@sphereon/ssi-sdk.oid4vci-holder 0.34.1-feat.SSISDK.35.64 → 0.34.1-feature.DIIPv4.41

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (11) hide show
  1. package/dist/index.cjs +28 -51
  2. package/dist/index.cjs.map +1 -1
  3. package/dist/index.d.cts +3 -6
  4. package/dist/index.d.ts +3 -6
  5. package/dist/index.js +7 -30
  6. package/dist/index.js.map +1 -1
  7. package/package.json +24 -25
  8. package/src/agent/OID4VCIHolder.ts +21 -35
  9. package/src/services/OID4VCIHolderService.ts +5 -27
  10. package/src/types/FirstPartyMachine.ts +0 -2
  11. package/src/types/IOID4VCIHolder.ts +1 -3
package/dist/index.cjs CHANGED
@@ -139,8 +139,7 @@ var import_oid4vci_common4 = require("@sphereon/oid4vci-common");
139
139
  var import_ssi_sdk_ext5 = require("@sphereon/ssi-sdk-ext.did-utils");
140
140
  var import_ssi_sdk_ext6 = require("@sphereon/ssi-sdk-ext.identifier-resolution");
141
141
  var import_ssi_sdk_ext7 = require("@sphereon/ssi-sdk-ext.key-utils");
142
- var import_ssi_sdk2 = require("@sphereon/ssi-sdk.core");
143
- var import_ssi_sdk3 = require("@sphereon/ssi-sdk.data-store");
142
+ var import_ssi_sdk2 = require("@sphereon/ssi-sdk.data-store");
144
143
  var import_ssi_types2 = require("@sphereon/ssi-types");
145
144
  var import_utils2 = require("@veramo/utils");
146
145
  var import_did_jwt = require("did-jwt");
@@ -229,7 +228,6 @@ var OID4VCIMachineGuards = /* @__PURE__ */ (function(OID4VCIMachineGuards2) {
229
228
  OID4VCIMachineGuards2["requirePinGuard"] = "oid4vciRequirePinGuard";
230
229
  OID4VCIMachineGuards2["requireAuthorizationGuard"] = "oid4vciRequireAuthorizationGuard";
231
230
  OID4VCIMachineGuards2["noAuthorizationGuard"] = "oid4vciNoAuthorizationGuard";
232
- OID4VCIMachineGuards2["hasNonceEndpointGuard"] = "oid4vciHasNonceEndpointGuard ";
233
231
  OID4VCIMachineGuards2["hasAuthorizationResponse"] = "oid4vciHasAuthorizationResponse";
234
232
  OID4VCIMachineGuards2["hasNoContactIdentityGuard"] = "oid4vciHasNoContactIdentityGuard";
235
233
  OID4VCIMachineGuards2["verificationCodeGuard"] = "oid4vciVerificationCodeGuard";
@@ -1619,7 +1617,7 @@ var getCredentialBranding = /* @__PURE__ */ __name(async (args) => {
1619
1617
  const credentialBranding = {};
1620
1618
  await Promise.all(Object.entries(credentialsSupported).map(async ([configId, credentialsConfigSupported]) => {
1621
1619
  let sdJwtTypeMetadata;
1622
- if (credentialsConfigSupported.format === "dc+sd-jwt") {
1620
+ if (credentialsConfigSupported.format === "vc+sd-jwt") {
1623
1621
  const vct = credentialsConfigSupported.vct;
1624
1622
  if (vct.startsWith("http")) {
1625
1623
  try {
@@ -1685,13 +1683,7 @@ var selectCredentialLocaleBranding = /* @__PURE__ */ __name(async (args) => {
1685
1683
  }, "selectCredentialLocaleBranding");
1686
1684
  var verifyCredentialToAccept = /* @__PURE__ */ __name(async (args) => {
1687
1685
  const { mappedCredential, hasher, onVerifyEBSICredentialIssuer, schemaValidation, context } = args;
1688
- const credentialResponse = mappedCredential.credentialToAccept.credentialResponse;
1689
- let credential;
1690
