npm - @sphereon/ssi-sdk.oid4vci-holder - Versions diffs - 0.34.1-feature.FIDES.1.274 → 0.34.1-feature.IDK.11.49 - Mend

@sphereon/ssi-sdk.oid4vci-holder 0.34.1-feature.FIDES.1.274 → 0.34.1-feature.IDK.11.49

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (14) hide show

package/dist/index.cjs +419 -425
package/dist/index.cjs.map +1 -1
package/dist/index.d.cts +7 -10
package/dist/index.d.ts +7 -10
package/dist/index.js +513 -519
package/dist/index.js.map +1 -1
package/package.json +24 -25
package/src/agent/OID4VCIHolder.ts +34 -35
package/src/machines/firstPartyMachine.ts +1 -1
package/src/machines/oid4vciMachine.ts +1 -1
package/src/mappers/OIDC4VCIBrandingMapper.ts +1 -1
package/src/services/OID4VCIHolderService.ts +45 -46
package/src/types/FirstPartyMachine.ts +5 -6
package/src/types/IOID4VCIHolder.ts +2 -4

package/dist/index.cjs CHANGED Viewed

@@ -100,7 +100,6 @@ __export(index_exports, {
   RequestType: () => RequestType,
   SupportedLanguage: () => SupportedLanguage,
   createConfig: () => createConfig,
-  extractCredentialFromResponse: () => extractCredentialFromResponse,
   getBasicIssuerLocaleBranding: () => getBasicIssuerLocaleBranding,
   getCredentialBranding: () => getCredentialBranding,
   getCredentialConfigsBasedOnFormatPref: () => getCredentialConfigsBasedOnFormatPref,
@@ -140,12 +139,9 @@ var import_oid4vci_common4 = require("@sphereon/oid4vci-common");
 var import_ssi_sdk_ext5 = require("@sphereon/ssi-sdk-ext.did-utils");
 var import_ssi_sdk_ext6 = require("@sphereon/ssi-sdk-ext.identifier-resolution");
 var import_ssi_sdk_ext7 = require("@sphereon/ssi-sdk-ext.key-utils");
-var import_ssi_sdk2 = require("@sphereon/ssi-sdk.core");
-var import_ssi_sdk3 = require("@sphereon/ssi-sdk.data-store-types");
-var import_ssi_sdk4 = require("@sphereon/ssi-sdk.data-store-types");
+var import_ssi_sdk2 = require("@sphereon/ssi-sdk.data-store");
 var import_ssi_types2 = require("@sphereon/ssi-types");
 var import_utils2 = require("@veramo/utils");
-var import_cross_fetch = __toESM(require("cross-fetch"), 1);
 var import_did_jwt = require("did-jwt");
 var import_uuid2 = require("uuid");
@@ -232,7 +228,6 @@ var OID4VCIMachineGuards = /* @__PURE__ */ (function(OID4VCIMachineGuards2) {
   OID4VCIMachineGuards2["requirePinGuard"] = "oid4vciRequirePinGuard";
   OID4VCIMachineGuards2["requireAuthorizationGuard"] = "oid4vciRequireAuthorizationGuard";
   OID4VCIMachineGuards2["noAuthorizationGuard"] = "oid4vciNoAuthorizationGuard";
-  OID4VCIMachineGuards2["hasNonceEndpointGuard"] = "oid4vciHasNonceEndpointGuard ";
   OID4VCIMachineGuards2["hasAuthorizationResponse"] = "oid4vciHasAuthorizationResponse";
   OID4VCIMachineGuards2["hasNoContactIdentityGuard"] = "oid4vciHasNoContactIdentityGuard";
   OID4VCIMachineGuards2["verificationCodeGuard"] = "oid4vciVerificationCodeGuard";
@@ -1065,295 +1060,9 @@ var import_ssi_sdk_ext = require("@sphereon/ssi-sdk-ext.did-resolver-jwk");
 var import_ssi_sdk_ext2 = require("@sphereon/ssi-sdk-ext.did-utils");
 var import_ssi_sdk_ext3 = require("@sphereon/ssi-sdk-ext.identifier-resolution");
 var import_ssi_sdk_ext4 = require("@sphereon/ssi-sdk-ext.key-utils");
-var import_ssi_sdk = require("@sphereon/ssi-sdk.core");
 var import_ssi_types = require("@sphereon/ssi-types");
 var import_utils = require("@veramo/utils");
-// src/machines/firstPartyMachine.ts
-var import_xstate2 = require("xstate");
-var import_oid4vci_common2 = require("@sphereon/oid4vci-common");
-// src/services/FirstPartyMachineServices.ts
-var import_oid4vci_client = require("@sphereon/oid4vci-client");
-var import_uuid = require("uuid");
-var sendAuthorizationChallengeRequest = /* @__PURE__ */ __name(async (args) => {
-  const { openID4VCIClientState, authSession, presentationDuringIssuanceSession } = args;
-  const oid4vciClient = await import_oid4vci_client.OpenID4VCIClient.fromState({
-    state: openID4VCIClientState
-  });
-  return oid4vciClient.acquireAuthorizationChallengeCode({
-    clientId: oid4vciClient.clientId ?? (0, import_uuid.v4)(),
-    ...authSession && {
-      authSession
-    },
-    ...!authSession && openID4VCIClientState.credentialOffer?.preAuthorizedCode && {
-      issuerState: openID4VCIClientState.credentialOffer?.preAuthorizedCode
-    },
-    ...!authSession && openID4VCIClientState.credentialOffer?.issuerState && {
-      issuerState: openID4VCIClientState.credentialOffer?.issuerState
-    },
-    ...presentationDuringIssuanceSession && {
-      presentationDuringIssuanceSession
-    }
-  });
-}, "sendAuthorizationChallengeRequest");
-var createConfig = /* @__PURE__ */ __name(async (args, context) => {
-  const { presentationUri } = args;
-  if (!presentationUri) {
-    return Promise.reject(Error("Missing presentation uri in context"));
-  }
-  return context.agent.siopCreateConfig({
-    url: presentationUri
-  });
-}, "createConfig");
-var getSiopRequest = /* @__PURE__ */ __name(async (args, context) => {
-  const { didAuthConfig, presentationUri } = args;
-  if (presentationUri === void 0) {
-    return Promise.reject(Error("Missing presentation uri in context"));
-  }
-  if (didAuthConfig === void 0) {
-    return Promise.reject(Error("Missing did auth config in context"));
-  }
-  return context.agent.siopGetSiopRequest({
-    didAuthConfig,
-    url: presentationUri
-  });
-}, "getSiopRequest");
-var sendAuthorizationResponse = /* @__PURE__ */ __name(async (args, context) => {
-  const { didAuthConfig, authorizationRequestData, selectedCredentials } = args;
-  const responseData = await context.agent.siopSendResponse({
-    authorizationRequestData,
-    selectedCredentials,
-    didAuthConfig,
-    isFirstParty: true
-  });
-  return responseData.body.presentation_during_issuance_session;
-}, "sendAuthorizationResponse");
-// src/machines/firstPartyMachine.ts
-var firstPartyMachineStates = {
-  [FirstPartyMachineStateTypes.sendAuthorizationChallengeRequest]: {
-    id: FirstPartyMachineStateTypes.sendAuthorizationChallengeRequest,
-    invoke: {
-      src: FirstPartyMachineServices.sendAuthorizationChallengeRequest,
-      onDone: {
-        target: FirstPartyMachineStateTypes.done,
