimsMetadata.get(locale);
-    return {
-      ...display && await sdJwtCredentialLocaleBrandingFrom({
-        credentialDisplay: display
-      }),
-      ...locale.length > 0 && {
-        locale
-      },
-      claims
-    };
-  }));
-}, "sdJwtCombineDisplayLocalesFrom");
-var issuerLocaleBrandingFrom = /* @__PURE__ */ __name(async (args) => {
-  const { issuerDisplay, dynamicRegistrationClientMetadata } = args;
-  return {
-    ...dynamicRegistrationClientMetadata?.client_name && {
-      alias: dynamicRegistrationClientMetadata.client_name
-    },
-    ...issuerDisplay.name && {
-      alias: issuerDisplay.name
-    },
-    ...issuerDisplay.locale && {
-      locale: issuerDisplay.locale
-    },
-    ...(issuerDisplay.logo || dynamicRegistrationClientMetadata?.logo_uri) && {
-      logo: {
-        ...dynamicRegistrationClientMetadata?.logo_uri && {
-          uri: dynamicRegistrationClientMetadata?.logo_uri
-        },
-        ...(issuerDisplay.logo?.url || issuerDisplay.logo?.uri) && {
-          uri: issuerDisplay.logo?.url ?? issuerDisplay.logo?.uri
-        },
-        ...issuerDisplay.logo?.alt_text && {
-          alt: issuerDisplay.logo?.alt_text
-        }
-      }
-    },
-    ...issuerDisplay.description && {
-      description: issuerDisplay.description
-    },
-    ...issuerDisplay.text_color && {
-      text: {
-        color: issuerDisplay.text_color
-      }
-    },
-    ...dynamicRegistrationClientMetadata?.client_uri && {
-      clientUri: dynamicRegistrationClientMetadata.client_uri
-    },
-    ...dynamicRegistrationClientMetadata?.tos_uri && {
-      tosUri: dynamicRegistrationClientMetadata.tos_uri
-    },
-    ...dynamicRegistrationClientMetadata?.policy_uri && {
-      policyUri: dynamicRegistrationClientMetadata.policy_uri
-    },
-    ...dynamicRegistrationClientMetadata?.contacts && {
-      contacts: dynamicRegistrationClientMetadata.contacts
-    }
-  };
-}, "issuerLocaleBrandingFrom");
-// src/machines/firstPartyMachine.ts
-var import_xstate2 = require("xstate");
-var import_oid4vci_common2 = require("@sphereon/oid4vci-common");
-// src/services/FirstPartyMachineServices.ts
-var import_oid4vci_client = require("@sphereon/oid4vci-client");
-var import_uuid = require("uuid");
-var sendAuthorizationChallengeRequest = /* @__PURE__ */ __name(async (args) => {
-  const { openID4VCIClientState, authSession, presentationDuringIssuanceSession } = args;
-  const oid4vciClient = await import_oid4vci_client.OpenID4VCIClient.fromState({
-    state: openID4VCIClientState
-  });
-  return oid4vciClient.acquireAuthorizationChallengeCode({
-    clientId: oid4vciClient.clientId ?? (0, import_uuid.v4)(),
-    ...authSession && {
-      authSession
-    },
-    ...!authSession && openID4VCIClientState.credentialOffer?.preAuthorizedCode && {
-      issuerState: openID4VCIClientState.credentialOffer?.preAuthorizedCode
-    },
-    ...!authSession && openID4VCIClientState.credentialOffer?.issuerState && {
-      issuerState: openID4VCIClientState.credentialOffer?.issuerState
-    },
-    ...presentationDuringIssuanceSession && {
-      presentationDuringIssuanceSession
-    }
-  });
-}, "sendAuthorizationChallengeRequest");
-var createConfig = /* @__PURE__ */ __name(async (args, context) => {
-  const { presentationUri } = args;
-  if (!presentationUri) {
-    return Promise.reject(Error("Missing presentation uri in context"));
-  }
-  return context.agent.siopCreateConfig({
-    url: presentationUri
-  });
-}, "createConfig");
-var getSiopRequest = /* @__PURE__ */ __name(async (args, context) => {
-  const { didAuthConfig, presentationUri } = args;
-  if (presentationUri === void 0) {
-    return Promise.reject(Error("Missing presentation uri in context"));
-  }
-  if (didAuthConfig === void 0) {
-    return Promise.reject(Error("Missing did auth config in context"));
-  }
-  return context.agent.siopGetSiopRequest({
-    didAuthConfig,
-    url: presentationUri
-  });
-}, "getSiopRequest");
-var sendAuthorizationResponse = /* @__PURE__ */ __name(async (args, context) => {
