@sphereon/ssi-sdk.oid4vci-holder 0.34.1-feature.SSISDK.45.94 → 0.34.1-feature.SSISDK.46.41

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (11) hide show
  1. package/dist/index.cjs +422 -432
  2. package/dist/index.cjs.map +1 -1
  3. package/dist/index.d.cts +6 -9
  4. package/dist/index.d.ts +6 -9
  5. package/dist/index.js +518 -528
  6. package/dist/index.js.map +1 -1
  7. package/package.json +24 -25
  8. package/src/agent/OID4VCIHolder.ts +23 -24
  9. package/src/services/OID4VCIHolderService.ts +21 -38
  10. package/src/types/FirstPartyMachine.ts +2 -3
  11. package/src/types/IOID4VCIHolder.ts +1 -3
package/dist/index.cjs CHANGED
@@ -100,7 +100,6 @@ __export(index_exports, {
100
100
  RequestType: () => RequestType,
101
101
  SupportedLanguage: () => SupportedLanguage,
102
102
  createConfig: () => createConfig,
103
- extractCredentialFromResponse: () => extractCredentialFromResponse,
104
103
  getBasicIssuerLocaleBranding: () => getBasicIssuerLocaleBranding,
105
104
  getCredentialBranding: () => getCredentialBranding,
106
105
  getCredentialConfigsBasedOnFormatPref: () => getCredentialConfigsBasedOnFormatPref,
@@ -140,8 +139,7 @@ var import_oid4vci_common4 = require("@sphereon/oid4vci-common");
140
139
  var import_ssi_sdk_ext5 = require("@sphereon/ssi-sdk-ext.did-utils");
141
140
  var import_ssi_sdk_ext6 = require("@sphereon/ssi-sdk-ext.identifier-resolution");
142
141
  var import_ssi_sdk_ext7 = require("@sphereon/ssi-sdk-ext.key-utils");
143
- var import_ssi_sdk2 = require("@sphereon/ssi-sdk.core");
144
- var import_ssi_sdk3 = require("@sphereon/ssi-sdk.data-store");
142
+ var import_ssi_sdk2 = require("@sphereon/ssi-sdk.data-store");
145
143
  var import_ssi_types2 = require("@sphereon/ssi-types");
146
144
  var import_utils2 = require("@veramo/utils");
147
145
  var import_did_jwt = require("did-jwt");
@@ -156,18 +154,18 @@ var import_i18n_js = __toESM(require("i18n-js"), 1);
156
154
  var import_lodash = __toESM(require("lodash.memoize"), 1);
157
155
 
158
156
  // src/types/IOID4VCIHolder.ts
159
- var OID4VCIHolderEvent = /* @__PURE__ */ function(OID4VCIHolderEvent2) {
157
+ var OID4VCIHolderEvent = /* @__PURE__ */ (function(OID4VCIHolderEvent2) {
160
158
  OID4VCIHolderEvent2["CONTACT_IDENTITY_CREATED"] = "contact_identity_created";
161
159
  OID4VCIHolderEvent2["CREDENTIAL_STORED"] = "credential_stored";
162
160
  OID4VCIHolderEvent2["IDENTIFIER_CREATED"] = "identifier_created";
163
161
  return OID4VCIHolderEvent2;
164
- }({});
165
- var SupportedLanguage = /* @__PURE__ */ function(SupportedLanguage2) {
162
+ })({});
163
+ var SupportedLanguage = /* @__PURE__ */ (function(SupportedLanguage2) {
166
164
  SupportedLanguage2["ENGLISH"] = "en";
167
165
  SupportedLanguage2["DUTCH"] = "nl";
168
166
  return SupportedLanguage2;
169
- }({});
170
- var OID4VCIMachineStates = /* @__PURE__ */ function(OID4VCIMachineStates2) {
167
+ })({});
168
+ var OID4VCIMachineStates = /* @__PURE__ */ (function(OID4VCIMachineStates2) {
171
169
  OID4VCIMachineStates2["start"] = "start";
172
170
  OID4VCIMachineStates2["createCredentialsToSelectFrom"] = "createCredentialsToSelectFrom";
173
171
  OID4VCIMachineStates2["getContact"] = "getContact";
@@ -198,18 +196,18 @@ var OID4VCIMachineStates = /* @__PURE__ */ function(OID4VCIMachineStates2) {
198
196
  OID4VCIMachineStates2["error"] = "error";
199
197
  OID4VCIMachineStates2["done"] = "done";
200
198
  return OID4VCIMachineStates2;
201
- }({});
202
- var OID4VCIMachineAddContactStates = /* @__PURE__ */ function(OID4VCIMachineAddContactStates2) {
199
+ })({});
200
+ var OID4VCIMachineAddContactStates = /* @__PURE__ */ (function(OID4VCIMachineAddContactStates2) {
203
201
  OID4VCIMachineAddContactStates2["idle"] = "idle";
204
202
  OID4VCIMachineAddContactStates2["next"] = "next";
205
203
  return OID4VCIMachineAddContactStates2;
206
- }({});
207
- var OID4VCIMachineVerifyPinStates = /* @__PURE__ */ function(OID4VCIMachineVerifyPinStates2) {
204
+ })({});
205
+ var OID4VCIMachineVerifyPinStates = /* @__PURE__ */ (function(OID4VCIMachineVerifyPinStates2) {
208
206
  OID4VCIMachineVerifyPinStates2["idle"] = "idle";
209
207
  OID4VCIMachineVerifyPinStates2["next"] = "next";
210
208
  return OID4VCIMachineVerifyPinStates2;
211
- }({});
212
- var OID4VCIMachineEvents = /* @__PURE__ */ function(OID4VCIMachineEvents2) {
209
+ })({});
210
+ var OID4VCIMachineEvents = /* @__PURE__ */ (function(OID4VCIMachineEvents2) {
213
211
  OID4VCIMachineEvents2["NEXT"] = "NEXT";
214
212
  OID4VCIMachineEvents2["PREVIOUS"] = "PREVIOUS";
215
213
  OID4VCIMachineEvents2["DECLINE"] = "DECLINE";
@@ -222,15 +220,14 @@ var OID4VCIMachineEvents = /* @__PURE__ */ function(OID4VCIMachineEvents2) {
222
220
  OID4VCIMachineEvents2["INVOKED_AUTHORIZATION_CODE_REQUEST"] = "INVOKED_AUTHORIZATION_CODE_REQUEST";
223
221
  OID4VCIMachineEvents2["PROVIDE_AUTHORIZATION_CODE_RESPONSE"] = "PROVIDE_AUTHORIZATION_CODE_RESPONSE";
224
222
  return OID4VCIMachineEvents2;
225
- }({});
226
- var OID4VCIMachineGuards = /* @__PURE__ */ function(OID4VCIMachineGuards2) {
223
+ })({});
224
+ var OID4VCIMachineGuards = /* @__PURE__ */ (function(OID4VCIMachineGuards2) {
227
225
  OID4VCIMachineGuards2["hasContactGuard"] = "oid4vciHasContactGuard";
228
226
  OID4VCIMachineGuards2["hasNoContactGuard"] = "oid4vciHasNoContactGuard";
229
227
  OID4VCIMachineGuards2["credentialsToSelectRequiredGuard"] = "oid4vciCredentialsToSelectRequiredGuard";
230
228
  OID4VCIMachineGuards2["requirePinGuard"] = "oid4vciRequirePinGuard";
231
229
  OID4VCIMachineGuards2["requireAuthorizationGuard"] = "oid4vciRequireAuthorizationGuard";
232
230
  OID4VCIMachineGuards2["noAuthorizationGuard"] = "oid4vciNoAuthorizationGuard";
233
- OID4VCIMachineGuards2["hasNonceEndpointGuard"] = "oid4vciHasNonceEndpointGuard ";
234
231
  OID4VCIMachineGuards2["hasAuthorizationResponse"] = "oid4vciHasAuthorizationResponse";
235
232
  OID4VCIMachineGuards2["hasNoContactIdentityGuard"] = "oid4vciHasNoContactIdentityGuard";
236
233
  OID4VCIMachineGuards2["verificationCodeGuard"] = "oid4vciVerificationCodeGuard";
@@ -240,8 +237,8 @@ var OID4VCIMachineGuards = /* @__PURE__ */ function(OID4VCIMachineGuards2) {
240
237
  OID4VCIMachineGuards2["contactHasLowTrustGuard"] = "oid4vciContactHasLowTrustGuard";
241
238
  OID4VCIMachineGuards2["isFirstPartyApplication"] = "oid4vciIsFirstPartyApplication";
242
239
  return OID4VCIMachineGuards2;
243
- }({});
244
- var OID4VCIMachineServices = /* @__PURE__ */ function(OID4VCIMachineServices2) {
240
+ })({});
241
+ var OID4VCIMachineServices = /* @__PURE__ */ (function(OID4VCIMachineServices2) {
245
242
  OID4VCIMachineServices2["start"] = "start";
246
243