-        actions: (0, import_xstate2.assign)({
-          authorizationCodeResponse: /* @__PURE__ */ __name((_ctx, _event) => _event.data, "authorizationCodeResponse")
-        })
-      },
-      onError: [
-        {
-          target: FirstPartyMachineStateTypes.createConfig,
-          cond: /* @__PURE__ */ __name((_ctx, _event) => _event.data.error === import_oid4vci_common2.AuthorizationChallengeError.insufficient_authorization, "cond"),
-          actions: (0, import_xstate2.assign)({
-            authSession: /* @__PURE__ */ __name((_ctx, _event) => _event.data.auth_session, "authSession"),
-            presentationUri: /* @__PURE__ */ __name((_ctx, _event) => _event.data.presentation, "presentationUri")
-          })
-        },
-        {
-          target: FirstPartyMachineStateTypes.error,
-          actions: (0, import_xstate2.assign)({
-            error: /* @__PURE__ */ __name((_ctx, _event) => ({
-              title: translate("oid4vci_machine_send_authorization_challenge_request_error_title"),
-              message: _event.data.message,
-              stack: _event.data.stack
-            }), "error")
-          })
-        }
-      ]
-    }
-  },
-  [FirstPartyMachineStateTypes.createConfig]: {
-    id: FirstPartyMachineStateTypes.createConfig,
-    invoke: {
-      src: FirstPartyMachineServices.createConfig,
-      onDone: {
-        target: FirstPartyMachineStateTypes.getSiopRequest,
-        actions: (0, import_xstate2.assign)({
-          didAuthConfig: /* @__PURE__ */ __name((_ctx, _event) => _event.data, "didAuthConfig")
-        })
-      },
-      onError: {
-        target: FirstPartyMachineStateTypes.error,
-        actions: (0, import_xstate2.assign)({
-          error: /* @__PURE__ */ __name((_ctx, _event) => ({
-            title: translate("oid4vci_machine_create_config_error_title"),
-            message: _event.data.message,
-            stack: _event.data.stack
-          }), "error")
-        })
-      }
-    }
-  },
-  [FirstPartyMachineStateTypes.getSiopRequest]: {
-    id: FirstPartyMachineStateTypes.getSiopRequest,
-    invoke: {
-      src: FirstPartyMachineServices.getSiopRequest,
-      onDone: {
-        target: FirstPartyMachineStateTypes.selectCredentials,
-        actions: (0, import_xstate2.assign)({
-          authorizationRequestData: /* @__PURE__ */ __name((_ctx, _event) => _event.data, "authorizationRequestData")
-        })
-      },
-      onError: {
-        target: FirstPartyMachineStateTypes.error,
-        actions: (0, import_xstate2.assign)({
-          error: /* @__PURE__ */ __name((_ctx, _event) => ({
-            title: translate("siopV2_machine_get_request_error_title"),
-            message: _event.data.message,
-            stack: _event.data.stack
-          }), "error")
-        })
-      }
-    }
-  },
-  [FirstPartyMachineStateTypes.selectCredentials]: {
-    id: FirstPartyMachineStateTypes.selectCredentials,
-    on: {
-      [FirstPartyMachineEvents.SET_SELECTED_CREDENTIALS]: {
-        actions: (0, import_xstate2.assign)({
-          selectedCredentials: /* @__PURE__ */ __name((_ctx, _event) => _event.data, "selectedCredentials")
-        })
-      },
-      [FirstPartyMachineEvents.NEXT]: {
-        target: FirstPartyMachineStateTypes.sendAuthorizationResponse
-      },
-      [FirstPartyMachineEvents.DECLINE]: {
-        target: FirstPartyMachineStateTypes.declined
-      },
-      [FirstPartyMachineEvents.PREVIOUS]: {
-        target: FirstPartyMachineStateTypes.aborted
-      }
-    }
-  },
-  [FirstPartyMachineStateTypes.sendAuthorizationResponse]: {
-    id: FirstPartyMachineStateTypes.sendAuthorizationResponse,
-    invoke: {
-      src: FirstPartyMachineServices.sendAuthorizationResponse,
-      onDone: {
-        target: FirstPartyMachineStateTypes.sendAuthorizationChallengeRequest,
-        actions: (0, import_xstate2.assign)({
-          presentationDuringIssuanceSession: /* @__PURE__ */ __name((_ctx, _event) => _event.data, "presentationDuringIssuanceSession")
-        })
-      },
-      onError: {
-        target: FirstPartyMachineStateTypes.error,
-        actions: (0, import_xstate2.assign)({
-          error: /* @__PURE__ */ __name((_ctx, _event) => ({
-            title: translate("oid4vci_machine_get_request_error_title"),
-            message: _event.data.message,
-            stack: _event.data.stack
-          }), "error")
-        })
-      }
-    }
-  },
-  [FirstPartyMachineStateTypes.aborted]: {
-    id: FirstPartyMachineStateTypes.aborted,
-    type: "final"
-  },
-  [FirstPartyMachineStateTypes.declined]: {
-    id: FirstPartyMachineStateTypes.declined,
-    type: "final"
-  },
-  [FirstPartyMachineStateTypes.error]: {
-    id: FirstPartyMachineStateTypes.error,
-    type: "final"
-  },
-  [FirstPartyMachineStateTypes.done]: {
-    id: FirstPartyMachineStateTypes.done,
-    type: "final"
-  }
-};
-var createFirstPartyActivationMachine = /* @__PURE__ */ __name((opts) => {
-  const initialContext = {
-    openID4VCIClientState: opts.openID4VCIClientState,
-    contact: opts.contact,
-    selectedCredentials: []
-  };
-  return (0, import_xstate2.createMachine)({
-    id: opts?.machineId ?? "FirstParty",
-    predictableActionArguments: true,
-    initial: FirstPartyMachineStateTypes.sendAuthorizationChallengeRequest,
-    context: initialContext,
-    states: firstPartyMachineStates,
-    schema: {
-      events: {},
-      services: {}
-    }
-  });
-}, "createFirstPartyActivationMachine");
-var FirstPartyMachine = class _FirstPartyMachine {
-  static {
-    __name(this, "FirstPartyMachine");
-  }
-  static _instance;
-  static hasInstance() {
-    return _FirstPartyMachine._instance !== void 0;
-  }
-  static get instance() {
-    if (!_FirstPartyMachine._instance) {
-      throw Error("Please initialize ESIMActivation machine first");
-    }
-    return _FirstPartyMachine._instance;
-  }
-  static clearInstance(opts) {
-    const { stop } = opts;
-    if (_FirstPartyMachine.hasInstance()) {
-      if (stop) {
-        _FirstPartyMachine.stopInstance();
-      }
-    }
