@sphereon/ssi-sdk.oid4vci-holder 0.34.1-feat.SSISDK.35.64 → 0.34.1-feature.DIIPv4.41

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@sphereon/ssi-sdk.oid4vci-holder",
-  "version": "0.34.1-feat.SSISDK.35.64+019dde38",
+  "version": "0.34.1-feature.DIIPv4.41+76a5bfab",
   "source": "src/index.ts",
   "type": "module",
   "main": "./dist/index.cjs",
@@ -26,41 +26,40 @@
     "build": "tsup --config ../../tsup.config.ts --tsconfig ../../tsconfig.tsup.json"
   },
   "dependencies": {
-    "@sphereon/did-auth-siop": "0.19.1-feature.SSISDK.13.32",
+    "@sphereon/did-auth-siop": "0.19.1-next.2",
     "@sphereon/kmp-mdoc-core": "0.2.0-SNAPSHOT.26",
-    "@sphereon/oid4vci-client": "0.19.1-feature.SSISDK.13.32",
-    "@sphereon/oid4vci-common": "0.19.1-feature.SSISDK.13.32",
-    "@sphereon/ssi-sdk-ext.did-utils": "0.34.1-feat.SSISDK.35.64+019dde38",
-    "@sphereon/ssi-sdk-ext.identifier-resolution": "0.34.1-feat.SSISDK.35.64+019dde38",
-    "@sphereon/ssi-sdk-ext.jwt-service": "0.34.1-feat.SSISDK.35.64+019dde38",
-    "@sphereon/ssi-sdk-ext.key-utils": "0.34.1-feat.SSISDK.35.64+019dde38",
-    "@sphereon/ssi-sdk.contact-manager": "0.34.1-feat.SSISDK.35.64+019dde38",
-    "@sphereon/ssi-sdk.core": "0.34.1-feat.SSISDK.35.64+019dde38",
-    "@sphereon/ssi-sdk.credential-store": "0.34.1-feat.SSISDK.35.64+019dde38",
-    "@sphereon/ssi-sdk.credential-validation": "0.34.1-feat.SSISDK.35.64+019dde38",
-    "@sphereon/ssi-sdk.data-store": "0.34.1-feat.SSISDK.35.64+019dde38",
-    "@sphereon/ssi-sdk.issuance-branding": "0.34.1-feat.SSISDK.35.64+019dde38",
-    "@sphereon/ssi-sdk.mdl-mdoc": "0.34.1-feat.SSISDK.35.64+019dde38",
-    "@sphereon/ssi-sdk.oidf-client": "0.34.1-feat.SSISDK.35.64+019dde38",
-    "@sphereon/ssi-sdk.sd-jwt": "0.34.1-feat.SSISDK.35.64+019dde38",
-    "@sphereon/ssi-sdk.siopv2-oid4vp-common": "0.34.1-feat.SSISDK.35.64+019dde38",
-    "@sphereon/ssi-sdk.siopv2-oid4vp-op-auth": "0.34.1-feat.SSISDK.35.64+019dde38",
-    "@sphereon/ssi-sdk.xstate-machine-persistence": "0.34.1-feat.SSISDK.35.64+019dde38",
-    "@sphereon/ssi-types": "0.34.1-feat.SSISDK.35.64+019dde38",
+    "@sphereon/oid4vci-client": "0.19.1-next.2",
+    "@sphereon/oid4vci-common": "0.19.1-next.2",