-  const { didAuthConfig, authorizationRequestData, selectedCredentials } = args;
-  const responseData = await context.agent.siopSendResponse({
-    authorizationRequestData,
-    selectedCredentials,
-    didAuthConfig,
-    isFirstParty: true
-  });
-  return responseData.body.presentation_during_issuance_session;
-}, "sendAuthorizationResponse");
-// src/machines/firstPartyMachine.ts
-var firstPartyMachineStates = {
-  [FirstPartyMachineStateTypes.sendAuthorizationChallengeRequest]: {
-    id: FirstPartyMachineStateTypes.sendAuthorizationChallengeRequest,
-    invoke: {
-      src: FirstPartyMachineServices.sendAuthorizationChallengeRequest,
-      onDone: {
-        target: FirstPartyMachineStateTypes.done,
-        actions: (0, import_xstate2.assign)({
-          authorizationCodeResponse: /* @__PURE__ */ __name((_ctx, _event) => _event.data, "authorizationCodeResponse")
-        })
-      },
-      onError: [
-        {
-          target: FirstPartyMachineStateTypes.createConfig,
-          cond: /* @__PURE__ */ __name((_ctx, _event) => _event.data.error === import_oid4vci_common2.AuthorizationChallengeError.insufficient_authorization, "cond"),
-          actions: (0, import_xstate2.assign)({
-            authSession: /* @__PURE__ */ __name((_ctx, _event) => _event.data.auth_session, "authSession"),
-            presentationUri: /* @__PURE__ */ __name((_ctx, _event) => _event.data.presentation, "presentationUri")
-          })
-        },
-        {
-          target: FirstPartyMachineStateTypes.error,
-          actions: (0, import_xstate2.assign)({
-            error: /* @__PURE__ */ __name((_ctx, _event) => ({
-              title: translate("oid4vci_machine_send_authorization_challenge_request_error_title"),
-              message: _event.data.message,
-              stack: _event.data.stack
-            }), "error")
-          })
-        }
-      ]
-    }
-  },
-  [FirstPartyMachineStateTypes.createConfig]: {
-    id: FirstPartyMachineStateTypes.createConfig,
-    invoke: {
-      src: FirstPartyMachineServices.createConfig,
-      onDone: {
-        target: FirstPartyMachineStateTypes.getSiopRequest,
-        actions: (0, import_xstate2.assign)({
-          didAuthConfig: /* @__PURE__ */ __name((_ctx, _event) => _event.data, "didAuthConfig")
-        })
-      },
-      onError: {
-        target: FirstPartyMachineStateTypes.error,
-        actions: (0, import_xstate2.assign)({
-          error: /* @__PURE__ */ __name((_ctx, _event) => ({
-            title: translate("oid4vci_machine_create_config_error_title"),
-            message: _event.data.message,
-            stack: _event.data.stack
-          }), "error")
-        })
-      }
-    }
-  },
-  [FirstPartyMachineStateTypes.getSiopRequest]: {
-    id: FirstPartyMachineStateTypes.getSiopRequest,
-    invoke: {
-      src: FirstPartyMachineServices.getSiopRequest,
-      onDone: {
-        target: FirstPartyMachineStateTypes.selectCredentials,
-        actions: (0, import_xstate2.assign)({
-          authorizationRequestData: /* @__PURE__ */ __name((_ctx, _event) => _event.data, "authorizationRequestData")
-        })
-      },
-      onError: {
-        target: FirstPartyMachineStateTypes.error,
-        actions: (0, import_xstate2.assign)({
-          error: /* @__PURE__ */ __name((_ctx, _event) => ({
-            title: translate("siopV2_machine_get_request_error_title"),
-            message: _event.data.message,
-            stack: _event.data.stack
-          }), "error")
-        })
+    },
+    ...credentialDisplay.lang && {
+      locale: credentialDisplay.lang
+    },
+    ...credentialDisplay.rendering?.simple?.logo && {
+      logo: {
+        ...credentialDisplay.rendering.simple.logo.uri && {
+          uri: credentialDisplay.rendering.simple.logo.uri
+        },
+        ...credentialDisplay.rendering.simple.logo.alt_text && {
+          alt: credentialDisplay.rendering.simple.logo.alt_text
+        }
       }
-    }
-  },
-  [FirstPartyMachineStateTypes.selectCredentials]: {