-    _FirstPartyMachine._instance = void 0;
-  }
-  static stopInstance() {
-    if (!_FirstPartyMachine.hasInstance()) {
-      return;
-    }
-    _FirstPartyMachine.instance.stop();
-    _FirstPartyMachine._instance = void 0;
-  }
-  static newInstance(opts) {
-    const { agentContext } = opts;
-    const services = {
-      [FirstPartyMachineServices.sendAuthorizationChallengeRequest]: sendAuthorizationChallengeRequest,
-      [FirstPartyMachineServices.createConfig]: (args) => createConfig(args, agentContext),
-      [FirstPartyMachineServices.getSiopRequest]: (args) => getSiopRequest(args, agentContext),
-      [FirstPartyMachineServices.sendAuthorizationResponse]: (args) => sendAuthorizationResponse(args, agentContext)
-    };
-    const newInst = (0, import_xstate2.interpret)(createFirstPartyActivationMachine(opts).withConfig({
-      services: {
-        ...services,
-        ...opts?.services
-      },
-      guards: {
-        ...opts?.guards
-      }
-    }));
-    if (typeof opts?.subscription === "function") {
-      newInst.onTransition(opts.subscription);
-    }
-    if (opts?.requireCustomNavigationHook !== true) {
-      newInst.onTransition((snapshot) => {
-        if (opts?.stateNavigationListener) {
-          void opts.stateNavigationListener(newInst, snapshot);
-        }
-      });
-    }
-    return newInst;
-  }
-  static getInstance(opts) {
-    if (!_FirstPartyMachine._instance) {
-      if (opts?.requireExisting === true) {
-        throw Error(`Existing FirstPartyMachine instance requested, but none was created at this point!`);
-      }
-      _FirstPartyMachine._instance = _FirstPartyMachine.newInstance(opts);
-    }
-    return _FirstPartyMachine._instance;
-  }
-};
 // src/mappers/OIDC4VCIBrandingMapper.ts
 var oid4vciGetCredentialBrandingFrom = /* @__PURE__ */ __name(async (args) => {
   const { credentialDisplay, issuerCredentialSubject } = args;
@@ -1532,97 +1241,383 @@ var sdJwtCredentialLocaleBrandingFrom = /* @__PURE__ */ __name(async (args) => {
           alt: credentialDisplay.rendering.simple.logo.alt_text
         }
       }
-    },
-    ...credentialDisplay.description && {
-      description: credentialDisplay.description
-    },
-    ...credentialDisplay.rendering?.simple?.text_color && {
-      text: {
-        color: credentialDisplay.rendering.simple.text_color
+    },
+    ...credentialDisplay.description && {
+      description: credentialDisplay.description
+    },
+    ...credentialDisplay.rendering?.simple?.text_color && {
+      text: {
+        color: credentialDisplay.rendering.simple.text_color
+      }
+    },
+    ...credentialDisplay.rendering?.simple?.background_color && {
+      background: {
+        color: credentialDisplay.rendering.simple.background_color
+      }
+    }
+  };
+}, "sdJwtCredentialLocaleBrandingFrom");
+var sdJwtCombineDisplayLocalesFrom = /* @__PURE__ */ __name(async (args) => {
+  const { credentialDisplayLocales = /* @__PURE__ */ new Map(), claimsMetadata = /* @__PURE__ */ new Map() } = args;
+  const locales = Array.from(/* @__PURE__ */ new Set([
+    ...claimsMetadata.keys(),
+    ...credentialDisplayLocales.keys()
+  ]));
+  return Promise.all(locales.map(async (locale) => {
+    const display = credentialDisplayLocales.get(locale);
+    const claims = claimsMetadata.get(locale);
+    return {
+      ...display && await sdJwtCredentialLocaleBrandingFrom({
+        credentialDisplay: display
+      }),
+      ...locale.length > 0 && {
+        locale
+      },
+      claims
+    };
+  }));
+}, "sdJwtCombineDisplayLocalesFrom");
+var issuerLocaleBrandingFrom = /* @__PURE__ */ __name(async (args) => {
+  const { issuerDisplay, dynamicRegistrationClientMetadata } = args;
+  return {
+    ...dynamicRegistrationClientMetadata?.client_name && {
+      alias: dynamicRegistrationClientMetadata.client_name
+    },
+    ...issuerDisplay.name && {
+      alias: issuerDisplay.name
+    },
+    ...issuerDisplay.locale && {
+      locale: issuerDisplay.locale
+    },
+    ...(issuerDisplay.logo || dynamicRegistrationClientMetadata?.logo_uri) && {
+      logo: {
+        ...dynamicRegistrationClientMetadata?.logo_uri && {
+          uri: dynamicRegistrationClientMetadata?.logo_uri
+        },
+        ...(issuerDisplay.logo?.url || issuerDisplay.logo?.uri) && {
+          uri: issuerDisplay.logo?.url ?? issuerDisplay.logo?.uri
+        },
+        ...issuerDisplay.logo?.alt_text && {
+          alt: issuerDisplay.logo?.alt_text
+        }
+      }
+    },
+    ...issuerDisplay.description && {
+      description: issuerDisplay.description
+    },
+    ...issuerDisplay.text_color && {
+      text: {
+        color: issuerDisplay.text_color
+      }
+    },
+    ...dynamicRegistrationClientMetadata?.client_uri && {
+      clientUri: dynamicRegistrationClientMetadata.client_uri
+    },
+    ...dynamicRegistrationClientMetadata?.tos_uri && {
+      tosUri: dynamicRegistrationClientMetadata.tos_uri
+    },
+    ...dynamicRegistrationClientMetadata?.policy_uri && {
+      policyUri: dynamicRegistrationClientMetadata.policy_uri
+    },
+    ...dynamicRegistrationClientMetadata?.contacts && {
+      contacts: dynamicRegistrationClientMetadata.contacts
+    }
+  };
+}, "issuerLocaleBrandingFrom");
+// src/machines/firstPartyMachine.ts
+var import_xstate2 = require("xstate");
+var import_oid4vci_common2 = require("@sphereon/oid4vci-common");
+// src/services/FirstPartyMachineServices.ts
+var import_oid4vci_client = require("@sphereon/oid4vci-client");
+var import_uuid = require("uuid");
+var sendAuthorizationChallengeRequest = /* @__PURE__ */ __name(async (args) => {
+  const { openID4VCIClientState, authSession, presentationDuringIssuanceSession } = args;
+  const oid4vciClient = await import_oid4vci_client.OpenID4VCIClient.fromState({
+    state: openID4VCIClientState
+  });
+  return oid4vciClient.acquireAuthorizationChallengeCode({
+    clientId: oid4vciClient.clientId ?? (0, import_uuid.v4)(),
+    ...authSession && {
+      authSession
+    },
+    ...!authSession && openID4VCIClientState.credentialOffer?.preAuthorizedCode && {
