@sphereon/ssi-sdk.oid4vci-holder 0.34.1-feature.SSISDK.46.45 → 0.34.1-feature.SSISDK.47.154
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.cjs +399 -385
- package/dist/index.cjs.map +1 -1
- package/dist/index.d.cts +9 -6
- package/dist/index.d.ts +9 -6
- package/dist/index.js +510 -496
- package/dist/index.js.map +1 -1
- package/package.json +25 -24
- package/src/agent/OID4VCIHolder.ts +33 -25
- package/src/services/OID4VCIHolderService.ts +48 -44
- package/src/types/FirstPartyMachine.ts +6 -5
- package/src/types/IOID4VCIHolder.ts +3 -1
package/dist/index.cjs
CHANGED
|
@@ -100,6 +100,7 @@ __export(index_exports, {
|
|
|
100
100
|
RequestType: () => RequestType,
|
|
101
101
|
SupportedLanguage: () => SupportedLanguage,
|
|
102
102
|
createConfig: () => createConfig,
|
|
103
|
+
extractCredentialFromResponse: () => extractCredentialFromResponse,
|
|
103
104
|
getBasicIssuerLocaleBranding: () => getBasicIssuerLocaleBranding,
|
|
104
105
|
getCredentialBranding: () => getCredentialBranding,
|
|
105
106
|
getCredentialConfigsBasedOnFormatPref: () => getCredentialConfigsBasedOnFormatPref,
|
|
@@ -139,7 +140,8 @@ var import_oid4vci_common4 = require("@sphereon/oid4vci-common");
|
|
|
139
140
|
var import_ssi_sdk_ext5 = require("@sphereon/ssi-sdk-ext.did-utils");
|
|
140
141
|
var import_ssi_sdk_ext6 = require("@sphereon/ssi-sdk-ext.identifier-resolution");
|
|
141
142
|
var import_ssi_sdk_ext7 = require("@sphereon/ssi-sdk-ext.key-utils");
|
|
142
|
-
var import_ssi_sdk2 = require("@sphereon/ssi-sdk.
|
|
143
|
+
var import_ssi_sdk2 = require("@sphereon/ssi-sdk.core");
|
|
144
|
+
var import_ssi_sdk3 = require("@sphereon/ssi-sdk.data-store");
|
|
143
145
|
var import_ssi_types2 = require("@sphereon/ssi-types");
|
|
144
146
|
var import_utils2 = require("@veramo/utils");
|
|
145
147
|
var import_did_jwt = require("did-jwt");
|
|
@@ -228,6 +230,7 @@ var OID4VCIMachineGuards = /* @__PURE__ */ (function(OID4VCIMachineGuards2) {
|
|
|
228
230
|
OID4VCIMachineGuards2["requirePinGuard"] = "oid4vciRequirePinGuard";
|
|
229
231
|
OID4VCIMachineGuards2["requireAuthorizationGuard"] = "oid4vciRequireAuthorizationGuard";
|
|
230
232
|
OID4VCIMachineGuards2["noAuthorizationGuard"] = "oid4vciNoAuthorizationGuard";
|
|
233
|
+
OID4VCIMachineGuards2["hasNonceEndpointGuard"] = "oid4vciHasNonceEndpointGuard ";
|
|
231
234
|
OID4VCIMachineGuards2["hasAuthorizationResponse"] = "oid4vciHasAuthorizationResponse";
|
|
232
235
|
OID4VCIMachineGuards2["hasNoContactIdentityGuard"] = "oid4vciHasNoContactIdentityGuard";
|
|
233
236
|
OID4VCIMachineGuards2["verificationCodeGuard"] = "oid4vciVerificationCodeGuard";
|
|
@@ -1060,271 +1063,10 @@ var import_ssi_sdk_ext = require("@sphereon/ssi-sdk-ext.did-resolver-jwk");
|
|
|
1060
1063
|
var import_ssi_sdk_ext2 = require("@sphereon/ssi-sdk-ext.did-utils");
|
|
1061
1064
|
var import_ssi_sdk_ext3 = require("@sphereon/ssi-sdk-ext.identifier-resolution");
|
|
1062
1065
|
var import_ssi_sdk_ext4 = require("@sphereon/ssi-sdk-ext.key-utils");