-    id: FirstPartyMachineStateTypes.selectCredentials,
-    on: {
-      [FirstPartyMachineEvents.SET_SELECTED_CREDENTIALS]: {
-        actions: (0, import_xstate2.assign)({
-          selectedCredentials: /* @__PURE__ */ __name((_ctx, _event) => _event.data, "selectedCredentials")
-        })
-      },
-      [FirstPartyMachineEvents.NEXT]: {
-        target: FirstPartyMachineStateTypes.sendAuthorizationResponse
-      },
-      [FirstPartyMachineEvents.DECLINE]: {
-        target: FirstPartyMachineStateTypes.declined
-      },
-      [FirstPartyMachineEvents.PREVIOUS]: {
-        target: FirstPartyMachineStateTypes.aborted
+    },
+    ...credentialDisplay.description && {
+      description: credentialDisplay.description
+    },
+    ...credentialDisplay.rendering?.simple?.text_color && {
+      text: {
+        color: credentialDisplay.rendering.simple.text_color
       }
-    }
-  },
-  [FirstPartyMachineStateTypes.sendAuthorizationResponse]: {
-    id: FirstPartyMachineStateTypes.sendAuthorizationResponse,
-    invoke: {
-      src: FirstPartyMachineServices.sendAuthorizationResponse,
-      onDone: {
-        target: FirstPartyMachineStateTypes.sendAuthorizationChallengeRequest,
-        actions: (0, import_xstate2.assign)({
-          presentationDuringIssuanceSession: /* @__PURE__ */ __name((_ctx, _event) => _event.data, "presentationDuringIssuanceSession")
-        })
-      },
-      onError: {
-        target: FirstPartyMachineStateTypes.error,
-        actions: (0, import_xstate2.assign)({
-          error: /* @__PURE__ */ __name((_ctx, _event) => ({
-            title: translate("oid4vci_machine_get_request_error_title"),
-            message: _event.data.message,
-            stack: _event.data.stack
-          }), "error")
-        })
+    },
+    ...credentialDisplay.rendering?.simple?.background_color && {
+      background: {
+        color: credentialDisplay.rendering.simple.background_color
       }
     }
-  },
-  [FirstPartyMachineStateTypes.aborted]: {
-    id: FirstPartyMachineStateTypes.aborted,
-    type: "final"
-  },
-  [FirstPartyMachineStateTypes.declined]: {
-    id: FirstPartyMachineStateTypes.declined,
-    type: "final"
-  },
-  [FirstPartyMachineStateTypes.error]: {
-    id: FirstPartyMachineStateTypes.error,
-    type: "final"
-  },
-  [FirstPartyMachineStateTypes.done]: {
-    id: FirstPartyMachineStateTypes.done,
-    type: "final"
-  }
-};
-var createFirstPartyActivationMachine = /* @__PURE__ */ __name((opts) => {
-  const initialContext = {
-    openID4VCIClientState: opts.openID4VCIClientState,
-    contact: opts.contact,
-    selectedCredentials: []
   };
-  return (0, import_xstate2.createMachine)({
-    id: opts?.machineId ?? "FirstParty",
-    predictableActionArguments: true,
-    initial: FirstPartyMachineStateTypes.sendAuthorizationChallengeRequest,
-    context: initialContext,
-    states: firstPartyMachineStates,
-    schema: {
-      events: {},
-      services: {}
-    }
-  });
-}, "createFirstPartyActivationMachine");
-var FirstPartyMachine = class _FirstPartyMachine {
-  static {
-    __name(this, "FirstPartyMachine");
-  }
-  static _instance;
-  static hasInstance() {
-    return _FirstPartyMachine._instance !== void 0;
-  }
-  static get instance() {
-    if (!_FirstPartyMachine._instance) {
-      throw Error("Please initialize ESIMActivation machine first");
-    }
-    return _FirstPartyMachine._instance;
-  }
-  static clearInstance(opts) {
-    const { stop } = opts;
-    if (_FirstPartyMachine.hasInstance()) {
-      if (stop) {
-        _FirstPartyMachine.stopInstance();
-      }
-    }
-    _FirstPartyMachine._instance = void 0;
-  }
-  static stopInstance() {
-    if (!_FirstPartyMachine.hasInstance()) {
-      return;
-    }
-    _FirstPartyMachine.instance.stop();
-    _FirstPartyMachine._instance = void 0;
-  }
-  static newInstance(opts) {
-    const { agentContext } = opts;
-    const services = {
-      [FirstPartyMachineServices.sendAuthorizationChallengeRequest]: sendAuthorizationChallengeRequest,