+      issuerState: openID4VCIClientState.credentialOffer?.preAuthorizedCode
+    },
+    ...!authSession && openID4VCIClientState.credentialOffer?.issuerState && {
+      issuerState: openID4VCIClientState.credentialOffer?.issuerState
+    },
+    ...presentationDuringIssuanceSession && {
+      presentationDuringIssuanceSession
+    }
+  });
+}, "sendAuthorizationChallengeRequest");
+var createConfig = /* @__PURE__ */ __name(async (args, context) => {
+  const { presentationUri } = args;
+  if (!presentationUri) {
+    return Promise.reject(Error("Missing presentation uri in context"));
+  }
+  return context.agent.siopCreateConfig({
+    url: presentationUri
+  });
+}, "createConfig");
+var getSiopRequest = /* @__PURE__ */ __name(async (args, context) => {
+  const { didAuthConfig, presentationUri } = args;
+  if (presentationUri === void 0) {
+    return Promise.reject(Error("Missing presentation uri in context"));
+  }
+  if (didAuthConfig === void 0) {
+    return Promise.reject(Error("Missing did auth config in context"));
+  }
+  return context.agent.siopGetSiopRequest({
+    didAuthConfig,
+    url: presentationUri
+  });
+}, "getSiopRequest");
+var sendAuthorizationResponse = /* @__PURE__ */ __name(async (args, context) => {
+  const { didAuthConfig, authorizationRequestData, selectedCredentials } = args;
+  const responseData = await context.agent.siopSendResponse({
+    authorizationRequestData,
+    selectedCredentials,
+    didAuthConfig,
+    isFirstParty: true
+  });
+  return responseData.body.presentation_during_issuance_session;
+}, "sendAuthorizationResponse");
+// src/machines/firstPartyMachine.ts
+var firstPartyMachineStates = {
+  [FirstPartyMachineStateTypes.sendAuthorizationChallengeRequest]: {
+    id: FirstPartyMachineStateTypes.sendAuthorizationChallengeRequest,
+    invoke: {
+      src: FirstPartyMachineServices.sendAuthorizationChallengeRequest,
+      onDone: {
+        target: FirstPartyMachineStateTypes.done,
+        actions: (0, import_xstate2.assign)({
+          authorizationCodeResponse: /* @__PURE__ */ __name((_ctx, _event) => _event.data, "authorizationCodeResponse")
+        })
+      },
+      onError: [
+        {
+          target: FirstPartyMachineStateTypes.createConfig,
+          cond: /* @__PURE__ */ __name((_ctx, _event) => _event.data.error === import_oid4vci_common2.AuthorizationChallengeError.insufficient_authorization, "cond"),
+          actions: (0, import_xstate2.assign)({
+            authSession: /* @__PURE__ */ __name((_ctx, _event) => _event.data.auth_session, "authSession"),
+            presentationUri: /* @__PURE__ */ __name((_ctx, _event) => _event.data.presentation, "presentationUri")
+          })
+        },
+        {
+          target: FirstPartyMachineStateTypes.error,
+          actions: (0, import_xstate2.assign)({
+            error: /* @__PURE__ */ __name((_ctx, _event) => ({
+              title: translate("oid4vci_machine_send_authorization_challenge_request_error_title"),
+              message: _event.data.message,
+              stack: _event.data.stack
+            }), "error")
+          })
+        }
+      ]
+    }
+  },
+  [FirstPartyMachineStateTypes.createConfig]: {
+    id: FirstPartyMachineStateTypes.createConfig,
+    invoke: {
+      src: FirstPartyMachineServices.createConfig,
+      onDone: {
+        target: FirstPartyMachineStateTypes.getSiopRequest,
+        actions: (0, import_xstate2.assign)({
+          didAuthConfig: /* @__PURE__ */ __name((_ctx, _event) => _event.data, "didAuthConfig")
+        })
+      },
+      onError: {
+        target: FirstPartyMachineStateTypes.error,
+        actions: (0, import_xstate2.assign)({
+          error: /* @__PURE__ */ __name((_ctx, _event) => ({
+            title: translate("oid4vci_machine_create_config_error_title"),
+            message: _event.data.message,
+            stack: _event.data.stack
+          }), "error")
+        })
+      }
+    }
+  },
+  [FirstPartyMachineStateTypes.getSiopRequest]: {
+    id: FirstPartyMachineStateTypes.getSiopRequest,
+    invoke: {
+      src: FirstPartyMachineServices.getSiopRequest,
+      onDone: {
+        target: FirstPartyMachineStateTypes.selectCredentials,
+        actions: (0, import_xstate2.assign)({
+          authorizationRequestData: /* @__PURE__ */ __name((_ctx, _event) => _event.data, "authorizationRequestData")
+        })
+      },
+      onError: {
+        target: FirstPartyMachineStateTypes.error,
+        actions: (0, import_xstate2.assign)({
+          error: /* @__PURE__ */ __name((_ctx, _event) => ({
+            title: translate("siopV2_machine_get_request_error_title"),
+            message: _event.data.message,
+            stack: _event.data.stack
+          }), "error")
+        })
       }
-    },
-    ...credentialDisplay.rendering?.simple?.background_color && {
-      background: {
-        color: credentialDisplay.rendering.simple.background_color
+    }
+  },
+  [FirstPartyMachineStateTypes.selectCredentials]: {
+    id: FirstPartyMachineStateTypes.selectCredentials,
+    on: {
+      [FirstPartyMachineEvents.SET_SELECTED_CREDENTIALS]: {
+        actions: (0, import_xstate2.assign)({
+          selectedCredentials: /* @__PURE__ */ __name((_ctx, _event) => _event.data, "selectedCredentials")
+        })
+      },
+      [FirstPartyMachineEvents.NEXT]: {
+        target: FirstPartyMachineStateTypes.sendAuthorizationResponse
+      },
+      [FirstPartyMachineEvents.DECLINE]: {
+        target: FirstPartyMachineStateTypes.declined
+      },
+      [FirstPartyMachineEvents.PREVIOUS]: {
+        target: FirstPartyMachineStateTypes.aborted
       }
     }
-  };
-}, "sdJwtCredentialLocaleBrandingFrom");
-var sdJwtCombineDisplayLocalesFrom = /* @__PURE__ */ __name(async (args) => {
-  const { credentialDisplayLocales = /* @__PURE__ */ new Map(), claimsMetadata = /* @__PURE__ */ new Map() } = args;
-  const locales = Array.from(/* @__PURE__ */ new Set([
-    ...claimsMetadata.keys(),
-    ...credentialDisplayLocales.keys()
-  ]));
-  return Promise.all(locales.map(async (locale) => {
-    const display = credentialDisplayLocales.get(locale);