  OID4VCIMachineServices2["getContact"] = "getContact";
247
244
  OID4VCIMachineServices2["getFederationTrust"] = "getFederationTrust";
@@ -256,17 +253,17 @@ var OID4VCIMachineServices = /* @__PURE__ */ function(OID4VCIMachineServices2) {
256
253
  OID4VCIMachineServices2["storeCredentials"] = "storeCredentials";
257
254
  OID4VCIMachineServices2["startFirstPartApplicationFlow"] = "startFirstPartApplicationFlow";
258
255
  return OID4VCIMachineServices2;
259
- }({});
260
- var RequestType = /* @__PURE__ */ function(RequestType2) {
256
+ })({});
257
+ var RequestType = /* @__PURE__ */ (function(RequestType2) {
261
258
  RequestType2["OPENID_INITIATE_ISSUANCE"] = "openid-initiate-issuance";
262
259
  RequestType2["OPENID_CREDENTIAL_OFFER"] = "openid-credential-offer";
263
260
  RequestType2["URL"] = "URL";
264
261
  return RequestType2;
265
- }({});
266
- var IdentifierAliasEnum = /* @__PURE__ */ function(IdentifierAliasEnum2) {
262
+ })({});
263
+ var IdentifierAliasEnum = /* @__PURE__ */ (function(IdentifierAliasEnum2) {
267
264
  IdentifierAliasEnum2["PRIMARY"] = "primary";
268
265
  return IdentifierAliasEnum2;
269
- }({});
266
+ })({});
270
267
 
271
268
  // src/localization/Localization.ts
272
269
  var Localization = class Localization2 {
@@ -308,7 +305,7 @@ var Localization = class Localization2 {
308
305
  var translate = Localization.translate;
309
306
 
310
307
  // src/types/FirstPartyMachine.ts
311
- var FirstPartyMachineStateTypes = /* @__PURE__ */ function(FirstPartyMachineStateTypes2) {
308
+ var FirstPartyMachineStateTypes = /* @__PURE__ */ (function(FirstPartyMachineStateTypes2) {
312
309
  FirstPartyMachineStateTypes2["sendAuthorizationChallengeRequest"] = "sendAuthorizationChallengeRequest";
313
310
  FirstPartyMachineStateTypes2["sendAuthorizationResponse"] = "sendAuthorizationResponse";
314
311
  FirstPartyMachineStateTypes2["selectCredentials"] = "selectCredentials";
@@ -319,21 +316,21 @@ var FirstPartyMachineStateTypes = /* @__PURE__ */ function(FirstPartyMachineStat
319
316
  FirstPartyMachineStateTypes2["aborted"] = "aborted";
320
317
  FirstPartyMachineStateTypes2["declined"] = "declined";
321
318
  return FirstPartyMachineStateTypes2;
322
- }({});
323
- var FirstPartyMachineServices = /* @__PURE__ */ function(FirstPartyMachineServices2) {
319
+ })({});
320
+ var FirstPartyMachineServices = /* @__PURE__ */ (function(FirstPartyMachineServices2) {
324
321
  FirstPartyMachineServices2["sendAuthorizationChallengeRequest"] = "sendAuthorizationChallengeRequest";
325
322
  FirstPartyMachineServices2["sendAuthorizationResponse"] = "sendAuthorizationResponse";
326
323
  FirstPartyMachineServices2["createConfig"] = "createConfig";
327
324
  FirstPartyMachineServices2["getSiopRequest"] = "getSiopRequest";
328
325
  return FirstPartyMachineServices2;
329
- }({});
330
- var FirstPartyMachineEvents = /* @__PURE__ */ function(FirstPartyMachineEvents2) {
326
+ })({});
327
+ var FirstPartyMachineEvents = /* @__PURE__ */ (function(FirstPartyMachineEvents2) {
331
328
  FirstPartyMachineEvents2["NEXT"] = "NEXT";
332
329
  FirstPartyMachineEvents2["PREVIOUS"] = "PREVIOUS";
333
330
  FirstPartyMachineEvents2["DECLINE"] = "DECLINE";
334
331
  FirstPartyMachineEvents2["SET_SELECTED_CREDENTIALS"] = "SET_SELECTED_CREDENTIALS";
335
332
  return FirstPartyMachineEvents2;
336
- }({});
333
+ })({});
337
334
 
338
335
  // src/machines/oid4vciMachine.ts
339
336
  var oid4vciHasNoContactGuard = /* @__PURE__ */ __name((_ctx, _event) => {
@@ -1063,295 +1060,9 @@ var import_ssi_sdk_ext = require("@sphereon/ssi-sdk-ext.did-resolver-jwk");
1063
1060
  var import_ssi_sdk_ext2 = require("@sphereon/ssi-sdk-ext.did-utils");
1064
1061
  var import_ssi_sdk_ext3 = require("@sphereon/ssi-sdk-ext.identifier-resolution");
1065
1062
  var import_ssi_sdk_ext4 = require("@sphereon/ssi-sdk-ext.key-utils");
1066
- var import_ssi_sdk = require("@sphereon/ssi-sdk.core");
1067
1063
  var import_ssi_types = require("@sphereon/ssi-types");
1068
1064
  var import_utils = require("@veramo/utils");
1069
1065
 
1070
- // src/machines/firstPartyMachine.ts
1071
- var import_xstate2 = require("xstate");
1072
- var import_oid4vci_common2 = require("@sphereon/oid4vci-common");
1073
-
1074
- // src/services/FirstPartyMachineServices.ts
1075
- var import_oid4vci_client = require("@sphereon/oid4vci-client");
1076
- var import_uuid = require("uuid");
1077
- var sendAuthorizationChallengeRequest = /* @__PURE__ */ __name(async (args) => {
1078
- const { openID4VCIClientState, authSession, presentationDuringIssuanceSession } = args;
1079
- const oid4vciClient = await import_oid4vci_client.OpenID4VCIClient.fromState({
1080
- state: openID4VCIClientState
1081
- });
1082
- return oid4vciClient.acquireAuthorizationChallengeCode({
1083
- clientId: oid4vciClient.clientId ?? (0, import_uuid.v4)(),
1084
- ...authSession && {
1085
- authSession
1086
- },
1087
- ...!authSession && openID4VCIClientState.credentialOffer?.preAuthorizedCode && {
1088
- issuerState: openID4VCIClientState.credentialOffer?.preAuthorizedCode
1089
- },
1090
- ...!authSession && openID4VCIClientState.credentialOffer?.issuerState && {
1091
- issuerState: openID4VCIClientState.credentialOffer?.issuerState
1092
- },
1093
- ...presentationDuringIssuanceSession && {
1094
- presentationDuringIssuanceSession
1095
- }
1096
- });
1097
- }, "sendAuthorizationChallengeRequest");
1098
- var createConfig = /* @__PURE__ */ __name(async (args, context) => {
1099
- const { presentationUri } = args;
1100
- if (!presentationUri) {
1101
- return Promise.reject(Error("Missing presentation uri in context"));
1102
- }
1103
- return context.agent.siopCreateConfig({
1104
- url: presentationUri
1105
- });
1106
- }, "createConfig");
1107
- var getSiopRequest = /* @__PURE__ */ __name(async (args, context) => {
1108
- const { didAuthConfig, presentationUri } = args;
1109
- if (presentationUri === void 0) {
1110
- return Promise.reject(Error("Missing presentation uri in context"));
1111
- }
1112
- if (didAuthConfig === void 0) {
1113
- return Promise.reject(Error("Missing did auth config in context"));
1114
- }
1115
- return context.agent.siopGetSiopRequest({
1116
- didAuthConfig,
1117
- url: presentationUri
1118
- });
1119
- }, "getSiopRequest");
1120
- var sendAuthorizationResponse = /* @__PURE__ */ __name(async (args, context) => {
1121
- const { didAuthConfig, authorizationRequestData, selectedCredentials } = args;
1122
- const responseData = await context.agent.siopSendResponse({
1123
- authorizationRequestData,
1124
- selectedCredentials,
1125
- didAuthConfig,
1126
- isFirstParty: true
1127
- });
1128
- return responseData.body.presentation_during_issuance_session;