-      [FirstPartyMachineServices.createConfig]: (args) => createConfig(args, agentContext),
-      [FirstPartyMachineServices.getSiopRequest]: (args) => getSiopRequest(args, agentContext),
-      [FirstPartyMachineServices.sendAuthorizationResponse]: (args) => sendAuthorizationResponse(args, agentContext)
-    };
-    const newInst = (0, import_xstate2.interpret)(createFirstPartyActivationMachine(opts).withConfig({
-      services: {
-        ...services,
-        ...opts?.services
+}, "sdJwtCredentialLocaleBrandingFrom");
+var sdJwtCombineDisplayLocalesFrom = /* @__PURE__ */ __name(async (args) => {
+  const { credentialDisplayLocales = /* @__PURE__ */ new Map(), claimsMetadata = /* @__PURE__ */ new Map() } = args;
+  const locales = Array.from(/* @__PURE__ */ new Set([
+    ...claimsMetadata.keys(),
+    ...credentialDisplayLocales.keys()
+  ]));
+  return Promise.all(locales.map(async (locale) => {
+    const display = credentialDisplayLocales.get(locale);
+    const claims = claimsMetadata.get(locale);
+    return {
+      ...display && await sdJwtCredentialLocaleBrandingFrom({
+        credentialDisplay: display
+      }),
+      ...locale.length > 0 && {
+        locale
       },
-      guards: {
-        ...opts?.guards
-      }
-    }));
-    if (typeof opts?.subscription === "function") {
-      newInst.onTransition(opts.subscription);
-    }
-    if (opts?.requireCustomNavigationHook !== true) {
-      newInst.onTransition((snapshot) => {
-        if (opts?.stateNavigationListener) {
-          void opts.stateNavigationListener(newInst, snapshot);
+      claims
+    };
+  }));
+}, "sdJwtCombineDisplayLocalesFrom");
+var issuerLocaleBrandingFrom = /* @__PURE__ */ __name(async (args) => {
+  const { issuerDisplay, dynamicRegistrationClientMetadata } = args;
+  return {
+    ...dynamicRegistrationClientMetadata?.client_name && {
+      alias: dynamicRegistrationClientMetadata.client_name
+    },
+    ...issuerDisplay.name && {
+      alias: issuerDisplay.name
+    },
+    ...issuerDisplay.locale && {
+      locale: issuerDisplay.locale
+    },
+    ...(issuerDisplay.logo || dynamicRegistrationClientMetadata?.logo_uri) && {
+      logo: {
+        ...dynamicRegistrationClientMetadata?.logo_uri && {
+          uri: dynamicRegistrationClientMetadata?.logo_uri
+        },
+        ...(issuerDisplay.logo?.url || issuerDisplay.logo?.uri) && {
+          uri: issuerDisplay.logo?.url ?? issuerDisplay.logo?.uri
+        },
+        ...issuerDisplay.logo?.alt_text && {
+          alt: issuerDisplay.logo?.alt_text
         }
-      });
-    }
-    return newInst;
-  }
-  static getInstance(opts) {
-    if (!_FirstPartyMachine._instance) {
-      if (opts?.requireExisting === true) {
-        throw Error(`Existing FirstPartyMachine instance requested, but none was created at this point!`);
       }
-      _FirstPartyMachine._instance = _FirstPartyMachine.newInstance(opts);
+    },
+    ...issuerDisplay.description && {
+      description: issuerDisplay.description
+    },
+    ...issuerDisplay.text_color && {
+      text: {
+        color: issuerDisplay.text_color
+      }
+    },
+    ...dynamicRegistrationClientMetadata?.client_uri && {
+      clientUri: dynamicRegistrationClientMetadata.client_uri
+    },
+    ...dynamicRegistrationClientMetadata?.tos_uri && {
+      tosUri: dynamicRegistrationClientMetadata.tos_uri
+    },
+    ...dynamicRegistrationClientMetadata?.policy_uri && {
+      policyUri: dynamicRegistrationClientMetadata.policy_uri
+    },
+    ...dynamicRegistrationClientMetadata?.contacts && {
+      contacts: dynamicRegistrationClientMetadata.contacts
     }
-    return _FirstPartyMachine._instance;
-  }
-};
+  };
+}, "issuerLocaleBrandingFrom");
 // src/services/OID4VCIHolderService.ts
-var import_ssi_sdk = require("@sphereon/ssi-sdk.core");
 var getCredentialBranding = /* @__PURE__ */ __name(async (args) => {
   const { credentialsSupported, context } = args;
   const credentialBranding = {};
@@ -1685,16 +1688,7 @@ var selectCredentialLocaleBranding = /* @__PURE__ */ __name(async (args) => {