-    const claims = claimsMetadata.get(locale);
-    return {
-      ...display && await sdJwtCredentialLocaleBrandingFrom({
-        credentialDisplay: display
-      }),
-      ...locale.length > 0 && {
-        locale
+  },
+  [FirstPartyMachineStateTypes.sendAuthorizationResponse]: {
+    id: FirstPartyMachineStateTypes.sendAuthorizationResponse,
+    invoke: {
+      src: FirstPartyMachineServices.sendAuthorizationResponse,
+      onDone: {
+        target: FirstPartyMachineStateTypes.sendAuthorizationChallengeRequest,
+        actions: (0, import_xstate2.assign)({
+          presentationDuringIssuanceSession: /* @__PURE__ */ __name((_ctx, _event) => _event.data, "presentationDuringIssuanceSession")
+        })
       },
-      claims
+      onError: {
+        target: FirstPartyMachineStateTypes.error,
+        actions: (0, import_xstate2.assign)({
+          error: /* @__PURE__ */ __name((_ctx, _event) => ({
+            title: translate("oid4vci_machine_get_request_error_title"),
+            message: _event.data.message,
+            stack: _event.data.stack
+          }), "error")
+        })
+      }
+    }
+  },
+  [FirstPartyMachineStateTypes.aborted]: {
+    id: FirstPartyMachineStateTypes.aborted,
+    type: "final"
+  },
+  [FirstPartyMachineStateTypes.declined]: {
+    id: FirstPartyMachineStateTypes.declined,
+    type: "final"
+  },
+  [FirstPartyMachineStateTypes.error]: {
+    id: FirstPartyMachineStateTypes.error,
+    type: "final"
+  },
+  [FirstPartyMachineStateTypes.done]: {
+    id: FirstPartyMachineStateTypes.done,
+    type: "final"
+  }
+};
+var createFirstPartyActivationMachine = /* @__PURE__ */ __name((opts) => {
+  const initialContext = {
+    openID4VCIClientState: opts.openID4VCIClientState,
+    contact: opts.contact,
+    selectedCredentials: []
+  };
+  return (0, import_xstate2.createMachine)({
+    id: opts?.machineId ?? "FirstParty",
+    predictableActionArguments: true,
+    initial: FirstPartyMachineStateTypes.sendAuthorizationChallengeRequest,
+    context: initialContext,
+    states: firstPartyMachineStates,
+    schema: {
+      events: {},
+      services: {}
+    }
+  });
+}, "createFirstPartyActivationMachine");
+var FirstPartyMachine = class _FirstPartyMachine {
+  static {
+    __name(this, "FirstPartyMachine");
+  }
+  static _instance;
+  static hasInstance() {
+    return _FirstPartyMachine._instance !== void 0;
+  }
+  static get instance() {
+    if (!_FirstPartyMachine._instance) {
+      throw Error("Please initialize ESIMActivation machine first");
+    }
+    return _FirstPartyMachine._instance;
+  }
+  static clearInstance(opts) {
+    const { stop } = opts;
+    if (_FirstPartyMachine.hasInstance()) {
+      if (stop) {
+        _FirstPartyMachine.stopInstance();
+      }
+    }
+    _FirstPartyMachine._instance = void 0;
+  }
+  static stopInstance() {
+    if (!_FirstPartyMachine.hasInstance()) {
+      return;
+    }
+    _FirstPartyMachine.instance.stop();
+    _FirstPartyMachine._instance = void 0;
+  }
+  static newInstance(opts) {
+    const { agentContext } = opts;
+    const services = {
+      [FirstPartyMachineServices.sendAuthorizationChallengeRequest]: sendAuthorizationChallengeRequest,
+      [FirstPartyMachineServices.createConfig]: (args) => createConfig(args, agentContext),
+      [FirstPartyMachineServices.getSiopRequest]: (args) => getSiopRequest(args, agentContext),
+      [FirstPartyMachineServices.sendAuthorizationResponse]: (args) => sendAuthorizationResponse(args, agentContext)
     };
-  }));
-}, "sdJwtCombineDisplayLocalesFrom");
-var issuerLocaleBrandingFrom = /* @__PURE__ */ __name(async (args) => {
-  const { issuerDisplay, dynamicRegistrationClientMetadata } = args;
-  return {
-    ...dynamicRegistrationClientMetadata?.client_name && {
-      alias: dynamicRegistrationClientMetadata.client_name
-    },
-    ...issuerDisplay.name && {
-      alias: issuerDisplay.name
-    },
-    ...issuerDisplay.locale && {
-      locale: issuerDisplay.locale
-    },
-    ...(issuerDisplay.logo || dynamicRegistrationClientMetadata?.logo_uri) && {
-      logo: {
-        ...dynamicRegistrationClientMetadata?.logo_uri && {
-          uri: dynamicRegistrationClientMetadata?.logo_uri
-        },
-        ...(issuerDisplay.logo?.url || issuerDisplay.logo?.uri) && {
-          uri: issuerDisplay.logo?.url ?? issuerDisplay.logo?.uri
-        },
-        ...issuerDisplay.logo?.alt_text && {
-          alt: issuerDisplay.logo?.alt_text
-        }
+    const newInst = (0, import_xstate2.interpret)(createFirstPartyActivationMachine(opts).withConfig({
+      services: {
+        ...services,
+        ...opts?.services
+      },
+      guards: {
+        ...opts?.guards
       }
-    },
-    ...issuerDisplay.description && {
-      description: issuerDisplay.description
-    },
-    ...issuerDisplay.text_color && {
-      text: {
-        color: issuerDisplay.text_color
+    }));
+    if (typeof opts?.subscription === "function") {
+      newInst.onTransition(opts.subscription);
+    }
+    if (opts?.requireCustomNavigationHook !== true) {
+      newInst.onTransition((snapshot) => {
+        if (opts?.stateNavigationListener) {
+          void opts.stateNavigationListener(newInst, snapshot);
+        }
+      });
+    }
+    return newInst;
+  }
+  static getInstance(opts) {
+    if (!_FirstPartyMachine._instance) {
+      if (opts?.requireExisting === true) {
+        throw Error(`Existing FirstPartyMachine instance requested, but none was created at this point!`);
       }
-    },
-    ...dynamicRegistrationClientMetadata?.client_uri && {
-      clientUri: dynamicRegistrationClientMetadata.client_uri
-    },
-    ...dynamicRegistrationClientMetadata?.tos_uri && {
-      tosUri: dynamicRegistrationClientMetadata.tos_uri
-    },
-    ...dynamicRegistrationClientMetadata?.policy_uri && {
-      policyUri: dynamicRegistrationClientMetadata.policy_uri
-    },
-    ...dynamicRegistrationClientMetadata?.contacts && {
-      contacts: dynamicRegistrationClientMetadata.contacts
+      _FirstPartyMachine._instance = _FirstPartyMachine.newInstance(opts);