1129
- }, "sendAuthorizationResponse");
1130
-
1131
- // src/machines/firstPartyMachine.ts
1132
- var firstPartyMachineStates = {
1133
- [FirstPartyMachineStateTypes.sendAuthorizationChallengeRequest]: {
1134
- id: FirstPartyMachineStateTypes.sendAuthorizationChallengeRequest,
1135
- invoke: {
1136
- src: FirstPartyMachineServices.sendAuthorizationChallengeRequest,
1137
- onDone: {
1138
- target: FirstPartyMachineStateTypes.done,
1139
- actions: (0, import_xstate2.assign)({
1140
- authorizationCodeResponse: /* @__PURE__ */ __name((_ctx, _event) => _event.data, "authorizationCodeResponse")
1141
- })
1142
- },
1143
- onError: [
1144
- {
1145
- target: FirstPartyMachineStateTypes.createConfig,
1146
- cond: /* @__PURE__ */ __name((_ctx, _event) => _event.data.error === import_oid4vci_common2.AuthorizationChallengeError.insufficient_authorization, "cond"),
1147
- actions: (0, import_xstate2.assign)({
1148
- authSession: /* @__PURE__ */ __name((_ctx, _event) => _event.data.auth_session, "authSession"),
1149
- presentationUri: /* @__PURE__ */ __name((_ctx, _event) => _event.data.presentation, "presentationUri")
1150
- })
1151
- },
1152
- {
1153
- target: FirstPartyMachineStateTypes.error,
1154
- actions: (0, import_xstate2.assign)({
1155
- error: /* @__PURE__ */ __name((_ctx, _event) => ({
1156
- title: translate("oid4vci_machine_send_authorization_challenge_request_error_title"),
1157
- message: _event.data.message,
1158
- stack: _event.data.stack
1159
- }), "error")
1160
- })
1161
- }
1162
- ]
1163
- }
1164
- },
1165
- [FirstPartyMachineStateTypes.createConfig]: {
1166
- id: FirstPartyMachineStateTypes.createConfig,
1167
- invoke: {
1168
- src: FirstPartyMachineServices.createConfig,
1169
- onDone: {
1170
- target: FirstPartyMachineStateTypes.getSiopRequest,
1171
- actions: (0, import_xstate2.assign)({
1172
- didAuthConfig: /* @__PURE__ */ __name((_ctx, _event) => _event.data, "didAuthConfig")
1173
- })
1174
- },
1175
- onError: {
1176
- target: FirstPartyMachineStateTypes.error,
1177
- actions: (0, import_xstate2.assign)({
1178
- error: /* @__PURE__ */ __name((_ctx, _event) => ({
1179
- title: translate("oid4vci_machine_create_config_error_title"),
1180
- message: _event.data.message,
1181
- stack: _event.data.stack
1182
- }), "error")
1183
- })
1184
- }
1185
- }
1186
- },
1187
- [FirstPartyMachineStateTypes.getSiopRequest]: {
1188
- id: FirstPartyMachineStateTypes.getSiopRequest,
1189
- invoke: {
1190
- src: FirstPartyMachineServices.getSiopRequest,
1191
- onDone: {
1192
- target: FirstPartyMachineStateTypes.selectCredentials,
1193
- actions: (0, import_xstate2.assign)({
1194
- authorizationRequestData: /* @__PURE__ */ __name((_ctx, _event) => _event.data, "authorizationRequestData")
1195
- })
1196
- },
1197
- onError: {
1198
- target: FirstPartyMachineStateTypes.error,
1199
- actions: (0, import_xstate2.assign)({
1200
- error: /* @__PURE__ */ __name((_ctx, _event) => ({
1201
- title: translate("siopV2_machine_get_request_error_title"),
1202
- message: _event.data.message,
1203
- stack: _event.data.stack
1204
- }), "error")
1205
- })
1206
- }
1207
- }
1208
- },
1209
- [FirstPartyMachineStateTypes.selectCredentials]: {
1210
- id: FirstPartyMachineStateTypes.selectCredentials,
1211
- on: {
1212
- [FirstPartyMachineEvents.SET_SELECTED_CREDENTIALS]: {
1213
- actions: (0, import_xstate2.assign)({
1214
- selectedCredentials: /* @__PURE__ */ __name((_ctx, _event) => _event.data, "selectedCredentials")
1215
- })
1216
- },
1217
- [FirstPartyMachineEvents.NEXT]: {
1218
- target: FirstPartyMachineStateTypes.sendAuthorizationResponse
1219
- },
1220
- [FirstPartyMachineEvents.DECLINE]: {
1221
- target: FirstPartyMachineStateTypes.declined
1222
- },
1223
- [FirstPartyMachineEvents.PREVIOUS]: {
1224
- target: FirstPartyMachineStateTypes.aborted
1225
- }
1226
- }
1227
- },
1228
- [FirstPartyMachineStateTypes.sendAuthorizationResponse]: {
1229
- id: FirstPartyMachineStateTypes.sendAuthorizationResponse,
1230
- invoke: {
1231
- src: FirstPartyMachineServices.sendAuthorizationResponse,
1232
- onDone: {
1233
- target: FirstPartyMachineStateTypes.sendAuthorizationChallengeRequest,
1234
- actions: (0, import_xstate2.assign)({
1235
- presentationDuringIssuanceSession: /* @__PURE__ */ __name((_ctx, _event) => _event.data, "presentationDuringIssuanceSession")
1236
- })
1237
- },
1238
- onError: {
1239
- target: FirstPartyMachineStateTypes.error,
1240
- actions: (0, import_xstate2.assign)({
1241
- error: /* @__PURE__ */ __name((_ctx, _event) => ({
1242
- title: translate("oid4vci_machine_get_request_error_title"),
1243
- message: _event.data.message,
1244
- stack: _event.data.stack
1245
- }), "error")
1246
- })
1247
- }
1248
- }
1249
- },
1250
- [FirstPartyMachineStateTypes.aborted]: {
1251
- id: FirstPartyMachineStateTypes.aborted,
1252
- type: "final"
1253
- },
1254
- [FirstPartyMachineStateTypes.declined]: {
1255
- id: FirstPartyMachineStateTypes.declined,
1256
- type: "final"
1257
- },
1258
- [FirstPartyMachineStateTypes.error]: {
1259
- id: FirstPartyMachineStateTypes.error,
1260
- type: "final"
1261
- },
1262
- [FirstPartyMachineStateTypes.done]: {
1263
- id: FirstPartyMachineStateTypes.done,
1264
- type: "final"
1265
- }
1266
- };
1267
- var createFirstPartyActivationMachine = /* @__PURE__ */ __name((opts) => {
1268
- const initialContext = {
1269
- openID4VCIClientState: opts.openID4VCIClientState,
1270
- contact: opts.contact,
1271
- selectedCredentials: []
1272
- };
1273
- return (0, import_xstate2.createMachine)({
1274
- id: opts?.machineId ?? "FirstParty",
1275
- predictableActionArguments: true,
1276
- initial: FirstPartyMachineStateTypes.sendAuthorizationChallengeRequest,
1277
- context: initialContext,
1278
- states: firstPartyMachineStates,
1279
- schema: {
1280
- events: {},
1281
- services: {}
1282
- }
1283
- });
1284
- }, "createFirstPartyActivationMachine");
1285
- var FirstPartyMachine = class _FirstPartyMachine {
1286
- static {
1287
- __name(this, "FirstPartyMachine");
1288
- }
1289
- static _instance;
1290
- static hasInstance() {
1291
- return _FirstPartyMachine._instance !== void 0;
1292
- }
1293
- static get instance() {
1294
- if (!_FirstPartyMachine._instance) {
1295
- throw Error("Please initialize ESIMActivation machine first");
1296
- }
1297
- return _FirstPartyMachine._instance;
1298
- }
1299
- static clearInstance(opts) {
1300
- const { stop } = opts;
1301
- if (_FirstPartyMachine.hasInstance()) {
1302
- if (stop) {
1303
- _FirstPartyMachine.stopInstance();
1304
- }
1305
- }
1306
- _FirstPartyMachine._instance = void 0;
1307
- }
1308
- static stopInstance() {
1309
- if (!_FirstPartyMachine.hasInstance()) {
1310
- return;
1311
- }
1312