 }, "selectCredentialLocaleBranding");
 var verifyCredentialToAccept = /* @__PURE__ */ __name(async (args) => {
   const { mappedCredential, hasher, onVerifyEBSICredentialIssuer, schemaValidation, context } = args;
-  const credentialResponse = mappedCredential.credentialToAccept.credentialResponse;
-  let credential;
-  if ("credential" in credentialResponse) {
-    credential = credentialResponse.credential;
-  } else if ("credentials" in credentialResponse && credentialResponse.credentials && Array.isArray(credentialResponse.credentials) && credentialResponse.credentials.length > 0) {
-    credential = credentialResponse.credentials[0].credential;
-  }
-  if (!credential) {
-    return Promise.reject(Error("No credential found in credential response"));
-  }
+  const credential = extractCredentialFromResponse(mappedCredential.credentialToAccept.credentialResponse);
   const wrappedVC = import_ssi_types.CredentialMapper.toWrappedVerifiableCredential(credential, {
     hasher: hasher ?? import_ssi_sdk.defaultHasher
   });
@@ -1746,16 +1740,7 @@ var verifyCredentialToAccept = /* @__PURE__ */ __name(async (args) => {
 }, "verifyCredentialToAccept");
 var mapCredentialToAccept = /* @__PURE__ */ __name(async (args) => {
   const { credentialToAccept, hasher } = args;
-  const credentialResponse = credentialToAccept.credentialResponse;
-  let verifiableCredential;
-  if ("credential" in credentialResponse) {
-    verifiableCredential = credentialResponse.credential;
-  } else if ("credentials" in credentialResponse && credentialResponse.credentials && Array.isArray(credentialResponse.credentials) && credentialResponse.credentials.length > 0) {
-    verifiableCredential = credentialResponse.credentials[0].credential;
-  }
-  if (!verifiableCredential) {
-    return Promise.reject(Error("No credential found in credential response"));
-  }
+  const verifiableCredential = extractCredentialFromResponse(credentialToAccept.credentialResponse);
   const wrappedVerifiableCredential = import_ssi_types.CredentialMapper.toWrappedVerifiableCredential(verifiableCredential, {
     hasher
   });
@@ -1775,6 +1760,7 @@ var mapCredentialToAccept = /* @__PURE__ */ __name(async (args) => {
     uniformVerifiableCredential = wrappedVerifiableCredential.credential;
   }
   const correlationId = typeof uniformVerifiableCredential.issuer === "string" ? uniformVerifiableCredential.issuer : import_ssi_types.CredentialMapper.isSdJwtDecodedCredential(uniformVerifiableCredential) ? uniformVerifiableCredential.decodedPayload.iss : uniformVerifiableCredential.issuer.id;
+  const credentialResponse = credentialToAccept.credentialResponse;
   return {
     correlationId,
     credentialToAccept,
@@ -1786,6 +1772,18 @@ var mapCredentialToAccept = /* @__PURE__ */ __name(async (args) => {
     }
   };
 }, "mapCredentialToAccept");
+var extractCredentialFromResponse = /* @__PURE__ */ __name((credentialResponse) => {
+  let credential;
+  if ("credential" in credentialResponse) {
+    credential = credentialResponse.credential;
+  } else if ("credentials" in credentialResponse && credentialResponse.credentials && Array.isArray(credentialResponse.credentials) && credentialResponse.credentials.length > 0) {
+    credential = credentialResponse.credentials[0].credential;
+  }
+  if (!credential) {
+    throw new Error("No credential found in credential response");
+  }
+  return credential;
+}, "extractCredentialFromResponse");
 var getIdentifierOpts = /* @__PURE__ */ __name(async (args) => {
   const { issuanceOpt, context } = args;
   const { identifier: identifierArg } = issuanceOpt;
@@ -1894,24 +1892,19 @@ var getCredentialConfigsSupportedBySingleTypeOrId = /* @__PURE__ */ __name(async
   }
   __name(createIdFromTypes, "createIdFromTypes");
   if (configurationId) {
-    const allSupported2 = client.getCredentialsSupported(false);
+    const allSupported2 = client.getCredentialsSupported(format);
     return Object.fromEntries(Object.entries(allSupported2).filter(([id, supported]) => id === configurationId || supported.id === configurationId || createIdFromTypes(supported) === configurationId));