- if ("credential" in credentialResponse) {
1691
- credential = credentialResponse.credential;
1692
- } else if ("credentials" in credentialResponse && credentialResponse.credentials && Array.isArray(credentialResponse.credentials) && credentialResponse.credentials.length > 0) {
1693
- credential = credentialResponse.credentials[0].credential;
1694
- }
1686
+ const credential = mappedCredential.credentialToAccept.credentialResponse.credential;
1695
1687
  if (!credential) {
1696
1688
  return Promise.reject(Error("No credential found in credential response"));
1697
1689
  }
@@ -1747,12 +1739,7 @@ var verifyCredentialToAccept = /* @__PURE__ */ __name(async (args) => {
1747
1739
  var mapCredentialToAccept = /* @__PURE__ */ __name(async (args) => {
1748
1740
  const { credentialToAccept, hasher } = args;
1749
1741
  const credentialResponse = credentialToAccept.credentialResponse;
1750
- let verifiableCredential;
1751
- if ("credential" in credentialResponse) {
1752
- verifiableCredential = credentialResponse.credential;
1753
- } else if ("credentials" in credentialResponse && credentialResponse.credentials && Array.isArray(credentialResponse.credentials) && credentialResponse.credentials.length > 0) {
1754
- verifiableCredential = credentialResponse.credentials[0].credential;
1755
- }
1742
+ const verifiableCredential = credentialResponse.credential;
1756
1743
  if (!verifiableCredential) {
1757
1744
  return Promise.reject(Error("No credential found in credential response"));
1758
1745
  }
@@ -2087,7 +2074,6 @@ var getIssuanceCryptoSuite = /* @__PURE__ */ __name(async (opts) => {
2087
2074
  case "jwt_vc_json":
2088
2075
  case "jwt_vc":
2089
2076
  case "vc+sd-jwt":
2090
- case "dc+sd-jwt":
2091
2077
  case "mso_mdoc": {
2092
2078
  const supportedPreferences = jwtCryptographicSuitePreferences.filter((suite) => signing_algs_supported.includes(suite));
2093
2079
  if (supportedPreferences.length > 0) {
@@ -2156,6 +2142,7 @@ var startFirstPartApplicationMachine = /* @__PURE__ */ __name(async (args, conte
2156
2142
 
2157
2143
  // src/agent/OID4VCIHolder.ts
2158
2144
  var import_polyfill = require("cross-fetch/polyfill");
2145
+ var import_ssi_sdk3 = require("@sphereon/ssi-sdk.core");
2159
2146
  var oid4vciHolderContextMethods = [
2160
2147
  "cmGetContacts",
2161
2148
  "cmGetContact",
@@ -2171,7 +2158,7 @@ var oid4vciHolderContextMethods = [
2171
2158
  ];
2172
2159
  var logger = import_ssi_types2.Loggers.DEFAULT.get("sphereon:oid4vci:holder");
2173
2160
  function signCallback(identifier, context, nonce) {
2174
- return async (jwt, kid, noIssPayloadUpdate) => {
2161
+ return async (jwt, kid) => {
2175
2162
  let resolution = await context.agent.identifierManagedGet(identifier);
2176
2163
  const jwk = jwt.header.jwk ?? (resolution.method === "jwk" ? resolution.jwk : void 0);
2177
2164
  if (!resolution.issuer && !jwt.payload.iss) {
@@ -2189,7 +2176,7 @@ function signCallback(identifier, context, nonce) {
2189
2176
  return (await context.agent.jwtCreateJwsCompactSignature({
2190
2177
  issuer: {
2191
2178
  ...resolution,
2192