- _FirstPartyMachine.instance.stop();
1313
- _FirstPartyMachine._instance = void 0;
1314
- }
1315
- static newInstance(opts) {
1316
- const { agentContext } = opts;
1317
- const services = {
1318
- [FirstPartyMachineServices.sendAuthorizationChallengeRequest]: sendAuthorizationChallengeRequest,
1319
- [FirstPartyMachineServices.createConfig]: (args) => createConfig(args, agentContext),
1320
- [FirstPartyMachineServices.getSiopRequest]: (args) => getSiopRequest(args, agentContext),
1321
- [FirstPartyMachineServices.sendAuthorizationResponse]: (args) => sendAuthorizationResponse(args, agentContext)
1322
- };
1323
- const newInst = (0, import_xstate2.interpret)(createFirstPartyActivationMachine(opts).withConfig({
1324
- services: {
1325
- ...services,
1326
- ...opts?.services
1327
- },
1328
- guards: {
1329
- ...opts?.guards
1330
- }
1331
- }));
1332
- if (typeof opts?.subscription === "function") {
1333
- newInst.onTransition(opts.subscription);
1334
- }
1335
- if (opts?.requireCustomNavigationHook !== true) {
1336
- newInst.onTransition((snapshot) => {
1337
- if (opts?.stateNavigationListener) {
1338
- void opts.stateNavigationListener(newInst, snapshot);
1339
- }
1340
- });
1341
- }
1342
- return newInst;
1343
- }
1344
- static getInstance(opts) {
1345
- if (!_FirstPartyMachine._instance) {
1346
- if (opts?.requireExisting === true) {
1347
- throw Error(`Existing FirstPartyMachine instance requested, but none was created at this point!`);
1348
- }
1349
- _FirstPartyMachine._instance = _FirstPartyMachine.newInstance(opts);
1350
- }
1351
- return _FirstPartyMachine._instance;
1352
- }
1353
- };
1354
-
1355
1066
  // src/mappers/OIDC4VCIBrandingMapper.ts
1356
1067
  var oid4vciGetCredentialBrandingFrom = /* @__PURE__ */ __name(async (args) => {
1357
1068
  const { credentialDisplay, issuerCredentialSubject } = args;
@@ -1530,97 +1241,383 @@ var sdJwtCredentialLocaleBrandingFrom = /* @__PURE__ */ __name(async (args) => {
1530
1241
  alt: credentialDisplay.rendering.simple.logo.alt_text
1531
1242
  }
1532
1243
  }
1533
- },
1534
- ...credentialDisplay.description && {
1535
- description: credentialDisplay.description
1536
- },
1537
- ...credentialDisplay.rendering?.simple?.text_color && {
1538
- text: {
1539
- color: credentialDisplay.rendering.simple.text_color
1244
+ },
1245
+ ...credentialDisplay.description && {
1246
+ description: credentialDisplay.description
1247
+ },
1248
+ ...credentialDisplay.rendering?.simple?.text_color && {
1249
+ text: {
1250
+ color: credentialDisplay.rendering.simple.text_color
1251
+ }
1252
+ },
1253
+ ...credentialDisplay.rendering?.simple?.background_color && {
1254
+ background: {
1255
+ color: credentialDisplay.rendering.simple.background_color
1256
+ }
1257
+ }
1258
+ };
1259
+ }, "sdJwtCredentialLocaleBrandingFrom");
1260
+ var sdJwtCombineDisplayLocalesFrom = /* @__PURE__ */ __name(async (args) => {
1261
+ const { credentialDisplayLocales = /* @__PURE__ */ new Map(), claimsMetadata = /* @__PURE__ */ new Map() } = args;
1262
+ const locales = Array.from(/* @__PURE__ */ new Set([
1263
+ ...claimsMetadata.keys(),
1264
+ ...credentialDisplayLocales.keys()
1265
+ ]));
1266
+ return Promise.all(locales.map(async (locale) => {
1267
+ const display = credentialDisplayLocales.get(locale);
1268
+ const claims = claimsMetadata.get(locale);
1269
+ return {
1270
+ ...display && await sdJwtCredentialLocaleBrandingFrom({
1271
+ credentialDisplay: display
1272
+ }),
1273
+ ...locale.length > 0 && {
1274
+ locale
1275
+ },
1276
+ claims
1277
+ };
1278
+ }));
1279
+ }, "sdJwtCombineDisplayLocalesFrom");
1280
+ var issuerLocaleBrandingFrom = /* @__PURE__ */ __name(async (args) => {
1281
+ const { issuerDisplay, dynamicRegistrationClientMetadata } = args;
1282
+ return {
1283
+ ...dynamicRegistrationClientMetadata?.client_name && {
1284
+ alias: dynamicRegistrationClientMetadata.client_name
1285
+ },
1286
+ ...issuerDisplay.name && {
1287
+ alias: issuerDisplay.name
1288
+ },
1289
+ ...issuerDisplay.locale && {
1290
+ locale: issuerDisplay.locale
1291
+ },
1292
+ ...(issuerDisplay.logo || dynamicRegistrationClientMetadata?.logo_uri) && {
1293
+ logo: {
1294
+ ...dynamicRegistrationClientMetadata?.logo_uri && {
1295
+ uri: dynamicRegistrationClientMetadata?.logo_uri
1296
+ },
1297
+ ...(issuerDisplay.logo?.url || issuerDisplay.logo?.uri) && {
1298
+ uri: issuerDisplay.logo?.url ?? issuerDisplay.logo?.uri
1299
+ },
1300
+ ...issuerDisplay.logo?.alt_text && {
1301
+ alt: issuerDisplay.logo?.alt_text
1302
+ }
1303
+ }
1304
+ },
1305
+ ...issuerDisplay.description && {
1306
+ description: issuerDisplay.description
1307
+ },
1308
+ ...issuerDisplay.text_color && {
1309
+ text: {
1310
+ color: issuerDisplay.text_color
1311
+ }
1312
+ },
1313
+ ...dynamicRegistrationClientMetadata?.client_uri && {
1314
+ clientUri: dynamicRegistrationClientMetadata.client_uri
1315
+ },
1316
+ ...dynamicRegistrationClientMetadata?.tos_uri && {
1317
+ tosUri: dynamicRegistrationClientMetadata.tos_uri
1318
+ },
1319
+ ...dynamicRegistrationClientMetadata?.policy_uri && {
1320
+ policyUri: dynamicRegistrationClientMetadata.policy_uri
1321
+ },
1322
+ ...dynamicRegistrationClientMetadata?.contacts && {
1323
+ contacts: dynamicRegistrationClientMetadata.contacts
1324
+ }
1325
+ };
1326
+ }, "issuerLocaleBrandingFrom");
1327
+
1328
+ // src/machines/firstPartyMachine.ts
1329
+ var import_xstate2 = require("xstate");
1330
+ var import_oid4vci_common2 = require("@sphereon/oid4vci-common");
1331
+
1332
+ // src/services/FirstPartyMachineServices.ts
1333
+ var import_oid4vci_client = require("@sphereon/oid4vci-client");
1334
+ var import_uuid = require("uuid");
1335
+ var sendAuthorizationChallengeRequest = /* @__PURE__ */ __name(async (args) => {
1336
+ const { openID4VCIClientState, authSession, presentationDuringIssuanceSession } = args;
1337
+ const oid4vciClient = await import_oid4vci_client.OpenID4VCIClient.fromState({
1338
+ state: openID4VCIClientState
1339
+ });
1340
+ return oid4vciClient.acquireAuthorizationChallengeCode({
1341
+ clientId: oid4vciClient.clientId ?? (0, import_uuid.v4)(),
1342
+ ...authSession && {
1343
+ authSession
1344
+ },
1345
+ ...!authSession && openID4VCIClientState.credentialOffer?.preAuthorizedCode && {
1346
+ issuerState: openID4VCIClientState.credentialOffer?.preAuthorizedCode
1347
+ },
1348
+ ...!authSession && openID4VCIClientState.credentialOffer?.issuerState && {
1349
+ issuerState: openID4VCIClientState.credentialOffer?.issuerState
1350
+ },
1351
+ ...presentationDuringIssuanceSession && {
1352
+ presentationDuringIssuanceSession
1353
+ }
1354
+ });
1355
+ }, "sendAuthorizationChallengeRequest");
1356