+    "@sphereon/ssi-sdk-ext.did-utils": "0.34.1-feature.DIIPv4.41+76a5bfab",
+    "@sphereon/ssi-sdk-ext.identifier-resolution": "0.34.1-feature.DIIPv4.41+76a5bfab",
+    "@sphereon/ssi-sdk-ext.jwt-service": "0.34.1-feature.DIIPv4.41+76a5bfab",
+    "@sphereon/ssi-sdk-ext.key-utils": "0.34.1-feature.DIIPv4.41+76a5bfab",
+    "@sphereon/ssi-sdk.contact-manager": "0.34.1-feature.DIIPv4.41+76a5bfab",
+    "@sphereon/ssi-sdk.core": "0.34.1-feature.DIIPv4.41+76a5bfab",
+    "@sphereon/ssi-sdk.credential-store": "0.34.1-feature.DIIPv4.41+76a5bfab",
+    "@sphereon/ssi-sdk.credential-validation": "0.34.1-feature.DIIPv4.41+76a5bfab",
+    "@sphereon/ssi-sdk.data-store": "0.34.1-feature.DIIPv4.41+76a5bfab",
+    "@sphereon/ssi-sdk.issuance-branding": "0.34.1-feature.DIIPv4.41+76a5bfab",
+    "@sphereon/ssi-sdk.mdl-mdoc": "0.34.1-feature.DIIPv4.41+76a5bfab",
+    "@sphereon/ssi-sdk.oidf-client": "0.34.1-feature.DIIPv4.41+76a5bfab",
+    "@sphereon/ssi-sdk.sd-jwt": "0.34.1-feature.DIIPv4.41+76a5bfab",
+    "@sphereon/ssi-sdk.siopv2-oid4vp-common": "0.34.1-feature.DIIPv4.41+76a5bfab",
+    "@sphereon/ssi-sdk.siopv2-oid4vp-op-auth": "0.34.1-feature.DIIPv4.41+76a5bfab",
+    "@sphereon/ssi-sdk.xstate-machine-persistence": "0.34.1-feature.DIIPv4.41+76a5bfab",
+    "@sphereon/ssi-types": "0.34.1-feature.DIIPv4.41+76a5bfab",
     "@veramo/core": "4.2.0",
     "@veramo/data-store": "4.2.0",
     "@veramo/utils": "4.2.0",
     "ajv": "^8.17.1",
     "ajv-formats": "^3.0.1",
-    "dcql": "1.0.1",
     "i18n-js": "^3.9.2",
     "lodash.memoize": "^4.1.2",
     "uuid": "^9.0.1",
     "xstate": "^4.38.3"
   },
   "devDependencies": {
-    "@sphereon/oid4vc-common": "0.19.1-feature.SSISDK.13.32",
-    "@sphereon/ssi-sdk-ext.did-resolver-jwk": "0.34.1-feat.SSISDK.35.64+019dde38",
+    "@sphereon/oid4vc-common": "0.19.1-next.2",
+    "@sphereon/ssi-sdk-ext.did-resolver-jwk": "0.34.1-feature.DIIPv4.41+76a5bfab",
     "@sphereon/ssi-sdk.siopv2-oid4vp-common": "workspace:*",
     "@types/i18n-js": "^3.8.9",
     "@types/lodash.memoize": "^4.1.9",
@@ -90,5 +89,5 @@
     "OID4VCI",
     "State Machine"
   ],
-  "gitHead": "019dde38f18f2d6c32621ecfe6e7ad9477c51c32"
+  "gitHead": "76a5bfabd8c8feb79b3ac823f19f5bc91e5bce3e"
 }