     }
-  };
-}, "issuerLocaleBrandingFrom");
+    return _FirstPartyMachine._instance;
+  }
+};
 // src/services/OID4VCIHolderService.ts
+var import_ssi_sdk = require("@sphereon/ssi-sdk.core");
 var getCredentialBranding = /* @__PURE__ */ __name(async (args) => {
   const { credentialsSupported, context } = args;
   const credentialBranding = {};
   await Promise.all(Object.entries(credentialsSupported).map(async ([configId, credentialsConfigSupported]) => {
     let sdJwtTypeMetadata;
-    if (credentialsConfigSupported.format === "dc+sd-jwt") {
+    if (credentialsConfigSupported.format === "vc+sd-jwt") {
       const vct = credentialsConfigSupported.vct;
       if (vct.startsWith("http")) {
         try {
@@ -1688,7 +1683,10 @@ var selectCredentialLocaleBranding = /* @__PURE__ */ __name(async (args) => {
 }, "selectCredentialLocaleBranding");
 var verifyCredentialToAccept = /* @__PURE__ */ __name(async (args) => {
   const { mappedCredential, hasher, onVerifyEBSICredentialIssuer, schemaValidation, context } = args;
-  const credential = extractCredentialFromResponse(mappedCredential.credentialToAccept.credentialResponse);
+  const credential = mappedCredential.credentialToAccept.credentialResponse.credential;
+  if (!credential) {
+    return Promise.reject(Error("No credential found in credential response"));
+  }
   const wrappedVC = import_ssi_types.CredentialMapper.toWrappedVerifiableCredential(credential, {
     hasher: hasher ?? import_ssi_sdk.defaultHasher
   });
@@ -1740,7 +1738,11 @@ var verifyCredentialToAccept = /* @__PURE__ */ __name(async (args) => {
 }, "verifyCredentialToAccept");
 var mapCredentialToAccept = /* @__PURE__ */ __name(async (args) => {
   const { credentialToAccept, hasher } = args;
-  const verifiableCredential = extractCredentialFromResponse(credentialToAccept.credentialResponse);
+  const credentialResponse = credentialToAccept.credentialResponse;
+  const verifiableCredential = credentialResponse.credential;
+  if (!verifiableCredential) {
+    return Promise.reject(Error("No credential found in credential response"));
+  }
   const wrappedVerifiableCredential = import_ssi_types.CredentialMapper.toWrappedVerifiableCredential(verifiableCredential, {
     hasher
   });
@@ -1760,7 +1762,6 @@ var mapCredentialToAccept = /* @__PURE__ */ __name(async (args) => {
     uniformVerifiableCredential = wrappedVerifiableCredential.credential;
   }
   const correlationId = typeof uniformVerifiableCredential.issuer === "string" ? uniformVerifiableCredential.issuer : import_ssi_types.CredentialMapper.isSdJwtDecodedCredential(uniformVerifiableCredential) ? uniformVerifiableCredential.decodedPayload.iss : uniformVerifiableCredential.issuer.id;
-  const credentialResponse = credentialToAccept.credentialResponse;
   return {
     correlationId,
     credentialToAccept,
@@ -1772,18 +1773,6 @@ var mapCredentialToAccept = /* @__PURE__ */ __name(async (args) => {
     }
   };
 }, "mapCredentialToAccept");
-var extractCredentialFromResponse = /* @__PURE__ */ __name((credentialResponse) => {
-  let credential;
-  if ("credential" in credentialResponse) {
-    credential = credentialResponse.credential;
-  } else if ("credentials" in credentialResponse && credentialResponse.credentials && Array.isArray(credentialResponse.credentials) && credentialResponse.credentials.length > 0) {
-    credential = credentialResponse.credentials[0].credential;
-  }
-  if (!credential) {
-    throw new Error("No credential found in credential response");
-  }
-  return credential;
-}, "extractCredentialFromResponse");
 var getIdentifierOpts = /* @__PURE__ */ __name(async (args) => {
   const { issuanceOpt, context } = args;
   const { identifier: identifierArg } = issuanceOpt;
@@ -1892,19 +1881,24 @@ var getCredentialConfigsSupportedBySingleTypeOrId = /* @__PURE__ */ __name(async
   }
   __name(createIdFromTypes, "createIdFromTypes");
   if (configurationId) {
-    const allSupported2 = client.getCredentialsSupported(format);
+    const allSupported2 = client.getCredentialsSupported(false);
     return Object.fromEntries(Object.entries(allSupported2).filter(([id, supported]) => id === configurationId || supported.id === configurationId || createIdFromTypes(supported) === configurationId));
   }
-  if (!client.credentialOffer) {
-    return Promise.reject(Error("openID4VCIClient has no credentialOffer"));
+  if (!types && !client.credentialOffer) {
+    return Promise.reject(Error("openID4VCIClient has no credentialOffer and no types where provided"));
   }
-  if (!types) {
-    return Promise.reject(Error("openID4VCIClient has no types"));
+  if (!Array.isArray(format) && client.credentialOffer) {
+    if (client.version() > import_oid4vci_common3.OpenId4VCIVersion.VER_1_0_09 && typeof client.credentialOffer.credential_offer === "object" && "credentials" in client.credentialOffer.credential_offer) {
+      format = client.credentialOffer.credential_offer.credentials.filter((cred) => typeof cred !== "string").map((cred) => cred.format);
+      if (format?.length === 0) {
+        format = void 0;
+      }
+    }
   }
   const offerSupported = (0, import_oid4vci_common3.getSupportedCredentials)({
-    types: [
+    types: types ? [
       types
-    ],
+    ] : client.getCredentialOfferTypes(),
     format,
     version: client.version(),
     issuerMetadata: client.endpointMetadata.credentialIssuerMetadata
@@ -2079,8 +2073,7 @@ var getIssuanceCryptoSuite = /* @__PURE__ */ __name(async (opts) => {
     case "jwt":
     case "jwt_vc_json":
     case "jwt_vc":
-    //case 'vc+sd-jwt': // TODO see SSISDK-52 concerning vc+sd-jwt
-    case "dc+sd-jwt":
+    case "vc+sd-jwt":
     case "mso_mdoc": {
       const supportedPreferences = jwtCryptographicSuitePreferences.filter((suite) => signing_algs_supported.includes(suite));
       if (supportedPreferences.length > 0) {
@@ -2148,6 +2141,8 @@ var startFirstPartApplicationMachine = /* @__PURE__ */ __name(async (args, conte
 }, "startFirstPartApplicationMachine");
 // src/agent/OID4VCIHolder.ts
+var import_polyfill = require("cross-fetch/polyfill");