|
|
1066
|
+
var import_ssi_sdk = require("@sphereon/ssi-sdk.core");
|
|
1063
1067
|
var import_ssi_types = require("@sphereon/ssi-types");
|
|
1064
1068
|
var import_utils = require("@veramo/utils");
|
|
1065
1069
|
|
|
1066
|
-
// src/mappers/OIDC4VCIBrandingMapper.ts
|
|
1067
|
-
var oid4vciGetCredentialBrandingFrom = /* @__PURE__ */ __name(async (args) => {
|
|
1068
|
-
const { credentialDisplay, issuerCredentialSubject } = args;
|
|
1069
|
-
return oid4vciCombineDisplayLocalesFrom({
|
|
1070
|
-
...issuerCredentialSubject && {
|
|
1071
|
-
issuerCredentialSubjectLocales: await oid4vciIssuerCredentialSubjectLocalesFrom({
|
|
1072
|
-
issuerCredentialSubject
|
|
1073
|
-
})
|
|
1074
|
-
},
|
|
1075
|
-
...credentialDisplay && {
|
|
1076
|
-
credentialDisplayLocales: await oid4vciCredentialDisplayLocalesFrom({
|
|
1077
|
-
credentialDisplay
|
|
1078
|
-
})
|
|
1079
|
-
}
|
|
1080
|
-
});
|
|
1081
|
-
}, "oid4vciGetCredentialBrandingFrom");
|
|
1082
|
-
var oid4vciCredentialDisplayLocalesFrom = /* @__PURE__ */ __name(async (args) => {
|
|
1083
|
-
const { credentialDisplay } = args;
|
|
1084
|
-
return credentialDisplay.reduce((localeDisplays, display) => {
|
|
1085
|
-
const localeKey = display.locale || "";
|
|
1086
|
-
localeDisplays.set(localeKey, display);
|
|
1087
|
-
return localeDisplays;
|
|
1088
|
-
}, /* @__PURE__ */ new Map());
|
|
1089
|
-
}, "oid4vciCredentialDisplayLocalesFrom");
|
|
1090
|
-
var oid4vciIssuerCredentialSubjectLocalesFrom = /* @__PURE__ */ __name(async (args) => {
|
|
1091
|
-
const { issuerCredentialSubject } = args;
|
|
1092
|
-
const localeClaims = /* @__PURE__ */ new Map();
|
|
1093
|
-
const processClaimObject = /* @__PURE__ */ __name((claim, parentKey = "") => {
|
|
1094
|
-
Object.entries(claim).forEach(([key, value]) => {
|
|
1095
|
-
if (key === "mandatory" || key === "value_type") {
|
|
1096
|
-
return;
|
|
1097
|
-
}
|
|
1098
|
-
if (key === "display" && Array.isArray(value)) {
|
|
1099
|
-
value.forEach(({ name, locale = "" }) => {
|
|
1100
|
-
if (!name) {
|
|
1101
|
-
return;
|
|
1102
|
-
}
|
|
1103
|
-
if (!localeClaims.has(locale)) {
|
|
1104
|
-
localeClaims.set(locale, []);
|
|
1105
|
-
}
|
|
1106
|
-
localeClaims.get(locale).push({
|
|
1107
|
-
key: parentKey,
|
|
1108
|
-
name
|
|
1109
|
-
});
|
|
1110
|
-
});
|
|
1111
|
-
} else if (typeof value === "object" && value !== null) {
|
|
1112
|
-
processClaimObject(value, parentKey ? `${parentKey}.${key}` : key);
|
|
1113
|
-
}
|
|
1114
|
-
});
|
|
1115
|
-
}, "processClaimObject");
|
|
1116
|
-
processClaimObject(issuerCredentialSubject);
|
|
1117
|
-
return localeClaims;
|
|
1118
|
-
}, "oid4vciIssuerCredentialSubjectLocalesFrom");
|
|
1119
|
-
var oid4vciCredentialLocaleBrandingFrom = /* @__PURE__ */ __name(async (args) => {
|
|
1120
|
-
const { credentialDisplay } = args;
|
|
1121
|
-
return {
|
|
1122
|
-
...credentialDisplay.name && {
|
|
1123
|
-
alias: credentialDisplay.name
|
|
1124
|
-
},
|
|
1125
|
-