+ var createConfig = /* @__PURE__ */ __name(async (args, context) => {
1357
+ const { presentationUri } = args;
1358
+ if (!presentationUri) {
1359
+ return Promise.reject(Error("Missing presentation uri in context"));
1360
+ }
1361
+ return context.agent.siopCreateConfig({
1362
+ url: presentationUri
1363
+ });
1364
+ }, "createConfig");
1365
+ var getSiopRequest = /* @__PURE__ */ __name(async (args, context) => {
1366
+ const { didAuthConfig, presentationUri } = args;
1367
+ if (presentationUri === void 0) {
1368
+ return Promise.reject(Error("Missing presentation uri in context"));
1369
+ }
1370
+ if (didAuthConfig === void 0) {
1371
+ return Promise.reject(Error("Missing did auth config in context"));
1372
+ }
1373
+ return context.agent.siopGetSiopRequest({
1374
+ didAuthConfig,
1375
+ url: presentationUri
1376
+ });
1377
+ }, "getSiopRequest");
1378
+ var sendAuthorizationResponse = /* @__PURE__ */ __name(async (args, context) => {
1379
+ const { didAuthConfig, authorizationRequestData, selectedCredentials } = args;
1380
+ const responseData = await context.agent.siopSendResponse({
1381
+ authorizationRequestData,
1382
+ selectedCredentials,
1383
+ didAuthConfig,
1384
+ isFirstParty: true
1385
+ });
1386
+ return responseData.body.presentation_during_issuance_session;
1387
+ }, "sendAuthorizationResponse");
1388
+
1389
+ // src/machines/firstPartyMachine.ts
1390
+ var firstPartyMachineStates = {
1391
+ [FirstPartyMachineStateTypes.sendAuthorizationChallengeRequest]: {
1392
+ id: FirstPartyMachineStateTypes.sendAuthorizationChallengeRequest,
1393
+ invoke: {
1394
+ src: FirstPartyMachineServices.sendAuthorizationChallengeRequest,
1395
+ onDone: {
1396
+ target: FirstPartyMachineStateTypes.done,
1397
+ actions: (0, import_xstate2.assign)({
1398
+ authorizationCodeResponse: /* @__PURE__ */ __name((_ctx, _event) => _event.data, "authorizationCodeResponse")
1399
+ })
1400
+ },
1401
+ onError: [
1402
+ {
1403
+ target: FirstPartyMachineStateTypes.createConfig,
1404
+ cond: /* @__PURE__ */ __name((_ctx, _event) => _event.data.error === import_oid4vci_common2.AuthorizationChallengeError.insufficient_authorization, "cond"),
1405
+ actions: (0, import_xstate2.assign)({
1406
+ authSession: /* @__PURE__ */ __name((_ctx, _event) => _event.data.auth_session, "authSession"),
1407
+ presentationUri: /* @__PURE__ */ __name((_ctx, _event) => _event.data.presentation, "presentationUri")
1408
+ })
1409
+ },
1410
+ {
1411
+ target: FirstPartyMachineStateTypes.error,
1412
+ actions: (0, import_xstate2.assign)({
1413
+ error: /* @__PURE__ */ __name((_ctx, _event) => ({
1414
+ title: translate("oid4vci_machine_send_authorization_challenge_request_error_title"),
1415
+ message: _event.data.message,
1416
+ stack: _event.data.stack
1417
+ }), "error")
1418
+ })
1419
+ }
1420
+ ]
1421
+ }
1422
+ },
1423
+ [FirstPartyMachineStateTypes.createConfig]: {
1424
+ id: FirstPartyMachineStateTypes.createConfig,
1425
+ invoke: {
1426
+ src: FirstPartyMachineServices.createConfig,
1427
+ onDone: {
1428
+ target: FirstPartyMachineStateTypes.getSiopRequest,
1429
+ actions: (0, import_xstate2.assign)({
1430
+ didAuthConfig: /* @__PURE__ */ __name((_ctx, _event) => _event.data, "didAuthConfig")
1431
+ })
1432
+ },
1433
+ onError: {
1434
+ target: FirstPartyMachineStateTypes.error,
1435
+ actions: (0, import_xstate2.assign)({
1436
+ error: /* @__PURE__ */ __name((_ctx, _event) => ({
1437
+ title: translate("oid4vci_machine_create_config_error_title"),
1438
+ message: _event.data.message,
1439
+ stack: _event.data.stack
1440
+ }), "error")
1441
+ })
1442
+ }
1443
+ }
1444
+ },
1445
+ [FirstPartyMachineStateTypes.getSiopRequest]: {
1446
+ id: FirstPartyMachineStateTypes.getSiopRequest,
1447
+ invoke: {
1448
+ src: FirstPartyMachineServices.getSiopRequest,
1449
+ onDone: {
1450
+ target: FirstPartyMachineStateTypes.selectCredentials,
1451
+ actions: (0, import_xstate2.assign)({
1452
+ authorizationRequestData: /* @__PURE__ */ __name((_ctx, _event) => _event.data, "authorizationRequestData")
1453
+ })
1454
+ },
1455
+ onError: {
1456
+ target: FirstPartyMachineStateTypes.error,
1457
+ actions: (0, import_xstate2.assign)({
1458
+ error: /* @__PURE__ */ __name((_ctx, _event) => ({
1459
+ title: translate("siopV2_machine_get_request_error_title"),
1460
+ message: _event.data.message,
1461
+ stack: _event.data.stack
1462
+ }), "error")
1463
+ })
1540
1464
  }
1541
- },
1542
- ...credentialDisplay.rendering?.simple?.background_color && {
1543
- background: {
1544
- color: credentialDisplay.rendering.simple.background_color
1465
+ }
1466
+ },
1467
+ [FirstPartyMachineStateTypes.selectCredentials]: {
1468
+ id: FirstPartyMachineStateTypes.selectCredentials,
1469
+ on: {
1470
+ [FirstPartyMachineEvents.SET_SELECTED_CREDENTIALS]: {
1471
+ actions: (0, import_xstate2.assign)({
1472
+ selectedCredentials: /* @__PURE__ */ __name((_ctx, _event) => _event.data, "selectedCredentials")
1473
+ })
1474
+ },
1475
+ [FirstPartyMachineEvents.NEXT]: {
1476
+ target: FirstPartyMachineStateTypes.sendAuthorizationResponse
1477
+ },
1478
+ [FirstPartyMachineEvents.DECLINE]: {
1479
+ target: FirstPartyMachineStateTypes.declined
1480
+ },
1481
+ [FirstPartyMachineEvents.PREVIOUS]: {
1482
+ target: FirstPartyMachineStateTypes.aborted
1545
1483
  }
1546
1484
  }
1547
- };
1548
- }, "sdJwtCredentialLocaleBrandingFrom");
1549
- var sdJwtCombineDisplayLocalesFrom = /* @__PURE__ */ __name(async (args) => {
1550
- const { credentialDisplayLocales = /* @__PURE__ */ new Map(), claimsMetadata = /* @__PURE__ */ new Map() } = args;
1551
- const locales = Array.from(/* @__PURE__ */ new Set([
1552
- ...claimsMetadata.keys(),
1553
- ...credentialDisplayLocales.keys()
1554
- ]));
1555
- return Promise.all(locales.map(async (locale) => {
1556
- const display = credentialDisplayLocales.get(locale);
1557
- const claims = claimsMetadata.get(locale);
1558
- return {
1559
- ...display && await sdJwtCredentialLocaleBrandingFrom({
1560
- credentialDisplay: display
1561
- }),
1562
- ...locale.length > 0 && {
1563
- locale
1485
+ },
1486
+ [FirstPartyMachineStateTypes.sendAuthorizationResponse]: {
1487
+ id: FirstPartyMachineStateTypes.sendAuthorizationResponse,
1488
+ invoke: {
1489
+ src: FirstPartyMachineServices.sendAuthorizationResponse,
1490
+ onDone: {
1491
+ target: FirstPartyMachineStateTypes.sendAuthorizationChallengeRequest,
1492
+ actions: (0, import_xstate2.assign)({
1493
+ presentationDuringIssuanceSession: /* @__PURE__ */ __name((_ctx, _event) => _event.data, "presentationDuringIssuanceSession")
1494
+ })
1564
1495
  },
1565
- claims
1496
+ onError: {
1497
+ target: FirstPartyMachineStateTypes.error,
1498
+ actions: (0, import_xstate2.assign)({
1499