   }
-  if (!types && !client.credentialOffer) {
-    return Promise.reject(Error("openID4VCIClient has no credentialOffer and no types where provided"));
+  if (!client.credentialOffer) {
+    return Promise.reject(Error("openID4VCIClient has no credentialOffer"));
   }
-  if (!Array.isArray(format) && client.credentialOffer) {
-    if (client.version() > import_oid4vci_common3.OpenId4VCIVersion.VER_1_0_09 && typeof client.credentialOffer.credential_offer === "object" && "credentials" in client.credentialOffer.credential_offer) {
-      format = client.credentialOffer.credential_offer.credentials.filter((cred) => typeof cred !== "string").map((cred) => cred.format);
-      if (format?.length === 0) {
-        format = void 0;
-      }
-    }
+  if (!types) {
+    return Promise.reject(Error("openID4VCIClient has no types"));
   }
   const offerSupported = (0, import_oid4vci_common3.getSupportedCredentials)({
-    types: types ? [
+    types: [
       types
-    ] : client.getCredentialOfferTypes(),
+    ],
     format,
     version: client.version(),
     issuerMetadata: client.endpointMetadata.credentialIssuerMetadata
@@ -2086,7 +2079,7 @@ var getIssuanceCryptoSuite = /* @__PURE__ */ __name(async (opts) => {
     case "jwt":
     case "jwt_vc_json":
     case "jwt_vc":
-    case "vc+sd-jwt":
+    //case 'vc+sd-jwt': // TODO see SSISDK-52 concerning vc+sd-jwt
     case "dc+sd-jwt":
     case "mso_mdoc": {
       const supportedPreferences = jwtCryptographicSuitePreferences.filter((suite) => signing_algs_supported.includes(suite));
@@ -2155,7 +2148,6 @@ var startFirstPartApplicationMachine = /* @__PURE__ */ __name(async (args, conte
 }, "startFirstPartApplicationMachine");
 // src/agent/OID4VCIHolder.ts
-var import_polyfill = require("cross-fetch/polyfill");
 var oid4vciHolderContextMethods = [
   "cmGetContacts",
   "cmGetContact",
@@ -2376,7 +2368,6 @@ var OID4VCIHolder = class _OID4VCIHolder {
       formats = Array.from(new Set(authFormats));
     }
     let oid4vciClient;
-    let types = void 0;
     let offer;
     if (requestData.existingClientState) {
       oid4vciClient = await import_oid4vci_client3.OpenID4VCIClient.fromState({
@@ -2412,17 +2403,18 @@ var OID4VCIHolder = class _OID4VCIHolder {
         });
       }
     }
+    let configurationIds = [];
     if (offer) {
-      types = (0, import_oid4vci_common4.getTypesFromCredentialOffer)(offer.original_credential_offer);
+      configurationIds = offer.original_credential_offer.credential_configuration_ids;
     } else {
-      types = (0, import_utils2.asArray)(authorizationRequestOpts.authorizationDetails).map((authReqOpts) => (0, import_oid4vci_common4.getTypesFromAuthorizationDetails)(authReqOpts) ?? []).filter((inner) => inner.length > 0);
+      configurationIds = (0, import_utils2.asArray)(authorizationRequestOpts.authorizationDetails).filter((authDetails) => typeof authDetails !== "string").map((authReqOpts) => authReqOpts.credential_configuration_id).filter((id) => !!id);
     }
-    const serverMetadata = await oid4vciClient.retrieveServerMetadata();
     const credentialsSupported = await getCredentialConfigsSupportedMerged({
       client: oid4vciClient,
       vcFormatPreferences: formats,
-      types
+      configurationIds
     });
+    const serverMetadata = await oid4vciClient.retrieveServerMetadata();
     const credentialBranding = await getCredentialBranding({
       credentialsSupported,
       context
@@ -2639,26 +2631,26 @@ var OID4VCIHolder = class _OID4VCIHolder {
       return Promise.reject(Error("Missing credential offers in context"));
     }
     let correlationId = credentialsToAccept[0].correlationId;
-    let identifierType = import_ssi_sdk3.CorrelationIdentifierType.DID;
+    let identifierType = import_ssi_sdk4.CorrelationIdentifierType.DID;
     if (!correlationId.toLowerCase().startsWith("did:")) {
-      identifierType = import_ssi_sdk3.CorrelationIdentifierType.URL;
+      identifierType = import_ssi_sdk4.CorrelationIdentifierType.URL;