package/src/agent/OID4VCIHolder.ts

@@ -4,8 +4,8 @@ import {
   AuthorizationRequestOpts,
   AuthorizationServerClientOpts,
   AuthorizationServerOpts,
-  CredentialConfigurationSupportedJwtVcJsonLdAndLdpVcV1_0_15,
-  CredentialDefinitionJwtVcJsonLdAndLdpVcV1_0_15,
+  CredentialConfigurationSupportedJwtVcJsonLdAndLdpVcV1_0_13,
+  CredentialDefinitionJwtVcJsonLdAndLdpVcV1_0_13,
   CredentialOfferRequestWithBaseUrl,
   DefaultURISchemes,
   EndpointMetadataResult,
@@ -30,7 +30,6 @@ import {
 } from '@sphereon/ssi-sdk-ext.identifier-resolution'
 import { IJwtService, JwsHeader } from '@sphereon/ssi-sdk-ext.jwt-service'
 import { signatureAlgorithmFromKey } from '@sphereon/ssi-sdk-ext.key-utils'
-import { defaultHasher } from '@sphereon/ssi-sdk.core'
 import {
   ConnectionType,
   CorrelationIdentifierType,
@@ -74,18 +73,6 @@ import { asArray, computeEntryHash } from '@veramo/utils'
 import { decodeJWT } from 'did-jwt'
 import { v4 as uuidv4 } from 'uuid'
 import { OID4VCIMachine } from '../machines/oid4vciMachine'
-import {
-  getBasicIssuerLocaleBranding,
-  getCredentialBranding,
-  getCredentialConfigsSupportedMerged,
-  getIdentifierOpts,
-  getIssuanceOpts,
-  mapCredentialToAccept,
-  selectCredentialLocaleBranding,
-  startFirstPartApplicationMachine,
-  verifyCredentialToAccept,
-} from '../services/OID4VCIHolderService'
-import 'cross-fetch/polyfill'
 import {
   AddContactIdentityArgs,
   AssertValidCredentialsArgs,
@@ -124,6 +111,19 @@ import {
   VerifyEBSICredentialIssuerArgs,
   VerifyEBSICredentialIssuerResult,
 } from '../types/IOID4VCIHolder'
+import {
+  getBasicIssuerLocaleBranding,
+  getCredentialBranding,
+  getCredentialConfigsSupportedMerged,
+  getIdentifierOpts,
+  getIssuanceOpts,
+  mapCredentialToAccept,
+  selectCredentialLocaleBranding,
+  startFirstPartApplicationMachine,
+  verifyCredentialToAccept,
+} from '../services/OID4VCIHolderService'
+import 'cross-fetch/polyfill'
+import { defaultHasher } from '@sphereon/ssi-sdk.core'
 
 /**
  * {@inheritDoc IOID4VCIHolder}
@@ -151,7 +151,7 @@ export function signCallback(
   context: IAgentContext<IKeyManager & IDIDManager & IResolver & IIdentifierResolution & IJwtService>,
   nonce?: string,
 ) {
-  return async (jwt: Jwt, kid?: string, noIssPayloadUpdate?: boolean) => {
+  return async (jwt: Jwt, kid?: string) => {
     let resolution = await context.agent.identifierManagedGet(identifier)
     const jwk = jwt.header.jwk ?? (resolution.method === 'jwk' ? resolution.jwk : undefined)
     if (!resolution.issuer && !jwt.payload.iss) {
@@ -170,7 +170,7 @@ export function signCallback(
     }
     return (
       await context.agent.jwtCreateJwsCompactSignature({
-        issuer: { ...resolution, noIssPayloadUpdate: noIssPayloadUpdate ?? false },
+        issuer: { ...resolution, noIssPayloadUpdate: false },
         protectedHeader: header,
         payload,
       })
@@ -229,7 +229,7 @@ export class OID4VCIHolder implements IAgentPlugin {
     oid4vciHolderStoreIssuerBranding: this.oid4vciHolderStoreIssuerBranding.bind(this),
   }
 
-  private readonly vcFormatPreferences: Array<string> = ['dc+sd-jwt', 'vc+sd-jwt', 'mso_mdoc', 'jwt_vc_json', 'jwt_vc', 'ldp_vc']
+  private readonly vcFormatPreferences: Array<string> = ['vc+sd-jwt', 'mso_mdoc', 'jwt_vc_json', 'jwt_vc', 'ldp_vc']
   private readonly jsonldCryptographicSuitePreferences: Array<string> = [
     'Ed25519Signature2018',
     'EcdsaSecp256k1Signature2019',
@@ -939,21 +939,7 @@ export class OID4VCIHolder implements IAgentPlugin {
           ? 'credential_accepted_holder_signed'
           : 'credential_deleted_holder_signed'
         logger.log(`Subject issuance/signing will be used, with event`, event)
-        const credentialResponse = mappedCredentialToAccept.credentialToAccept.credentialResponse
-        let issuerVC
-        if ('credential' in credentialResponse) {
-          issuerVC = credentialResponse.credential as OriginalVerifiableCredential
-        } else if (
-          'credentials' in credentialResponse &&
-          credentialResponse.credentials &&
-          Array.isArray(credentialResponse.credentials) &&
-          credentialResponse.credentials.length > 0
-        ) {
-          issuerVC = credentialResponse.credentials[0].credential as OriginalVerifiableCredential // FIXME SSISDK-13
-        }
-        if (!issuerVC) {
-          return Promise.reject(Error('No credential found in credential response'))
-        }
+        const issuerVC = mappedCredentialToAccept.credentialToAccept.credentialResponse.credential as OriginalVerifiableCredential
         const wrappedIssuerVC = CredentialMapper.toWrappedVerifiableCredential(issuerVC, { hasher: this.hasher ?? defaultHasher })
         console.log(`Wrapped VC: ${wrappedIssuerVC.type}, ${wrappedIssuerVC.format}`)
         // We will use the subject of the VCI Issuer (the holder, as the issuer of the new credential, so the below is not a mistake!)
@@ -1183,9 +1169,9 @@ export class OID4VCIHolder implements IAgentPlugin {
     return undefined
   }
 