+ error: /* @__PURE__ */ __name((_ctx, _event) => ({
1500
+ title: translate("oid4vci_machine_get_request_error_title"),
1501
+ message: _event.data.message,
1502
+ stack: _event.data.stack
1503
+ }), "error")
1504
+ })
1505
+ }
1506
+ }
1507
+ },
1508
+ [FirstPartyMachineStateTypes.aborted]: {
1509
+ id: FirstPartyMachineStateTypes.aborted,
1510
+ type: "final"
1511
+ },
1512
+ [FirstPartyMachineStateTypes.declined]: {
1513
+ id: FirstPartyMachineStateTypes.declined,
1514
+ type: "final"
1515
+ },
1516
+ [FirstPartyMachineStateTypes.error]: {
1517
+ id: FirstPartyMachineStateTypes.error,
1518
+ type: "final"
1519
+ },
1520
+ [FirstPartyMachineStateTypes.done]: {
1521
+ id: FirstPartyMachineStateTypes.done,
1522
+ type: "final"
1523
+ }
1524
+ };
1525
+ var createFirstPartyActivationMachine = /* @__PURE__ */ __name((opts) => {
1526
+ const initialContext = {
1527
+ openID4VCIClientState: opts.openID4VCIClientState,
1528
+ contact: opts.contact,
1529
+ selectedCredentials: []
1530
+ };
1531
+ return (0, import_xstate2.createMachine)({
1532
+ id: opts?.machineId ?? "FirstParty",
1533
+ predictableActionArguments: true,
1534
+ initial: FirstPartyMachineStateTypes.sendAuthorizationChallengeRequest,
1535
+ context: initialContext,
1536
+ states: firstPartyMachineStates,
1537
+ schema: {
1538
+ events: {},
1539
+ services: {}
1540
+ }
1541
+ });
1542
+ }, "createFirstPartyActivationMachine");
1543
+ var FirstPartyMachine = class _FirstPartyMachine {
1544
+ static {
1545
+ __name(this, "FirstPartyMachine");
1546
+ }
1547
+ static _instance;
1548
+ static hasInstance() {
1549
+ return _FirstPartyMachine._instance !== void 0;
1550
+ }
1551
+ static get instance() {
1552
+ if (!_FirstPartyMachine._instance) {
1553
+ throw Error("Please initialize ESIMActivation machine first");
1554
+ }
1555
+ return _FirstPartyMachine._instance;
1556
+ }
1557
+ static clearInstance(opts) {
1558
+ const { stop } = opts;
1559
+ if (_FirstPartyMachine.hasInstance()) {
1560
+ if (stop) {
1561
+ _FirstPartyMachine.stopInstance();
1562
+ }
1563
+ }
1564
+ _FirstPartyMachine._instance = void 0;
1565
+ }
1566
+ static stopInstance() {
1567
+ if (!_FirstPartyMachine.hasInstance()) {
1568
+ return;
1569
+ }
1570
+ _FirstPartyMachine.instance.stop();
1571
+ _FirstPartyMachine._instance = void 0;
1572
+ }
1573
+ static newInstance(opts) {
1574
+ const { agentContext } = opts;
1575
+ const services = {
1576
+ [FirstPartyMachineServices.sendAuthorizationChallengeRequest]: sendAuthorizationChallengeRequest,
1577
+ [FirstPartyMachineServices.createConfig]: (args) => createConfig(args, agentContext),
1578
+ [FirstPartyMachineServices.getSiopRequest]: (args) => getSiopRequest(args, agentContext),
1579
+ [FirstPartyMachineServices.sendAuthorizationResponse]: (args) => sendAuthorizationResponse(args, agentContext)
1566
1580
  };
1567
- }));
1568
- }, "sdJwtCombineDisplayLocalesFrom");
1569
- var issuerLocaleBrandingFrom = /* @__PURE__ */ __name(async (args) => {
1570
- const { issuerDisplay, dynamicRegistrationClientMetadata } = args;
1571
- return {
1572
- ...dynamicRegistrationClientMetadata?.client_name && {
1573
- alias: dynamicRegistrationClientMetadata.client_name
1574
- },
1575
- ...issuerDisplay.name && {
1576
- alias: issuerDisplay.name
1577
- },
1578
- ...issuerDisplay.locale && {
1579
- locale: issuerDisplay.locale
1580
- },
1581
- ...(issuerDisplay.logo || dynamicRegistrationClientMetadata?.logo_uri) && {
1582
- logo: {
1583
- ...dynamicRegistrationClientMetadata?.logo_uri && {
1584
- uri: dynamicRegistrationClientMetadata?.logo_uri
1585
- },
1586
- ...(issuerDisplay.logo?.url || issuerDisplay.logo?.uri) && {
1587
- uri: issuerDisplay.logo?.url ?? issuerDisplay.logo?.uri
1588
- },
1589
- ...issuerDisplay.logo?.alt_text && {
1590
- alt: issuerDisplay.logo?.alt_text
1591
- }
1581
+ const newInst = (0, import_xstate2.interpret)(createFirstPartyActivationMachine(opts).withConfig({
1582
+ services: {
1583
+ ...services,
1584
+ ...opts?.services
1585
+ },
1586
+ guards: {
1587
+ ...opts?.guards
1592
1588
  }
1593
- },
1594
- ...issuerDisplay.description && {
1595
- description: issuerDisplay.description
1596
- },
1597
- ...issuerDisplay.text_color && {
1598
- text: {
1599
- color: issuerDisplay.text_color
1589
+ }));
1590
+ if (typeof opts?.subscription === "function") {
1591
+ newInst.onTransition(opts.subscription);
1592
+ }
1593
+ if (opts?.requireCustomNavigationHook !== true) {
1594
+ newInst.onTransition((snapshot) => {
1595
+ if (opts?.stateNavigationListener) {
1596
+ void opts.stateNavigationListener(newInst, snapshot);
1597
+ }
1598
+ });
1599
+ }
1600
+ return newInst;
1601
+ }
1602
+ static getInstance(opts) {
1603
+ if (!_FirstPartyMachine._instance) {
1604
+ if (opts?.requireExisting === true) {
1605
+ throw Error(`Existing FirstPartyMachine instance requested, but none was created at this point!`);
1600
1606
  }
1601
- },
1602
- ...dynamicRegistrationClientMetadata?.client_uri && {
1603
- clientUri: dynamicRegistrationClientMetadata.client_uri
1604
- },
1605
- ...dynamicRegistrationClientMetadata?.tos_uri && {
1606
- tosUri: dynamicRegistrationClientMetadata.tos_uri
1607
- },
1608
- ...dynamicRegistrationClientMetadata?.policy_uri && {
1609
- policyUri: dynamicRegistrationClientMetadata.policy_uri
1610
- },
1611
- ...dynamicRegistrationClientMetadata?.contacts && {
1612
- contacts: dynamicRegistrationClientMetadata.contacts
1607
+ _FirstPartyMachine._instance = _FirstPartyMachine.newInstance(opts);
1613
1608
  }
1614
- };
1615
- }, "issuerLocaleBrandingFrom");
1609
+ return _FirstPartyMachine._instance;
1610
+ }
1611
+ };
1616
1612
 
1617
1613
  // src/services/OID4VCIHolderService.ts
1614
+ var import_ssi_sdk = require("@sphereon/ssi-sdk.core");
1618
1615
  var getCredentialBranding = /* @__PURE__ */ __name(async (args) => {
1619
1616
  const { credentialsSupported, context } = args;
1620
1617
  const credentialBranding = {};
1621
1618
  await Promise.all(Object.entries(credentialsSupported).map(async ([configId, credentialsConfigSupported]) => {
1622
1619
  let sdJwtTypeMetadata;
1623
- if (credentialsConfigSupported.format === "dc+sd-jwt") {
1620
+ if (credentialsConfigSupported.format === "vc+sd-jwt") {
1624
1621
  const vct = credentialsConfigSupported.vct;
1625
1622
  if (vct.startsWith("http")) {
1626
1623
  try {
@@ -1686,7 +1683,10 @@ var selectCredentialLocaleBranding = /* @__PURE__ */ __name(async (args) => {
1686
1683
  }, "selectCredentialLocaleBranding");
1687
1684
  var verifyCredentialToAccept = /* @__PURE__ */ __name(async (args) => {
1688
1685
  const { mappedCredential, hasher, onVerifyEBSICredentialIssuer, schemaValidation, context } = args;
1689