       if (correlationId.startsWith("http")) {
         correlationId = new URL(correlationId).hostname;
       }
     }
     const identity = {
       alias: credentialsToAccept[0].correlationId,
-      origin: import_ssi_sdk3.IdentityOrigin.EXTERNAL,
+      origin: import_ssi_sdk4.IdentityOrigin.EXTERNAL,
       roles: [
-        import_ssi_sdk3.CredentialRole.ISSUER
+        import_ssi_types2.CredentialRole.ISSUER
       ],
       identifier: {
         type: identifierType,
         correlationId
       },
-      ...identifierType === import_ssi_sdk3.CorrelationIdentifierType.URL && {
+      ...identifierType === import_ssi_sdk4.CorrelationIdentifierType.URL && {
         connection: {
-          type: import_ssi_sdk3.ConnectionType.OPENID_CONNECT,
+          type: import_ssi_sdk4.ConnectionType.OPENID_CONNECT,
           config: {
             clientId: "138d7bf8-c930-4c6e-b928-97d3a4928b01",
             clientSecret: "03b3955f-d020-4f2a-8a27-4e452d4e27a0",
@@ -2685,7 +2677,7 @@ var OID4VCIHolder = class _OID4VCIHolder {
   }
   async oid4vciHolderGetIssuerBranding(args, context) {
     const { serverMetadata, contact } = args;
-    const issuerCorrelationId = contact?.identities.filter((identity) => identity.roles.includes(import_ssi_sdk3.CredentialRole.ISSUER)).map((identity) => identity.identifier.correlationId)[0];
+    const issuerCorrelationId = contact?.identities.filter((identity) => identity.roles.includes(import_ssi_types2.CredentialRole.ISSUER)).map((identity) => identity.identifier.correlationId)[0];
     if (issuerCorrelationId) {
       const branding = await context.agent.ibGetIssuerBranding({
         filter: [
@@ -2715,7 +2707,7 @@ var OID4VCIHolder = class _OID4VCIHolder {
     if (!contact) {
       return Promise.reject(Error("Missing contact in context"));
     }
-    const issuerCorrelationId = contact?.identities.filter((identity) => identity.roles.includes(import_ssi_sdk3.CredentialRole.ISSUER)).map((identity) => identity.identifier.correlationId)[0];
+    const issuerCorrelationId = contact?.identities.filter((identity) => identity.roles.includes(import_ssi_types2.CredentialRole.ISSUER)).map((identity) => identity.identifier.correlationId)[0];
     const branding = await context.agent.ibGetIssuerBranding({
       filter: [
         {
@@ -2811,16 +2803,7 @@ var OID4VCIHolder = class _OID4VCIHolder {
       if (Array.isArray(subjectIssuance?.notification_events_supported)) {
         event = subjectIssuance.notification_events_supported.includes("credential_accepted_holder_signed") ? "credential_accepted_holder_signed" : "credential_deleted_holder_signed";
         logger.log(`Subject issuance/signing will be used, with event`, event);
-        const credentialResponse = mappedCredentialToAccept.credentialToAccept.credentialResponse;
-        let issuerVC;
-        if ("credential" in credentialResponse) {
-          issuerVC = credentialResponse.credential;
-        } else if ("credentials" in credentialResponse && credentialResponse.credentials && Array.isArray(credentialResponse.credentials) && credentialResponse.credentials.length > 0) {
-          issuerVC = credentialResponse.credentials[0].credential;
-        }
-        if (!issuerVC) {
-          return Promise.reject(Error("No credential found in credential response"));
-        }
+        const issuerVC = extractCredentialFromResponse(mappedCredentialToAccept.credentialToAccept.credentialResponse);
         const wrappedIssuerVC = import_ssi_types2.CredentialMapper.toWrappedVerifiableCredential(issuerVC, {
           hasher: this.hasher ?? import_ssi_sdk2.defaultHasher
         });
@@ -2926,8 +2909,8 @@ var OID4VCIHolder = class _OID4VCIHolder {
           rawDocument: (0, import_ssi_sdk3.ensureRawDocument)(persistCredential),
           kmsKeyRef,
           identifierMethod: method,
-          credentialRole: import_ssi_sdk3.CredentialRole.HOLDER,
-          issuerCorrelationType: issuer?.startsWith("did:") ? import_ssi_sdk3.CredentialCorrelationType.DID : import_ssi_sdk3.CredentialCorrelationType.URL,