- noIssPayloadUpdate: noIssPayloadUpdate ?? false
2179
+ noIssPayloadUpdate: false
2193
2180
  },
2194
2181
  protectedHeader: header,
2195
2182
  payload
@@ -2224,7 +2211,6 @@ var OID4VCIHolder = class _OID4VCIHolder {
2224
2211
  oid4vciHolderStoreIssuerBranding: this.oid4vciHolderStoreIssuerBranding.bind(this)
2225
2212
  };
2226
2213
  vcFormatPreferences = [
2227
- "dc+sd-jwt",
2228
2214
  "vc+sd-jwt",
2229
2215
  "mso_mdoc",
2230
2216
  "jwt_vc_json",
@@ -2258,7 +2244,7 @@ var OID4VCIHolder = class _OID4VCIHolder {
2258
2244
  onIdentifierCreated;
2259
2245
  onVerifyEBSICredentialIssuer;
2260
2246
  constructor(options) {
2261
- const { onContactIdentityCreated, onCredentialStored, onIdentifierCreated, onVerifyEBSICredentialIssuer, vcFormatPreferences, jsonldCryptographicSuitePreferences, didMethodPreferences, jwtCryptographicSuitePreferences, defaultAuthorizationRequestOptions, hasher = import_ssi_sdk2.defaultHasher } = {
2247
+ const { onContactIdentityCreated, onCredentialStored, onIdentifierCreated, onVerifyEBSICredentialIssuer, vcFormatPreferences, jsonldCryptographicSuitePreferences, didMethodPreferences, jwtCryptographicSuitePreferences, defaultAuthorizationRequestOptions, hasher = import_ssi_sdk3.defaultHasher } = {
2262
2248
  ...options
2263
2249
  };
2264
2250
  this.hasher = hasher;
@@ -2639,26 +2625,26 @@ var OID4VCIHolder = class _OID4VCIHolder {
2639
2625
  return Promise.reject(Error("Missing credential offers in context"));
2640
2626
  }
2641
2627
  let correlationId = credentialsToAccept[0].correlationId;
2642
- let identifierType = import_ssi_sdk3.CorrelationIdentifierType.DID;
2628
+ let identifierType = import_ssi_sdk2.CorrelationIdentifierType.DID;
2643
2629
  if (!correlationId.toLowerCase().startsWith("did:")) {
2644
- identifierType = import_ssi_sdk3.CorrelationIdentifierType.URL;
2630
+ identifierType = import_ssi_sdk2.CorrelationIdentifierType.URL;
2645
2631
  if (correlationId.startsWith("http")) {
2646
2632
  correlationId = new URL(correlationId).hostname;
2647
2633
  }
2648
2634
  }
2649
2635
  const identity = {
2650
2636
  alias: credentialsToAccept[0].correlationId,
2651
- origin: import_ssi_sdk3.IdentityOrigin.EXTERNAL,
2637
+ origin: import_ssi_sdk2.IdentityOrigin.EXTERNAL,
2652
2638
  roles: [
2653
- import_ssi_sdk3.CredentialRole.ISSUER
2639
+ import_ssi_sdk2.CredentialRole.ISSUER
2654
2640
  ],
2655
2641
  identifier: {
2656
2642
  type: identifierType,
2657
2643
  correlationId
2658
2644
  },
2659
- ...identifierType === import_ssi_sdk3.CorrelationIdentifierType.URL && {
2645
+ ...identifierType === import_ssi_sdk2.CorrelationIdentifierType.URL && {
2660
2646
  connection: {
2661
- type: import_ssi_sdk3.ConnectionType.OPENID_CONNECT,
2647
+ type: import_ssi_sdk2.ConnectionType.OPENID_CONNECT,
2662
2648
  config: {
2663
2649
  clientId: "138d7bf8-c930-4c6e-b928-97d3a4928b01",
2664
2650
  clientSecret: "03b3955f-d020-4f2a-8a27-4e452d4e27a0",
@@ -2685,7 +2671,7 @@ var OID4VCIHolder = class _OID4VCIHolder {
2685
2671
  }
2686
2672
  async oid4vciHolderGetIssuerBranding(args, context) {
2687
2673