- const credential = extractCredentialFromResponse(mappedCredential.credentialToAccept.credentialResponse);
1686
+ const credential = mappedCredential.credentialToAccept.credentialResponse.credential;
1687
+ if (!credential) {
1688
+ return Promise.reject(Error("No credential found in credential response"));
1689
+ }
1690
1690
  const wrappedVC = import_ssi_types.CredentialMapper.toWrappedVerifiableCredential(credential, {
1691
1691
  hasher: hasher ?? import_ssi_sdk.defaultHasher
1692
1692
  });
@@ -1738,7 +1738,11 @@ var verifyCredentialToAccept = /* @__PURE__ */ __name(async (args) => {
1738
1738
  }, "verifyCredentialToAccept");
1739
1739
  var mapCredentialToAccept = /* @__PURE__ */ __name(async (args) => {
1740
1740
  const { credentialToAccept, hasher } = args;
1741
- const verifiableCredential = extractCredentialFromResponse(credentialToAccept.credentialResponse);
1741
+ const credentialResponse = credentialToAccept.credentialResponse;
1742
+ const verifiableCredential = credentialResponse.credential;
1743
+ if (!verifiableCredential) {
1744
+ return Promise.reject(Error("No credential found in credential response"));
1745
+ }
1742
1746
  const wrappedVerifiableCredential = import_ssi_types.CredentialMapper.toWrappedVerifiableCredential(verifiableCredential, {
1743
1747
  hasher
1744
1748
  });
@@ -1758,7 +1762,6 @@ var mapCredentialToAccept = /* @__PURE__ */ __name(async (args) => {
1758
1762
  uniformVerifiableCredential = wrappedVerifiableCredential.credential;
1759
1763
  }
1760
1764
  const correlationId = typeof uniformVerifiableCredential.issuer === "string" ? uniformVerifiableCredential.issuer : import_ssi_types.CredentialMapper.isSdJwtDecodedCredential(uniformVerifiableCredential) ? uniformVerifiableCredential.decodedPayload.iss : uniformVerifiableCredential.issuer.id;
1761
- const credentialResponse = credentialToAccept.credentialResponse;
1762
1765
  return {
1763
1766
  correlationId,
1764
1767
  credentialToAccept,
@@ -1770,18 +1773,6 @@ var mapCredentialToAccept = /* @__PURE__ */ __name(async (args) => {
1770
1773
  }
1771
1774
  };
1772
1775
  }, "mapCredentialToAccept");
1773
- var extractCredentialFromResponse = /* @__PURE__ */ __name((credentialResponse) => {
1774
- let credential;
1775
- if ("credential" in credentialResponse) {
1776
- credential = credentialResponse.credential;
1777
- } else if ("credentials" in credentialResponse && credentialResponse.credentials && Array.isArray(credentialResponse.credentials) && credentialResponse.credentials.length > 0) {
1778
- credential = credentialResponse.credentials[0].credential;
1779
- }
1780
- if (!credential) {
1781
- throw new Error("No credential found in credential response");
1782
- }
1783
- return credential;
1784
- }, "extractCredentialFromResponse");
1785
1776
  var getIdentifierOpts = /* @__PURE__ */ __name(async (args) => {
1786
1777
  const { issuanceOpt, context } = args;
1787
1778
  const { identifier: identifierArg } = issuanceOpt;
@@ -2083,7 +2074,6 @@ var getIssuanceCryptoSuite = /* @__PURE__ */ __name(async (opts) => {
2083
2074
  case "jwt_vc_json":
2084
2075
  case "jwt_vc":
2085
2076
  case "vc+sd-jwt":
2086
- case "dc+sd-jwt":
2087
2077
  case "mso_mdoc": {
2088
2078
  const supportedPreferences = jwtCryptographicSuitePreferences.filter((suite) => signing_algs_supported.includes(suite));
2089
2079
  if (supportedPreferences.length > 0) {
@@ -2152,6 +2142,7 @@ var startFirstPartApplicationMachine = /* @__PURE__ */ __name(async (args, conte
2152
2142
 
2153
2143
  // src/agent/OID4VCIHolder.ts
2154
2144
  var import_polyfill = require("cross-fetch/polyfill");
2145
+ var import_ssi_sdk3 = require("@sphereon/ssi-sdk.core");
2155
2146
  var oid4vciHolderContextMethods = [
2156
2147
  "cmGetContacts",
2157
2148
  "cmGetContact",
@@ -2167,7 +2158,7 @@ var oid4vciHolderContextMethods = [
2167
2158
  ];
2168
2159
  var logger = import_ssi_types2.Loggers.DEFAULT.get("sphereon:oid4vci:holder");
2169
2160
  function signCallback(identifier, context, nonce) {
2170
- return async (jwt, kid, noIssPayloadUpdate) => {
2161
+ return async (jwt, kid) => {
2171
2162
  let resolution = await context.agent.identifierManagedGet(identifier);
2172
2163
  const jwk = jwt.header.jwk ?? (resolution.method === "jwk" ? resolution.jwk : void 0);
2173
2164
  if (!resolution.issuer && !jwt.payload.iss) {
@@ -2185,7 +2176,7 @@ function signCallback(identifier, context, nonce) {
2185
2176
  return (await context.agent.jwtCreateJwsCompactSignature({
2186
2177
  issuer: {
2187
2178
  ...resolution,
2188
- noIssPayloadUpdate: noIssPayloadUpdate ?? false
2179
+ noIssPayloadUpdate: false
2189
2180
  },
2190
2181
  protectedHeader: header,
2191
2182
  payload
@@ -2220,7 +2211,6 @@ var OID4VCIHolder = class _OID4VCIHolder {
2220
2211
  oid4vciHolderStoreIssuerBranding: this.oid4vciHolderStoreIssuerBranding.bind(this)
2221
2212
  };
2222
2213
  vcFormatPreferences = [
2223
- "dc+sd-jwt",
2224
2214
  "vc+sd-jwt",
2225
2215
  "mso_mdoc",
2226
2216
  "jwt_vc_json",
@@ -2254,7 +2244,7 @@ var OID4VCIHolder = class _OID4VCIHolder {
2254
2244
  onIdentifierCreated;
2255
2245
  onVerifyEBSICredentialIssuer;
2256
2246
  constructor(options) {
2257
- const { onContactIdentityCreated, onCredentialStored, onIdentifierCreated, onVerifyEBSICredentialIssuer, vcFormatPreferences, jsonldCryptographicSuitePreferences, didMethodPreferences, jwtCryptographicSuitePreferences, defaultAuthorizationRequestOptions, hasher = import_ssi_sdk2.defaultHasher } = {
2247
+ const { onContactIdentityCreated, onCredentialStored, onIdentifierCreated, onVerifyEBSICredentialIssuer, vcFormatPreferences, jsonldCryptographicSuitePreferences, didMethodPreferences, jwtCryptographicSuitePreferences, defaultAuthorizationRequestOptions, hasher = import_ssi_sdk3.defaultHasher } = {
2258
2248
  ...options
2259
2249
  };
2260
2250
  this.hasher = hasher;
@@ -2635,26 +2625,26 @@ var OID4VCIHolder = class _OID4VCIHolder {
2635
2625
  return Promise.reject(Error("Missing credential offers in context"));
2636
2626
  }
2637
2627
  let correlationId = credentialsToAccept[0].correlationId;
2638
- let identifierType = import_ssi_sdk3.CorrelationIdentifierType.DID;
2628
+ let identifierType = import_ssi_sdk2.CorrelationIdentifierType.DID;
2639
2629
  if (!correlationId.toLowerCase().startsWith("did:")) {
2640
- identifierType = import_ssi_sdk3.CorrelationIdentifierType.URL;
2630
+ identifierType = import_ssi_sdk2.CorrelationIdentifierType.URL;
2641
2631
  if (correlationId.startsWith("http")) {
2642
2632
  correlationId = new URL(correlationId).hostname;
2643
2633
  }
2644
2634
  }
2645
2635
  const identity = {
2646
2636
  alias: credentialsToAccept[0].correlationId,
2647