+var import_ssi_sdk3 = require("@sphereon/ssi-sdk.core");
 var oid4vciHolderContextMethods = [
   "cmGetContacts",
   "cmGetContact",
@@ -2163,7 +2158,7 @@ var oid4vciHolderContextMethods = [
 ];
 var logger = import_ssi_types2.Loggers.DEFAULT.get("sphereon:oid4vci:holder");
 function signCallback(identifier, context, nonce) {
-  return async (jwt, kid, noIssPayloadUpdate) => {
+  return async (jwt, kid) => {
     let resolution = await context.agent.identifierManagedGet(identifier);
     const jwk = jwt.header.jwk ?? (resolution.method === "jwk" ? resolution.jwk : void 0);
     if (!resolution.issuer && !jwt.payload.iss) {
@@ -2181,7 +2176,7 @@ function signCallback(identifier, context, nonce) {
     return (await context.agent.jwtCreateJwsCompactSignature({
       issuer: {
         ...resolution,
-        noIssPayloadUpdate: noIssPayloadUpdate ?? false
+        noIssPayloadUpdate: false
       },
       protectedHeader: header,
       payload
@@ -2216,7 +2211,6 @@ var OID4VCIHolder = class _OID4VCIHolder {
     oid4vciHolderStoreIssuerBranding: this.oid4vciHolderStoreIssuerBranding.bind(this)
   };
   vcFormatPreferences = [
-    "dc+sd-jwt",
     "vc+sd-jwt",
     "mso_mdoc",
     "jwt_vc_json",
@@ -2250,7 +2244,7 @@ var OID4VCIHolder = class _OID4VCIHolder {
   onIdentifierCreated;
   onVerifyEBSICredentialIssuer;
   constructor(options) {
-    const { onContactIdentityCreated, onCredentialStored, onIdentifierCreated, onVerifyEBSICredentialIssuer, vcFormatPreferences, jsonldCryptographicSuitePreferences, didMethodPreferences, jwtCryptographicSuitePreferences, defaultAuthorizationRequestOptions, hasher = import_ssi_sdk2.defaultHasher } = {
+    const { onContactIdentityCreated, onCredentialStored, onIdentifierCreated, onVerifyEBSICredentialIssuer, vcFormatPreferences, jsonldCryptographicSuitePreferences, didMethodPreferences, jwtCryptographicSuitePreferences, defaultAuthorizationRequestOptions, hasher = import_ssi_sdk3.defaultHasher } = {
       ...options
     };
     this.hasher = hasher;
@@ -2368,6 +2362,7 @@ var OID4VCIHolder = class _OID4VCIHolder {
       formats = Array.from(new Set(authFormats));
     }
     let oid4vciClient;
+    let types = void 0;
     let offer;
     if (requestData.existingClientState) {
       oid4vciClient = await import_oid4vci_client3.OpenID4VCIClient.fromState({
@@ -2403,18 +2398,17 @@ var OID4VCIHolder = class _OID4VCIHolder {
         });
       }
     }
-    let configurationIds = [];
     if (offer) {
-      configurationIds = offer.original_credential_offer.credential_configuration_ids;
+      types = (0, import_oid4vci_common4.getTypesFromCredentialOffer)(offer.original_credential_offer);
     } else {
-      configurationIds = (0, import_utils2.asArray)(authorizationRequestOpts.authorizationDetails).filter((authDetails) => typeof authDetails !== "string").map((authReqOpts) => authReqOpts.credential_configuration_id).filter((id) => !!id);
+      types = (0, import_utils2.asArray)(authorizationRequestOpts.authorizationDetails).map((authReqOpts) => (0, import_oid4vci_common4.getTypesFromAuthorizationDetails)(authReqOpts) ?? []).filter((inner) => inner.length > 0);
     }
+    const serverMetadata = await oid4vciClient.retrieveServerMetadata();
     const credentialsSupported = await getCredentialConfigsSupportedMerged({
       client: oid4vciClient,
       vcFormatPreferences: formats,
-      configurationIds
+      types
     });
-    const serverMetadata = await oid4vciClient.retrieveServerMetadata();
     const credentialBranding = await getCredentialBranding({
       credentialsSupported,
       context
@@ -2631,26 +2625,26 @@ var OID4VCIHolder = class _OID4VCIHolder {
       return Promise.reject(Error("Missing credential offers in context"));
     }
     let correlationId = credentialsToAccept[0].correlationId;
-    let identifierType = import_ssi_sdk4.CorrelationIdentifierType.DID;
+    let identifierType = import_ssi_sdk2.CorrelationIdentifierType.DID;
     if (!correlationId.toLowerCase().startsWith("did:")) {
-      identifierType = import_ssi_sdk4.CorrelationIdentifierType.URL;
+      identifierType = import_ssi_sdk2.CorrelationIdentifierType.URL;
       if (correlationId.startsWith("http")) {
         correlationId = new URL(correlationId).hostname;
       }
     }
     const identity = {
       alias: credentialsToAccept[0].correlationId,
-      origin: import_ssi_sdk4.IdentityOrigin.EXTERNAL,
+      origin: import_ssi_sdk2.IdentityOrigin.EXTERNAL,
       roles: [
-        import_ssi_types2.CredentialRole.ISSUER
+        import_ssi_sdk2.CredentialRole.ISSUER
       ],
       identifier: {
         type: identifierType,
         correlationId
       },
-      ...identifierType === import_ssi_sdk4.CorrelationIdentifierType.URL && {
+      ...identifierType === import_ssi_sdk2.CorrelationIdentifierType.URL && {
         connection: {
-          type: import_ssi_sdk4.ConnectionType.OPENID_CONNECT,
+          type: import_ssi_sdk2.ConnectionType.OPENID_CONNECT,
           config: {
             clientId: "138d7bf8-c930-4c6e-b928-97d3a4928b01",
             clientSecret: "03b3955f-d020-4f2a-8a27-4e452d4e27a0",
@@ -2677,7 +2671,7 @@ var OID4VCIHolder = class _OID4VCIHolder {
   }
   async oid4vciHolderGetIssuerBranding(args, context) {
     const { serverMetadata, contact } = args;
-    const issuerCorrelationId = contact?.identities.filter((identity) => identity.roles.includes(import_ssi_types2.CredentialRole.ISSUER)).map((identity) => identity.identifier.correlationId)[0];
+    const issuerCorrelationId = contact?.identities.filter((identity) => identity.roles.includes(import_ssi_sdk2.CredentialRole.ISSUER)).map((identity) => identity.identifier.correlationId)[0];
     if (issuerCorrelationId) {
       const branding = await context.agent.ibGetIssuerBranding({
         filter: [
@@ -2707,7 +2701,7 @@ var OID4VCIHolder = class _OID4VCIHolder {
     if (!contact) {
       return Promise.reject(Error("Missing contact in context"));
     }
-    const issuerCorrelationId = contact?.identities.filter((identity) => identity.roles.includes(import_ssi_types2.CredentialRole.ISSUER)).map((identity) => identity.identifier.correlationId)[0];