+          credentialRole: import_ssi_types2.CredentialRole.HOLDER,
+          issuerCorrelationType: issuer?.startsWith("did:") ? import_ssi_sdk4.CredentialCorrelationType.DID : import_ssi_sdk4.CredentialCorrelationType.URL,
           issuerCorrelationId: issuer,
           subjectCorrelationType,
           subjectCorrelationId
@@ -2995,12 +2978,12 @@ var OID4VCIHolder = class _OID4VCIHolder {
       case "did":
         if ((0, import_ssi_sdk_ext6.isManagedIdentifierResult)(identifier) && (0, import_ssi_sdk_ext6.isManagedIdentifierDidResult)(identifier)) {
           return [
-            import_ssi_sdk3.CredentialCorrelationType.DID,
+            import_ssi_sdk4.CredentialCorrelationType.DID,
             identifier.did
           ];
         } else if ((0, import_ssi_sdk_ext6.isManagedIdentifierDidOpts)(identifier)) {
           return [
-            import_ssi_sdk3.CredentialCorrelationType.DID,
+            import_ssi_sdk4.CredentialCorrelationType.DID,
             typeof identifier.identifier === "string" ? identifier.identifier : identifier.identifier.did
           ];
         }
@@ -3008,12 +2991,12 @@ var OID4VCIHolder = class _OID4VCIHolder {
       case "kid":
         if ((0, import_ssi_sdk_ext6.isManagedIdentifierResult)(identifier) && (0, import_ssi_sdk_ext6.isManagedIdentifierKidResult)(identifier)) {
           return [
-            import_ssi_sdk3.CredentialCorrelationType.KID,
+            import_ssi_sdk4.CredentialCorrelationType.KID,
             identifier.kid
           ];
         } else if ((0, import_ssi_sdk_ext6.isManagedIdentifierDidOpts)(identifier)) {
           return [
-            import_ssi_sdk3.CredentialCorrelationType.KID,
+            import_ssi_sdk4.CredentialCorrelationType.KID,
             identifier.identifier
           ];
         }
@@ -3021,19 +3004,19 @@ var OID4VCIHolder = class _OID4VCIHolder {
       case "x5c":
         if ((0, import_ssi_sdk_ext6.isManagedIdentifierResult)(identifier) && (0, import_ssi_sdk_ext6.isManagedIdentifierX5cResult)(identifier)) {
           return [
-            import_ssi_sdk3.CredentialCorrelationType.X509_SAN,
+            import_ssi_sdk4.CredentialCorrelationType.X509_SAN,
             identifier.x5c.join("\r\n")
           ];
         } else if ((0, import_ssi_sdk_ext6.isManagedIdentifierX5cOpts)(identifier)) {
           return [
-            import_ssi_sdk3.CredentialCorrelationType.X509_SAN,
+            import_ssi_sdk4.CredentialCorrelationType.X509_SAN,
             identifier.identifier.join("\r\n")
           ];
         }
         break;
     }
     return [
-      import_ssi_sdk3.CredentialCorrelationType.URL,
+      import_ssi_sdk4.CredentialCorrelationType.URL,
       issuer
     ];
   }
@@ -3092,9 +3075,9 @@ var OID4VCICallbackStateListener = /* @__PURE__ */ __name((callbacks) => {
 // src/link-handler/index.ts
 var import_oid4vci_client4 = require("@sphereon/oid4vci-client");
 var import_oid4vci_common5 = require("@sphereon/oid4vci-common");
-var import_ssi_sdk4 = require("@sphereon/ssi-sdk.core");
-var import_ssi_sdk5 = require("@sphereon/ssi-sdk.xstate-machine-persistence");
-var OID4VCIHolderLinkHandler = class extends import_ssi_sdk4.LinkHandlerAdapter {
+var import_ssi_sdk5 = require("@sphereon/ssi-sdk.core");
+var import_ssi_sdk6 = require("@sphereon/ssi-sdk.xstate-machine-persistence");
+var OID4VCIHolderLinkHandler = class extends import_ssi_sdk5.LinkHandlerAdapter {
   static {
     __name(this, "OID4VCIHolderLinkHandler");
   }
@@ -3154,7 +3137,7 @@ var OID4VCIHolderLinkHandler = class extends import_ssi_sdk4.LinkHandlerAdapter
     const interpreter = oid4vciMachine.interpreter;
     if (!opts?.machineState && this.context.agent.availableMethods().includes("machineStatesFindActive")) {
       const stateType = hasCode ? "existing" : "new";
-      await (0, import_ssi_sdk5.interpreterStartOrResume)({
+      await (0, import_ssi_sdk6.interpreterStartOrResume)({
         stateType,
         interpreter,
         context: this.context,