...credentialDisplay.locale && {
|
|
1126
|
-
locale: credentialDisplay.locale
|
|
1127
|
-
},
|
|
1128
|
-
...credentialDisplay.logo && {
|
|
1129
|
-
logo: {
|
|
1130
|
-
...(credentialDisplay.logo.url || credentialDisplay.logo.uri) && {
|
|
1131
|
-
uri: credentialDisplay.logo?.url ?? credentialDisplay.logo.uri
|
|
1132
|
-
},
|
|
1133
|
-
...credentialDisplay.logo.alt_text && {
|
|
1134
|
-
alt: credentialDisplay.logo?.alt_text
|
|
1135
|
-
}
|
|
1136
|
-
}
|
|
1137
|
-
},
|
|
1138
|
-
...credentialDisplay.description && {
|
|
1139
|
-
description: credentialDisplay.description
|
|
1140
|
-
},
|
|
1141
|
-
...credentialDisplay.text_color && {
|
|
1142
|
-
text: {
|
|
1143
|
-
color: credentialDisplay.text_color
|
|
1144
|
-
}
|
|
1145
|
-
},
|
|
1146
|
-
...(credentialDisplay.background_image || credentialDisplay.background_color) && {
|
|
1147
|
-
background: {
|
|
1148
|
-
...credentialDisplay.background_image && {
|
|
1149
|
-
image: {
|
|
1150
|
-
...(credentialDisplay.background_image.url || credentialDisplay.background_image.uri) && {
|
|
1151
|
-
uri: credentialDisplay.background_image?.url ?? credentialDisplay.background_image.uri
|
|
1152
|
-
},
|
|
1153
|
-
...credentialDisplay.background_image.alt_text && {
|
|
1154
|
-
alt: credentialDisplay.background_image?.alt_text
|
|
1155
|
-
}
|
|
1156
|
-
}
|
|
1157
|
-
},
|
|
1158
|
-
...credentialDisplay.background_color && {
|
|
1159
|
-
color: credentialDisplay.background_color
|
|
1160
|
-
}
|
|
1161
|
-
}
|
|
1162
|
-
}
|
|
1163
|
-
};
|
|
1164
|
-
}, "oid4vciCredentialLocaleBrandingFrom");
|
|
1165
|
-
var oid4vciCombineDisplayLocalesFrom = /* @__PURE__ */ __name(async (args) => {
|
|
1166
|
-
const { credentialDisplayLocales = /* @__PURE__ */ new Map(), issuerCredentialSubjectLocales = /* @__PURE__ */ new Map() } = args;
|
|
1167
|
-
const locales = Array.from(/* @__PURE__ */ new Set([
|
|
1168
|
-
...issuerCredentialSubjectLocales.keys(),
|
|
1169
|
-
...credentialDisplayLocales.keys()
|
|
1170
|
-
]));
|
|
1171
|
-
return Promise.all(locales.map(async (locale) => {
|
|
1172
|
-
const display = credentialDisplayLocales.get(locale);
|
|
1173
|
-
const claims = issuerCredentialSubjectLocales.get(locale);
|
|
1174
|
-
return {
|
|
1175
|
-
...display && await oid4vciCredentialLocaleBrandingFrom({
|
|
1176
|
-
credentialDisplay: display
|
|
1177
|
-
}),
|
|
1178
|
-
...locale.length > 0 && {
|
|
1179
|
-
locale
|
|
1180
|
-
},
|
|
1181
|
-
claims
|
|
1182
|
-
};
|
|
1183
|
-
}));
|
|
1184
|
-
}, "oid4vciCombineDisplayLocalesFrom");
|
|
1185
|
-
var sdJwtGetCredentialBrandingFrom = /* @__PURE__ */ __name(async (args) => {
|
|
1186
|
-
const { credentialDisplay, claimsMetadata } = args;
|
|
1187
|
-
return sdJwtCombineDisplayLocalesFrom({
|
|
1188
|
-
...claimsMetadata && {
|
|
1189
|
-
claimsMetadata: await sdJwtCredentialClaimLocalesFrom({
|
|
1190
|
-
claimsMetadata
|
|
1191
|
-
})
|
|
1192
|
-
},
|
|
1193
|
-
...credentialDisplay && {
|
|
1194
|
-