  const { serverMetadata, contact } = args;
2688
- const issuerCorrelationId = contact?.identities.filter((identity) => identity.roles.includes(import_ssi_sdk3.CredentialRole.ISSUER)).map((identity) => identity.identifier.correlationId)[0];
2674
+ const issuerCorrelationId = contact?.identities.filter((identity) => identity.roles.includes(import_ssi_sdk2.CredentialRole.ISSUER)).map((identity) => identity.identifier.correlationId)[0];
2689
2675
  if (issuerCorrelationId) {
2690
2676
  const branding = await context.agent.ibGetIssuerBranding({
2691
2677
  filter: [
@@ -2715,7 +2701,7 @@ var OID4VCIHolder = class _OID4VCIHolder {
2715
2701
  if (!contact) {
2716
2702
  return Promise.reject(Error("Missing contact in context"));
2717
2703
  }
2718
- const issuerCorrelationId = contact?.identities.filter((identity) => identity.roles.includes(import_ssi_sdk3.CredentialRole.ISSUER)).map((identity) => identity.identifier.correlationId)[0];
2704
+ const issuerCorrelationId = contact?.identities.filter((identity) => identity.roles.includes(import_ssi_sdk2.CredentialRole.ISSUER)).map((identity) => identity.identifier.correlationId)[0];
2719
2705
  const branding = await context.agent.ibGetIssuerBranding({
2720
2706
  filter: [
2721
2707
  {
@@ -2811,18 +2797,9 @@ var OID4VCIHolder = class _OID4VCIHolder {
2811
2797
  if (Array.isArray(subjectIssuance?.notification_events_supported)) {
2812
2798
  event = subjectIssuance.notification_events_supported.includes("credential_accepted_holder_signed") ? "credential_accepted_holder_signed" : "credential_deleted_holder_signed";
2813
2799
  logger.log(`Subject issuance/signing will be used, with event`, event);
2814
- const credentialResponse = mappedCredentialToAccept.credentialToAccept.credentialResponse;
2815
- let issuerVC;
2816
- if ("credential" in credentialResponse) {
2817
- issuerVC = credentialResponse.credential;
2818
- } else if ("credentials" in credentialResponse && credentialResponse.credentials && Array.isArray(credentialResponse.credentials) && credentialResponse.credentials.length > 0) {
2819
- issuerVC = credentialResponse.credentials[0].credential;
2820
- }
2821
- if (!issuerVC) {
2822
- return Promise.reject(Error("No credential found in credential response"));
2823
- }
2800
+ const issuerVC = mappedCredentialToAccept.credentialToAccept.credentialResponse.credential;
2824
2801
  const wrappedIssuerVC = import_ssi_types2.CredentialMapper.toWrappedVerifiableCredential(issuerVC, {
2825
- hasher: this.hasher ?? import_ssi_sdk2.defaultHasher
2802
+ hasher: this.hasher ?? import_ssi_sdk3.defaultHasher
2826
2803
  });
2827
2804
  console.log(`Wrapped VC: ${wrappedIssuerVC.type}, ${wrappedIssuerVC.format}`);
2828
2805
  let issuer;
@@ -2923,11 +2900,11 @@ var OID4VCIHolder = class _OID4VCIHolder {
2923
2900
  const [subjectCorrelationType, subjectCorrelationId] = this.determineSubjectCorrelation(issuanceOpt.identifier, issuer);
2924
2901
  const persistedCredential = await context.agent.crsAddCredential({
2925
2902
  credential: {
2926
- rawDocument: (0, import_ssi_sdk3.ensureRawDocument)(persistCredential),