- origin: import_ssi_sdk3.IdentityOrigin.EXTERNAL,
2637
+ origin: import_ssi_sdk2.IdentityOrigin.EXTERNAL,
2648
2638
  roles: [
2649
- import_ssi_types2.CredentialRole.ISSUER
2639
+ import_ssi_sdk2.CredentialRole.ISSUER
2650
2640
  ],
2651
2641
  identifier: {
2652
2642
  type: identifierType,
2653
2643
  correlationId
2654
2644
  },
2655
- ...identifierType === import_ssi_sdk3.CorrelationIdentifierType.URL && {
2645
+ ...identifierType === import_ssi_sdk2.CorrelationIdentifierType.URL && {
2656
2646
  connection: {
2657
- type: import_ssi_sdk3.ConnectionType.OPENID_CONNECT,
2647
+ type: import_ssi_sdk2.ConnectionType.OPENID_CONNECT,
2658
2648
  config: {
2659
2649
  clientId: "138d7bf8-c930-4c6e-b928-97d3a4928b01",
2660
2650
  clientSecret: "03b3955f-d020-4f2a-8a27-4e452d4e27a0",
@@ -2681,7 +2671,7 @@ var OID4VCIHolder = class _OID4VCIHolder {
2681
2671
  }
2682
2672
  async oid4vciHolderGetIssuerBranding(args, context) {
2683
2673
  const { serverMetadata, contact } = args;
2684
- const issuerCorrelationId = contact?.identities.filter((identity) => identity.roles.includes(import_ssi_types2.CredentialRole.ISSUER)).map((identity) => identity.identifier.correlationId)[0];
2674
+ const issuerCorrelationId = contact?.identities.filter((identity) => identity.roles.includes(import_ssi_sdk2.CredentialRole.ISSUER)).map((identity) => identity.identifier.correlationId)[0];
2685
2675
  if (issuerCorrelationId) {
2686
2676
  const branding = await context.agent.ibGetIssuerBranding({
2687
2677
  filter: [
@@ -2711,7 +2701,7 @@ var OID4VCIHolder = class _OID4VCIHolder {
2711
2701
  if (!contact) {
2712
2702
  return Promise.reject(Error("Missing contact in context"));
2713
2703
  }
2714
- const issuerCorrelationId = contact?.identities.filter((identity) => identity.roles.includes(import_ssi_types2.CredentialRole.ISSUER)).map((identity) => identity.identifier.correlationId)[0];
2704
+ const issuerCorrelationId = contact?.identities.filter((identity) => identity.roles.includes(import_ssi_sdk2.CredentialRole.ISSUER)).map((identity) => identity.identifier.correlationId)[0];
2715
2705
  const branding = await context.agent.ibGetIssuerBranding({
2716
2706
  filter: [
2717
2707
  {
@@ -2807,9 +2797,9 @@ var OID4VCIHolder = class _OID4VCIHolder {
2807
2797
  if (Array.isArray(subjectIssuance?.notification_events_supported)) {
2808
2798
  event = subjectIssuance.notification_events_supported.includes("credential_accepted_holder_signed") ? "credential_accepted_holder_signed" : "credential_deleted_holder_signed";
2809
2799
  logger.log(`Subject issuance/signing will be used, with event`, event);
2810
- const issuerVC = extractCredentialFromResponse(mappedCredentialToAccept.credentialToAccept.credentialResponse);
2800
+ const issuerVC = mappedCredentialToAccept.credentialToAccept.credentialResponse.credential;
2811
2801
  const wrappedIssuerVC = import_ssi_types2.CredentialMapper.toWrappedVerifiableCredential(issuerVC, {
2812
- hasher: this.hasher ?? import_ssi_sdk2.defaultHasher
2802
+ hasher: this.hasher ?? import_ssi_sdk3.defaultHasher
2813
2803
  });
2814
2804
  console.log(`Wrapped VC: ${wrappedIssuerVC.type}, ${wrappedIssuerVC.format}`);
2815
2805
  let issuer;
@@ -2910,11 +2900,11 @@ var OID4VCIHolder = class _OID4VCIHolder {
2910
2900
  const [subjectCorrelationType, subjectCorrelationId] = this.determineSubjectCorrelation(issuanceOpt.identifier, issuer);
2911
2901
  const persistedCredential = await context.agent.crsAddCredential({
2912
2902
  credential: {
2913
- rawDocument: (0, import_ssi_sdk3.ensureRawDocument)(persistCredential),
2903
+ rawDocument: (0, import_ssi_sdk2.ensureRawDocument)(persistCredential),
2914
2904
  kmsKeyRef,
2915
2905
  identifierMethod: method,
2916
- credentialRole: import_ssi_types2.CredentialRole.HOLDER,
2917
- issuerCorrelationType: issuer?.startsWith("did:") ? import_ssi_sdk3.CredentialCorrelationType.DID : import_ssi_sdk3.CredentialCorrelationType.URL,
2906
+ credentialRole: import_ssi_sdk2.CredentialRole.HOLDER,
2907
+ issuerCorrelationType: issuer?.startsWith("did:") ? import_ssi_sdk2.CredentialCorrelationType.DID : import_ssi_sdk2.CredentialCorrelationType.URL,
2918
2908
  issuerCorrelationId: issuer,
2919
2909
  subjectCorrelationType,
2920
2910
  subjectCorrelationId
@@ -2982,12 +2972,12 @@ var OID4VCIHolder = class _OID4VCIHolder {
2982
2972
  case "did":
2983
2973
  if ((0, import_ssi_sdk_ext6.isManagedIdentifierResult)(identifier) && (0, import_ssi_sdk_ext6.isManagedIdentifierDidResult)(identifier)) {
2984
2974
  return [
2985
- import_ssi_sdk3.CredentialCorrelationType.DID,
2975
+ import_ssi_sdk2.CredentialCorrelationType.DID,
2986
2976
  identifier.did
2987
2977
  ];
2988
2978
  } else if ((0, import_ssi_sdk_ext6.isManagedIdentifierDidOpts)(identifier)) {
2989
2979
  return [
2990
- import_ssi_sdk3.CredentialCorrelationType.DID,
2980
+ import_ssi_sdk2.CredentialCorrelationType.DID,
2991
2981
  typeof identifier.identifier === "string" ? identifier.identifier : identifier.identifier.did
2992
2982
  ];
2993
2983
  }
@@ -2995,12 +2985,12 @@ var OID4VCIHolder = class _OID4VCIHolder {
2995
2985
  case "kid":
2996
2986
  if ((0, import_ssi_sdk_ext6.isManagedIdentifierResult)(identifier) && (0, import_ssi_sdk_ext6.isManagedIdentifierKidResult)(identifier)) {
2997
2987
  return [
2998
- import_ssi_sdk3.CredentialCorrelationType.KID,
2988
+ import_ssi_sdk2.CredentialCorrelationType.KID,
2999
2989
  identifier.kid
3000
2990
  ];
3001
2991
  } else if ((0, import_ssi_sdk_ext6.isManagedIdentifierDidOpts)(identifier)) {
3002
2992
  return [
3003
- import_ssi_sdk3.CredentialCorrelationType.KID,
2993
+ import_ssi_sdk2.CredentialCorrelationType.KID,
3004
2994
  identifier.identifier
3005
2995
  ];
3006
2996
  }
@@ -3008,19 +2998,19 @@ var OID4VCIHolder = class _OID4VCIHolder {
3008
2998
  case "x5c":
3009
2999
  if ((0, import_ssi_sdk_ext6.isManagedIdentifierResult)(identifier) && (0, import_ssi_sdk_ext6.isManagedIdentifierX5cResult)(identifier)) {
3010
3000
  return [
3011
- import_ssi_sdk3.CredentialCorrelationType.X509_SAN,
3001
+ import_ssi_sdk2.CredentialCorrelationType.X509_SAN,
3012
3002
  identifier.x5c.join("\r\n")
3013
3003
  ];
3014
3004
  } else if ((0, import_ssi_sdk_ext6.isManagedIdentifierX5cOpts)(identifier)) {
3015
3005
  return [
3016
- import_ssi_sdk3.CredentialCorrelationType.X509_SAN,
3006
+ import_ssi_sdk2.CredentialCorrelationType.X509_SAN,
3017
3007
  identifier.identifier.join("\r\n")
3018
3008
  ];
3019
3009
  }
3020
3010
  break;
3021
3011
  }
3022
3012
  return [
3023
- import_ssi_sdk3.CredentialCorrelationType.URL,
3013
+ import_ssi_sdk2.CredentialCorrelationType.URL,
3024
3014
  issuer
3025
3015
  ];
3026
3016
  }