credentialDisplayLocales: await sdJwtCredentialDisplayLocalesFrom({
|
|
1195
|
-
credentialDisplay
|
|
1196
|
-
})
|
|
1197
|
-
}
|
|
1198
|
-
});
|
|
1199
|
-
}, "sdJwtGetCredentialBrandingFrom");
|
|
1200
|
-
var sdJwtCredentialDisplayLocalesFrom = /* @__PURE__ */ __name(async (args) => {
|
|
1201
|
-
const { credentialDisplay } = args;
|
|
1202
|
-
return credentialDisplay.reduce((localeDisplays, display) => {
|
|
1203
|
-
const localeKey = display.lang || "";
|
|
1204
|
-
localeDisplays.set(localeKey, display);
|
|
1205
|
-
return localeDisplays;
|
|
1206
|
-
}, /* @__PURE__ */ new Map());
|
|
1207
|
-
}, "sdJwtCredentialDisplayLocalesFrom");
|
|
1208
|
-
var sdJwtCredentialClaimLocalesFrom = /* @__PURE__ */ __name(async (args) => {
|
|
1209
|
-
const { claimsMetadata } = args;
|
|
1210
|
-
const localeClaims = /* @__PURE__ */ new Map();
|
|
1211
|
-
claimsMetadata.forEach((claim) => {
|
|
1212
|
-
claim.display?.forEach((display) => {
|
|
1213
|
-
const { lang = "", label } = display;
|
|
1214
|
-
const key = claim.path.map((value) => String(value)).join(".");
|
|
1215
|
-
if (!localeClaims.has(lang)) {
|
|
1216
|
-
localeClaims.set(lang, []);
|
|
1217
|
-
}
|
|
1218
|
-
localeClaims.get(lang).push({
|
|
1219
|
-
key,
|
|
1220
|
-
name: label
|
|
1221
|
-
});
|
|
1222
|
-
});
|
|
1223
|
-
});
|
|
1224
|
-
return localeClaims;
|
|
1225
|
-
}, "sdJwtCredentialClaimLocalesFrom");
|
|
1226
|
-
var sdJwtCredentialLocaleBrandingFrom = /* @__PURE__ */ __name(async (args) => {
|
|
1227
|
-
const { credentialDisplay } = args;
|
|
1228
|
-
return {
|
|
1229
|
-
...credentialDisplay.name && {
|
|
1230
|
-
alias: credentialDisplay.name
|
|
1231
|
-
},
|
|
1232
|
-
...credentialDisplay.lang && {
|
|
1233
|
-
locale: credentialDisplay.lang
|
|
1234
|
-
},
|
|
1235
|
-
...credentialDisplay.rendering?.simple?.logo && {
|
|
1236
|
-
logo: {
|
|
1237
|
-
...credentialDisplay.rendering.simple.logo.uri && {
|
|
1238
|
-
uri: credentialDisplay.rendering.simple.logo.uri
|
|
1239
|
-
},
|
|
1240
|
-
...credentialDisplay.rendering.simple.logo.alt_text && {
|
|
1241
|
-
alt: credentialDisplay.rendering.simple.logo.alt_text
|
|
1242
|
-
}
|
|
1243
|
-
}
|
|
1244
|
-
},
|
|
1245
|
-
...credentialDisplay.description && {
|
|
1246
|
-
description: credentialDisplay.description
|
|
1247
|
-
},
|
|
1248
|
-
...credentialDisplay.rendering?.simple?.text_color && {
|
|
1249
|
-
text: {
|
|
1250
|
-
color: credentialDisplay.rendering.simple.text_color
|
|
1251
|
-
}
|
|
1252
|
-
},
|
|
1253
|
-
...credentialDisplay.rendering?.simple?.background_color && {
|
|
1254
|
-
background: {
|
|
1255
|
-
color: credentialDisplay.rendering.simple.background_color
|
|
1256
|
-
}
|
|
1257
|
-
}
|
|
1258
|
-
};
|
|
1259
|
-
}, "sdJwtCredentialLocaleBrandingFrom");
|
|
1260
|
-
var sdJwtCombineDisplayLocalesFrom = /* @__PURE__ */ __name(async (args) => {
|
|
1261
|
-
const { credentialDisplayLocales = /* @__PURE__ */ new Map(), claimsMetadata = /* @__PURE__ */ new Map() } = args;
|
|
1262
|
-