-  private getCredentialDefinition(issuanceOpt: IssuanceOpts): CredentialDefinitionJwtVcJsonLdAndLdpVcV1_0_15 | undefined {
+  private getCredentialDefinition(issuanceOpt: IssuanceOpts): CredentialDefinitionJwtVcJsonLdAndLdpVcV1_0_13 | undefined {
     if (issuanceOpt.format == 'ldp_vc' || issuanceOpt.format == 'jwt_vc_json-ld') {
-      return (issuanceOpt as CredentialConfigurationSupportedJwtVcJsonLdAndLdpVcV1_0_15).credential_definition
+      return (issuanceOpt as CredentialConfigurationSupportedJwtVcJsonLdAndLdpVcV1_0_13).credential_definition
     }
     return undefined
   }

package/src/services/OID4VCIHolderService.ts

@@ -2,7 +2,7 @@ import { LOG } from '@sphereon/oid4vci-client'
 import {
   CredentialConfigurationSupported,
   CredentialSupportedSdJwtVc,
-  CredentialConfigurationSupportedSdJwtVcV1_0_15,
+  CredentialConfigurationSupportedSdJwtVcV1_0_13,
   CredentialOfferFormatV1_0_11,
   CredentialResponse,
   getSupportedCredentials,
@@ -72,8 +72,8 @@ export const getCredentialBranding = async (args: GetCredentialBrandingArgs): Pr
   await Promise.all(
     Object.entries(credentialsSupported).map(async ([configId, credentialsConfigSupported]): Promise<void> => {
       let sdJwtTypeMetadata: SdJwtTypeMetadata | undefined
-      if (credentialsConfigSupported.format === 'dc+sd-jwt') {
-        const vct = (<CredentialSupportedSdJwtVc | CredentialConfigurationSupportedSdJwtVcV1_0_15>credentialsConfigSupported).vct
+      if (credentialsConfigSupported.format === 'vc+sd-jwt') {
+        const vct = (<CredentialSupportedSdJwtVc | CredentialConfigurationSupportedSdJwtVcV1_0_13>credentialsConfigSupported).vct
         if (vct.startsWith('http')) {
           try {
             sdJwtTypeMetadata = await context.agent.fetchSdJwtTypeMetadataFromVctUrl({ vct })
@@ -153,18 +153,7 @@ export const selectCredentialLocaleBranding = async (
 export const verifyCredentialToAccept = async (args: VerifyCredentialToAcceptArgs): Promise<VerificationResult> => {
   const { mappedCredential, hasher, onVerifyEBSICredentialIssuer, schemaValidation, context } = args
 