2903
+ rawDocument: (0, import_ssi_sdk2.ensureRawDocument)(persistCredential),
2927
2904
  kmsKeyRef,
2928
2905
  identifierMethod: method,
2929
- credentialRole: import_ssi_sdk3.CredentialRole.HOLDER,
2930
- issuerCorrelationType: issuer?.startsWith("did:") ? import_ssi_sdk3.CredentialCorrelationType.DID : import_ssi_sdk3.CredentialCorrelationType.URL,
2906
+ credentialRole: import_ssi_sdk2.CredentialRole.HOLDER,
2907
+ issuerCorrelationType: issuer?.startsWith("did:") ? import_ssi_sdk2.CredentialCorrelationType.DID : import_ssi_sdk2.CredentialCorrelationType.URL,
2931
2908
  issuerCorrelationId: issuer,
2932
2909
  subjectCorrelationType,
2933
2910
  subjectCorrelationId
@@ -2995,12 +2972,12 @@ var OID4VCIHolder = class _OID4VCIHolder {
2995
2972
  case "did":
2996
2973
  if ((0, import_ssi_sdk_ext6.isManagedIdentifierResult)(identifier) && (0, import_ssi_sdk_ext6.isManagedIdentifierDidResult)(identifier)) {
2997
2974
  return [
2998
- import_ssi_sdk3.CredentialCorrelationType.DID,
2975
+ import_ssi_sdk2.CredentialCorrelationType.DID,
2999
2976
  identifier.did
3000
2977
  ];
3001
2978
  } else if ((0, import_ssi_sdk_ext6.isManagedIdentifierDidOpts)(identifier)) {
3002
2979
  return [
3003
- import_ssi_sdk3.CredentialCorrelationType.DID,
2980
+ import_ssi_sdk2.CredentialCorrelationType.DID,
3004
2981
  typeof identifier.identifier === "string" ? identifier.identifier : identifier.identifier.did
3005
2982
  ];
3006
2983
  }
@@ -3008,12 +2985,12 @@ var OID4VCIHolder = class _OID4VCIHolder {
3008
2985
  case "kid":
3009
2986
  if ((0, import_ssi_sdk_ext6.isManagedIdentifierResult)(identifier) && (0, import_ssi_sdk_ext6.isManagedIdentifierKidResult)(identifier)) {
3010
2987
  return [
3011
- import_ssi_sdk3.CredentialCorrelationType.KID,
2988
+ import_ssi_sdk2.CredentialCorrelationType.KID,
3012
2989
  identifier.kid
3013
2990
  ];
3014
2991
  } else if ((0, import_ssi_sdk_ext6.isManagedIdentifierDidOpts)(identifier)) {
3015
2992
  return [
3016
- import_ssi_sdk3.CredentialCorrelationType.KID,
2993
+ import_ssi_sdk2.CredentialCorrelationType.KID,
3017
2994
  identifier.identifier
3018
2995
  ];
3019
2996
  }
@@ -3021,19 +2998,19 @@ var OID4VCIHolder = class _OID4VCIHolder {
3021
2998
  case "x5c":
3022
2999
  if ((0, import_ssi_sdk_ext6.isManagedIdentifierResult)(identifier) && (0, import_ssi_sdk_ext6.isManagedIdentifierX5cResult)(identifier)) {
3023
3000
  return [
3024
- import_ssi_sdk3.CredentialCorrelationType.X509_SAN,
3001
+ import_ssi_sdk2.CredentialCorrelationType.X509_SAN,
3025
3002
  identifier.x5c.join("\r\n")
3026
3003
  ];
3027
3004
  } else if ((0, import_ssi_sdk_ext6.isManagedIdentifierX5cOpts)(identifier)) {
3028
3005
  return [
3029
- import_ssi_sdk3.CredentialCorrelationType.X509_SAN,
3006
+ import_ssi_sdk2.CredentialCorrelationType.X509_SAN,
3030
3007
  identifier.identifier.join("\r\n")
3031
3008
  ];
3032
3009
  }
3033
3010
  break;
3034
3011
  }
3035
3012
  return [
3036
- import_ssi_sdk3.CredentialCorrelationType.URL,
3013
+ import_ssi_sdk2.CredentialCorrelationType.URL,
3037
3014
  issuer
3038
3015
  ];
3039
3016
  }