const locales = Array.from(/* @__PURE__ */ new Set([
|
|
1263
|
-
...claimsMetadata.keys(),
|
|
1264
|
-
...credentialDisplayLocales.keys()
|
|
1265
|
-
]));
|
|
1266
|
-
return Promise.all(locales.map(async (locale) => {
|
|
1267
|
-
const display = credentialDisplayLocales.get(locale);
|
|
1268
|
-
const claims = claimsMetadata.get(locale);
|
|
1269
|
-
return {
|
|
1270
|
-
...display && await sdJwtCredentialLocaleBrandingFrom({
|
|
1271
|
-
credentialDisplay: display
|
|
1272
|
-
}),
|
|
1273
|
-
...locale.length > 0 && {
|
|
1274
|
-
locale
|
|
1275
|
-
},
|
|
1276
|
-
claims
|
|
1277
|
-
};
|
|
1278
|
-
}));
|
|
1279
|
-
}, "sdJwtCombineDisplayLocalesFrom");
|
|
1280
|
-
var issuerLocaleBrandingFrom = /* @__PURE__ */ __name(async (args) => {
|
|
1281
|
-
const { issuerDisplay, dynamicRegistrationClientMetadata } = args;
|
|
1282
|
-
return {
|
|
1283
|
-
...dynamicRegistrationClientMetadata?.client_name && {
|
|
1284
|
-
alias: dynamicRegistrationClientMetadata.client_name
|
|
1285
|
-
},
|
|
1286
|
-
...issuerDisplay.name && {
|
|
1287
|
-
alias: issuerDisplay.name
|
|
1288
|
-
},
|
|
1289
|
-
...issuerDisplay.locale && {
|
|
1290
|
-
locale: issuerDisplay.locale
|
|
1291
|
-
},
|
|
1292
|
-
...(issuerDisplay.logo || dynamicRegistrationClientMetadata?.logo_uri) && {
|
|
1293
|
-
logo: {
|
|
1294
|
-
...dynamicRegistrationClientMetadata?.logo_uri && {
|
|
1295
|
-
uri: dynamicRegistrationClientMetadata?.logo_uri
|
|
1296
|
-
},
|
|
1297
|
-
...(issuerDisplay.logo?.url || issuerDisplay.logo?.uri) && {
|
|
1298
|
-
uri: issuerDisplay.logo?.url ?? issuerDisplay.logo?.uri
|
|
1299
|
-
},
|
|
1300
|
-
...issuerDisplay.logo?.alt_text && {
|
|
1301
|
-
alt: issuerDisplay.logo?.alt_text
|
|
1302
|
-
}
|
|
1303
|
-
}
|
|
1304
|
-
},
|
|
1305
|
-
...issuerDisplay.description && {
|
|
1306
|
-
description: issuerDisplay.description
|
|
1307
|
-
},
|
|
1308
|
-
...issuerDisplay.text_color && {
|
|
1309
|
-
text: {
|
|
1310
|
-
color: issuerDisplay.text_color
|
|
1311
|
-
}
|
|
1312
|
-
},
|
|
1313
|
-
...dynamicRegistrationClientMetadata?.client_uri && {
|
|
1314
|
-
clientUri: dynamicRegistrationClientMetadata.client_uri
|
|
1315
|
-
},
|
|
1316
|
-
...dynamicRegistrationClientMetadata?.tos_uri && {
|
|
1317
|
-
tosUri: dynamicRegistrationClientMetadata.tos_uri
|
|
1318
|
-
},
|
|
1319
|
-
...dynamicRegistrationClientMetadata?.policy_uri && {
|
|
1320
|
-
policyUri: dynamicRegistrationClientMetadata.policy_uri
|
|
1321
|
-
},
|
|
1322
|
-
...dynamicRegistrationClientMetadata?.contacts && {
|
|
1323
|
-
contacts: dynamicRegistrationClientMetadata.contacts
|
|
1324
|
-
}
|
|
1325
|
-
};
|
|
1326
|
-
}, "issuerLocaleBrandingFrom");
|
|
1327
|
-
|
|
1328
1070
|
// src/machines/firstPartyMachine.ts
|
|
1329
1071
|
var import_xstate2 = require("xstate");
|
|
1330
1072
|
var import_oid4vci_common2 = require("@sphereon/oid4vci-common");
|
|
@@ -1528,96 +1270,357 @@ var createFirstPartyActivationMachine = /* @__PURE__ */ __name((opts) => {
|
|
|
1528
1270