-  const credentialResponse = mappedCredential.credentialToAccept.credentialResponse
-  let credential
-  if ('credential' in credentialResponse) {
-    credential = credentialResponse.credential as OriginalVerifiableCredential
-  } else if (
-    'credentials' in credentialResponse &&
-    credentialResponse.credentials &&
-    Array.isArray(credentialResponse.credentials) &&
-    credentialResponse.credentials.length > 0
-  ) {
-    credential = credentialResponse.credentials[0].credential as OriginalVerifiableCredential // FIXME SSISDK-13 (no multi-credential support yet)
-  }
+  const credential = mappedCredential.credentialToAccept.credentialResponse.credential as OriginalVerifiableCredential
   if (!credential) {
     return Promise.reject(Error('No credential found in credential response'))
   }
@@ -217,17 +206,7 @@ export const mapCredentialToAccept = async (args: MapCredentialToAcceptArgs): Pr
   const { credentialToAccept, hasher } = args
 
   const credentialResponse: CredentialResponse = credentialToAccept.credentialResponse
-  let verifiableCredential: W3CVerifiableCredential | undefined
-  if ('credential' in credentialResponse) {
-    verifiableCredential = credentialResponse.credential
-  } else if (
-    'credentials' in credentialResponse &&
-    credentialResponse.credentials &&
-    Array.isArray(credentialResponse.credentials) &&
-    credentialResponse.credentials.length > 0
-  ) {
-    verifiableCredential = credentialResponse.credentials[0].credential // FIXME SSISDK-13 (no multi-credential support yet)
-  }
+  const verifiableCredential: W3CVerifiableCredential | undefined = credentialResponse.credential
   if (!verifiableCredential) {
     return Promise.reject(Error('No credential found in credential response'))
   }
@@ -602,7 +581,6 @@ export const getIssuanceCryptoSuite = async (opts: GetIssuanceCryptoSuiteArgs):
     case 'jwt_vc_json':
     case 'jwt_vc':
     case 'vc+sd-jwt':
-    case 'dc+sd-jwt':
     case 'mso_mdoc': {
       const supportedPreferences: Array<JoseSignatureAlgorithm | JoseSignatureAlgorithmString> = jwtCryptographicSuitePreferences.filter(
         (suite: JoseSignatureAlgorithm | JoseSignatureAlgorithmString) => signing_algs_supported.includes(suite),

package/src/types/FirstPartyMachine.ts

@@ -6,7 +6,6 @@ import { UniqueDigitalCredential } from '@sphereon/ssi-sdk.credential-store'
 import { AuthorizationChallengeCodeResponse } from '@sphereon/oid4vci-common'
 import { IIdentifier } from '@veramo/core'
 import { ErrorDetails, RequiredContext } from './IOID4VCIHolder'
-import { DcqlQuery } from 'dcql'
 
 export enum FirstPartyMachineStateTypes {
   sendAuthorizationChallengeRequest = 'sendAuthorizationChallengeRequest',
@@ -151,7 +150,6 @@ export type SiopV2AuthorizationRequestData = {
   clientId?: string
   entityId?: string
   presentationDefinitions?: PresentationDefinitionWithLocation[]
-  dcqlQuery: DcqlQuery
 }
 
 export type FirstPartyMachineNavigationArgs = {

package/src/types/IOID4VCIHolder.ts

@@ -7,7 +7,6 @@ import {
   CredentialConfigurationSupported,
   CredentialOfferRequestWithBaseUrl,
   CredentialResponse,
-  CredentialResponseV1_0_15,
   CredentialsSupportedDisplay,
   EndpointMetadataResult,
   ExperimentalSubjectIssuance,
@@ -378,7 +377,6 @@ export enum OID4VCIMachineGuards {
   requirePinGuard = 'oid4vciRequirePinGuard',
   requireAuthorizationGuard = 'oid4vciRequireAuthorizationGuard',
   noAuthorizationGuard = 'oid4vciNoAuthorizationGuard',
-  hasNonceEndpointGuard = 'oid4vciHasNonceEndpointGuard ',
   hasAuthorizationResponse = 'oid4vciHasAuthorizationResponse',
   hasNoContactIdentityGuard = 'oid4vciHasNoContactIdentityGuard',
   verificationCodeGuard = 'oid4vciVerificationCodeGuard',
@@ -503,7 +501,7 @@ export type CredentialToAccept = {
   id?: string
   types: string[]
   issuanceOpt: IssuanceOpts
-  credentialResponse: CredentialResponseV1_0_15 | CredentialResponse // FIXME SSISDK-13
+  credentialResponse: CredentialResponse
 }
 
 export type GetCredentialConfigsSupportedArgs = {