+    const issuerCorrelationId = contact?.identities.filter((identity) => identity.roles.includes(import_ssi_sdk2.CredentialRole.ISSUER)).map((identity) => identity.identifier.correlationId)[0];
     const branding = await context.agent.ibGetIssuerBranding({
       filter: [
         {
@@ -2803,9 +2797,9 @@ var OID4VCIHolder = class _OID4VCIHolder {
       if (Array.isArray(subjectIssuance?.notification_events_supported)) {
         event = subjectIssuance.notification_events_supported.includes("credential_accepted_holder_signed") ? "credential_accepted_holder_signed" : "credential_deleted_holder_signed";
         logger.log(`Subject issuance/signing will be used, with event`, event);
-        const issuerVC = extractCredentialFromResponse(mappedCredentialToAccept.credentialToAccept.credentialResponse);
+        const issuerVC = mappedCredentialToAccept.credentialToAccept.credentialResponse.credential;
         const wrappedIssuerVC = import_ssi_types2.CredentialMapper.toWrappedVerifiableCredential(issuerVC, {
-          hasher: this.hasher ?? import_ssi_sdk2.defaultHasher
+          hasher: this.hasher ?? import_ssi_sdk3.defaultHasher
         });
         console.log(`Wrapped VC: ${wrappedIssuerVC.type}, ${wrappedIssuerVC.format}`);
         let issuer;
@@ -2906,11 +2900,11 @@ var OID4VCIHolder = class _OID4VCIHolder {
       const [subjectCorrelationType, subjectCorrelationId] = this.determineSubjectCorrelation(issuanceOpt.identifier, issuer);
       const persistedCredential = await context.agent.crsAddCredential({
         credential: {
-          rawDocument: (0, import_ssi_sdk3.ensureRawDocument)(persistCredential),
+          rawDocument: (0, import_ssi_sdk2.ensureRawDocument)(persistCredential),
           kmsKeyRef,
           identifierMethod: method,
-          credentialRole: import_ssi_types2.CredentialRole.HOLDER,
-          issuerCorrelationType: issuer?.startsWith("did:") ? import_ssi_sdk4.CredentialCorrelationType.DID : import_ssi_sdk4.CredentialCorrelationType.URL,
+          credentialRole: import_ssi_sdk2.CredentialRole.HOLDER,
+          issuerCorrelationType: issuer?.startsWith("did:") ? import_ssi_sdk2.CredentialCorrelationType.DID : import_ssi_sdk2.CredentialCorrelationType.URL,
           issuerCorrelationId: issuer,
           subjectCorrelationType,
           subjectCorrelationId
@@ -2978,12 +2972,12 @@ var OID4VCIHolder = class _OID4VCIHolder {
       case "did":
         if ((0, import_ssi_sdk_ext6.isManagedIdentifierResult)(identifier) && (0, import_ssi_sdk_ext6.isManagedIdentifierDidResult)(identifier)) {
           return [
-            import_ssi_sdk4.CredentialCorrelationType.DID,
+            import_ssi_sdk2.CredentialCorrelationType.DID,
             identifier.did
           ];
         } else if ((0, import_ssi_sdk_ext6.isManagedIdentifierDidOpts)(identifier)) {
           return [
-            import_ssi_sdk4.CredentialCorrelationType.DID,
+            import_ssi_sdk2.CredentialCorrelationType.DID,
             typeof identifier.identifier === "string" ? identifier.identifier : identifier.identifier.did
           ];
         }
@@ -2991,12 +2985,12 @@ var OID4VCIHolder = class _OID4VCIHolder {
       case "kid":
         if ((0, import_ssi_sdk_ext6.isManagedIdentifierResult)(identifier) && (0, import_ssi_sdk_ext6.isManagedIdentifierKidResult)(identifier)) {
           return [
-            import_ssi_sdk4.CredentialCorrelationType.KID,
+            import_ssi_sdk2.CredentialCorrelationType.KID,
             identifier.kid
           ];
         } else if ((0, import_ssi_sdk_ext6.isManagedIdentifierDidOpts)(identifier)) {
           return [
-            import_ssi_sdk4.CredentialCorrelationType.KID,
+            import_ssi_sdk2.CredentialCorrelationType.KID,
             identifier.identifier
           ];
         }
@@ -3004,19 +2998,19 @@ var OID4VCIHolder = class _OID4VCIHolder {
       case "x5c":
         if ((0, import_ssi_sdk_ext6.isManagedIdentifierResult)(identifier) && (0, import_ssi_sdk_ext6.isManagedIdentifierX5cResult)(identifier)) {
           return [
-            import_ssi_sdk4.CredentialCorrelationType.X509_SAN,
+            import_ssi_sdk2.CredentialCorrelationType.X509_SAN,
             identifier.x5c.join("\r\n")
           ];
         } else if ((0, import_ssi_sdk_ext6.isManagedIdentifierX5cOpts)(identifier)) {
           return [
-            import_ssi_sdk4.CredentialCorrelationType.X509_SAN,
+            import_ssi_sdk2.CredentialCorrelationType.X509_SAN,
             identifier.identifier.join("\r\n")
           ];
         }
         break;
     }
     return [
-      import_ssi_sdk4.CredentialCorrelationType.URL,
+      import_ssi_sdk2.CredentialCorrelationType.URL,
       issuer
     ];
   }
@@ -3075,9 +3069,9 @@ var OID4VCICallbackStateListener = /* @__PURE__ */ __name((callbacks) => {
 // src/link-handler/index.ts
 var import_oid4vci_client4 = require("@sphereon/oid4vci-client");
 var import_oid4vci_common5 = require("@sphereon/oid4vci-common");
-var import_ssi_sdk5 = require("@sphereon/ssi-sdk.core");
-var import_ssi_sdk6 = require("@sphereon/ssi-sdk.xstate-machine-persistence");
-var OID4VCIHolderLinkHandler = class extends import_ssi_sdk5.LinkHandlerAdapter {
+var import_ssi_sdk4 = require("@sphereon/ssi-sdk.core");
+var import_ssi_sdk5 = require("@sphereon/ssi-sdk.xstate-machine-persistence");
+var OID4VCIHolderLinkHandler = class extends import_ssi_sdk4.LinkHandlerAdapter {
   static {
     __name(this, "OID4VCIHolderLinkHandler");
   }
@@ -3137,7 +3131,7 @@ var OID4VCIHolderLinkHandler = class extends import_ssi_sdk5.LinkHandlerAdapter
     const interpreter = oid4vciMachine.interpreter;
     if (!opts?.machineState && this.context.agent.availableMethods().includes("machineStatesFindActive")) {
       const stateType = hasCode ? "existing" : "new";
-      await (0, import_ssi_sdk6.interpreterStartOrResume)({
+      await (0, import_ssi_sdk5.interpreterStartOrResume)({
         stateType,
         interpreter,
         context: this.context,