|
contact: opts.contact,
|
|
1529
1271
|
selectedCredentials: []
|
|
1530
1272
|
};
|
|
1531
|
-
return (0, import_xstate2.createMachine)({
|
|
1532
|
-
id: opts?.machineId ?? "FirstParty",
|
|
1533
|
-
predictableActionArguments: true,
|
|
1534
|
-
initial: FirstPartyMachineStateTypes.sendAuthorizationChallengeRequest,
|
|
1535
|
-
context: initialContext,
|
|
1536
|
-
states: firstPartyMachineStates,
|
|
1537
|
-
schema: {
|
|
1538
|
-
events: {},
|
|
1539
|
-
services: {}
|
|
1273
|
+
return (0, import_xstate2.createMachine)({
|
|
1274
|
+
id: opts?.machineId ?? "FirstParty",
|
|
1275
|
+
predictableActionArguments: true,
|
|
1276
|
+
initial: FirstPartyMachineStateTypes.sendAuthorizationChallengeRequest,
|
|
1277
|
+
context: initialContext,
|
|
1278
|
+
states: firstPartyMachineStates,
|
|
1279
|
+
schema: {
|
|
1280
|
+
events: {},
|
|
1281
|
+
services: {}
|
|
1282
|
+
}
|
|
1283
|
+
});
|
|
1284
|
+
}, "createFirstPartyActivationMachine");
|
|
1285
|
+
var FirstPartyMachine = class _FirstPartyMachine {
|
|
1286
|
+
static {
|
|
1287
|
+
__name(this, "FirstPartyMachine");
|
|
1288
|
+
}
|
|
1289
|
+
static _instance;
|
|
1290
|
+
static hasInstance() {
|
|
1291
|
+
return _FirstPartyMachine._instance !== void 0;
|
|
1292
|
+
}
|
|
1293
|
+
static get instance() {
|
|
1294
|
+
if (!_FirstPartyMachine._instance) {
|
|
1295
|
+
throw Error("Please initialize ESIMActivation machine first");
|
|
1296
|
+
}
|
|
1297
|
+
return _FirstPartyMachine._instance;
|
|
1298
|
+
}
|
|
1299
|
+
static clearInstance(opts) {
|
|
1300
|
+
const { stop } = opts;
|
|
1301
|
+
if (_FirstPartyMachine.hasInstance()) {
|
|
1302
|
+
if (stop) {
|
|
1303
|
+
_FirstPartyMachine.stopInstance();
|
|
1304
|
+
}
|
|
1305
|
+
}
|
|
1306
|
+
_FirstPartyMachine._instance = void 0;
|
|
1307
|
+
}
|
|
1308
|
+
static stopInstance() {
|
|
1309
|
+
if (!_FirstPartyMachine.hasInstance()) {
|
|
1310
|
+
return;
|
|
1311
|
+
}
|
|
1312
|
+
_FirstPartyMachine.instance.stop();
|
|
1313
|
+
_FirstPartyMachine._instance = void 0;
|
|
1314
|
+
}
|
|
1315
|
+
static newInstance(opts) {
|
|
1316
|
+
const { agentContext } = opts;
|
|
1317
|
+
const services = {
|
|
1318
|
+
[FirstPartyMachineServices.sendAuthorizationChallengeRequest]: sendAuthorizationChallengeRequest,
|
|
1319
|
+
[FirstPartyMachineServices.createConfig]: (args) => createConfig(args, agentContext),
|
|
1320
|
+
[FirstPartyMachineServices.getSiopRequest]: (args) => getSiopRequest(args, agentContext),
|
|
1321
|
+
[FirstPartyMachineServices.sendAuthorizationResponse]: (args) => sendAuthorizationResponse(args, agentContext)
|
|
1322
|
+
};
|
|
1323
|
+
const newInst = (0, import_xstate2.interpret)(createFirstPartyActivationMachine(opts).withConfig({
|
|
1324
|
+
services: {
|
|
1325
|
+
...services,
|
|
1326
|
+
...opts?.services
|
|
1327
|
+
},
|
|
1328
|
+
guards: {
|
|
1329
|
+
...opts?.guards
|
|
1330
|
+
}
|
|
1331
|
+
}));
|
|
1332
|
+
if (typeof opts?.subscription === "function") {
|
|
1333
|
+
newInst.onTransition(opts.subscription);
|
|
1334
|
+
}
|
|
1335
|
+
if (opts?.requireCustomNavigationHook !== true) {
|
|
1336
|
+
newInst.onTransition((snapshot) => {
|
|
1337
|
+
if (opts?.stateNavigationListener) {
|
|
1338
|
+
void opts.stateNavigationListener(newInst, snapshot);
|
|
1339
|
+
}
|
|
1340
|
+
});
|
|
1341
|
+
}
|
|
1342
|
+
return newInst;
|
|
1343
|
+
}
|
|
1344
|
+
static getInstance(opts) {
|
|
1345
|
+
if (!_FirstPartyMachine._instance) {
|
|
1346
|
+
if (opts?.requireExisting === true) {
|
|
1347
|
+
throw Error(`Existing FirstPartyMachine instance requested, but none was created at this point!`);
|
|
1348
|
+
}
|
|
1349
|
+
_FirstPartyMachine._instance = _FirstPartyMachine.newInstance(opts);
|
|
1350
|
+
}
|
|
1351
|
+
return _FirstPartyMachine._instance;
|
|
1352
|
+
}
|
|
1353
|
+
};
|
|
1354
|
+
|
|
1355
|
+
// src/mappers/OIDC4VCIBrandingMapper.ts
|
|
1356
|
+
var oid4vciGetCredentialBrandingFrom = /* @__PURE__ */ __name(async (args) => {
|
|
1357
|
+
const { credentialDisplay, issuerCredentialSubject } = args;
|
|
1358
|
+
return oid4vciCombineDisplayLocalesFrom({
|
|
1359
|
+
...issuerCredentialSubject && {
|
|
1360
|
+
issuerCredentialSubjectLocales: await oid4vciIssuerCredentialSubjectLocalesFrom({
|
|
1361
|
+
issuerCredentialSubject
|
|
1362
|
+
})
|
|
1363
|
+
},
|
|
1364
|
+
...credentialDisplay && {
|
|
1365
|
+
credentialDisplayLocales: await oid4vciCredentialDisplayLocalesFrom({
|
|
1366
|
+
credentialDisplay
|
|
1367
|
+
})
|
|
1368
|
+
}
|
|
1369
|
+
});
|
|
1370
|
+
}, "oid4vciGetCredentialBrandingFrom");
|
|
1371
|
+
var oid4vciCredentialDisplayLocalesFrom = /* @__PURE__ */ __name(async (args) => {
|
|
1372
|
+
const { credentialDisplay } = args;
|
|
1373
|
+
return credentialDisplay.reduce((localeDisplays, display) => {
|
|
1374
|
+
const localeKey = display.locale || "";
|
|
1375
|
+
localeDisplays.set(localeKey, display);
|
|
1376
|
+
return localeDisplays;
|
|
1377
|
+
}, /* @__PURE__ */ new Map());
|
|
1378
|
+
}, "oid4vciCredentialDisplayLocalesFrom");
|
|
1379
|
+
var oid4vciIssuerCredentialSubjectLocalesFrom = /* @__PURE__ */ __name(async (args) => {
|
|
1380
|
+
const { issuerCredentialSubject } = args;
|
|
1381
|
+
const localeClaims = /* @__PURE__ */ new Map();
|
|
1382
|
+
const processClaimObject = /* @__PURE__ */ __name((claim, parentKey = "") => {
|
|
1383
|
+
Object.entries(claim).forEach(([key, value]) => {
|
|
1384
|
+
if (key === "mandatory" || key === "value_type") {
|
|
1385
|
+
return;
|
|
1386
|
+
}
|
|
1387
|
+
if (key === "display" && Array.isArray(value)) {
|
|
1388
|
+
value.forEach(({ name, locale = "" }) => {
|
|
1389
|
+
if (!name) {
|
|
1390
|
+
return;
|
|
1391
|
+
}
|
|
1392
|
+
if (!localeClaims.has(locale)) {
|
|
1393
|
+
localeClaims.set(locale, []);
|
|
1394
|
+
}
|
|
1395
|
+
localeClaims.get(locale).push({
|
|
1396
|
+
key: parentKey,
|
|
1397
|
+
name
|
|
1398
|
+
});
|
|
1399
|
+
});
|
|
1400
|
+
} else if (typeof value === "object" && value !== null) {
|
|
1401
|
+
processClaimObject(value, parentKey ? `${parentKey}.${key}` : key);
|
|
1402
|
+
}
|
|
1403
|
+
});
|
|
1404
|
+
}, "processClaimObject");
|
|
1405
|
+
processClaimObject(issuerCredentialSubject);
|
|
1406
|
+
return localeClaims;
|
|
1407
|
+
}, "oid4vciIssuerCredentialSubjectLocalesFrom");
|
|
1408
|
+
var oid4vciCredentialLocaleBrandingFrom = /* @__PURE__ */ __name(async (args) => {
|
|
1409
|
+
const { credentialDisplay } = args;
|
|
1410
|
+
return {
|
|
1411
|
+
...credentialDisplay.name && {
|
|
1412
|
+
alias: credentialDisplay.name
|
|
1413
|
+
},
|
|
1414
|
+
...credentialDisplay.locale && {
|
|
1415
|
+
locale: credentialDisplay.locale
|
|
1416
|
+
},
|
|
1417
|
+
...credentialDisplay.logo && {
|
|
1418
|
+
logo: {
|
|
1419
|
+
...(credentialDisplay.logo.url || credentialDisplay.logo.uri) && {
|
|
1420
|
+
uri: credentialDisplay.logo?.url ?? credentialDisplay.logo.uri
|
|
1421
|
+
},
|
|
1422
|
+
...credentialDisplay.logo.alt_text && {
|
|
1423
|
+
alt: credentialDisplay.logo?.alt_text
|
|
1424
|
+
}
|
|
1425
|
+
}
|
|
1426
|
+
},
|
|
1427
|
+
...credentialDisplay.description && {
|
|
1428
|
+
description: credentialDisplay.description
|
|
1429
|
+
},
|
|
1430
|
+
...credentialDisplay.text_color && {
|
|
1431
|
+
text: {
|
|
1432
|
+
color: credentialDisplay.text_color
|
|
1433
|
+
}
|
|
1434
|
+
},
|
|
1435
|
+
...(credentialDisplay.background_image || credentialDisplay.background_color) && {
|
|
1436
|
+
background: {
|
|
1437
|
+
...credentialDisplay.background_image && {
|
|
1438
|
+
image: {
|
|
1439
|
+
...(credentialDisplay.background_image.url || credentialDisplay.background_image.uri) && {
|
|
1440
|
+
uri: credentialDisplay.background_image?.url ?? credentialDisplay.background_image.uri
|
|
1441
|
+
},
|
|
1442
|
+
...credentialDisplay.background_image.alt_text && {
|
|
1443
|
+
alt: credentialDisplay.background_image?.alt_text
|
|
1444
|
+
}
|
|
1445
|
+
}
|
|
1446
|
+
},
|
|
1447
|
+
...credentialDisplay.background_color && {
|
|
1448
|
+
color: credentialDisplay.background_color
|
|
1449
|
+
}
|
|
1450
|
+
}
|
|
1451
|
+
}
|
|
1452
|
+
};
|
|
1453
|
+
}, "oid4vciCredentialLocaleBrandingFrom");
|
|
1454
|
+
var oid4vciCombineDisplayLocalesFrom = /* @__PURE__ */ __name(async (args) => {
|
|
1455
|
+
const { credentialDisplayLocales = /* @__PURE__ */ new Map(), issuerCredentialSubjectLocales = /* @__PURE__ */ new Map() } = args;
|
|
1456
|
+
const locales = Array.from(/* @__PURE__ */ new Set([
|
|
1457
|
+
...issuerCredentialSubjectLocales.keys(),
|
|
1458
|
+
...credentialDisplayLocales.keys()
|
|
1459
|
+
]));
|
|
1460
|
+
return Promise.all(locales.map(async (locale) => {
|
|
1461
|
+
const display = credentialDisplayLocales.get(locale);
|
|
1462
|
+
const claims = issuerCredentialSubjectLocales.get(locale);
|
|
1463
|
+
return {
|
|
1464
|
+
...display && await oid4vciCredentialLocaleBrandingFrom({
|
|
1465
|
+
credentialDisplay: display
|
|
1466
|
+
}),
|
|
1467
|
+
...locale.length > 0 && {
|
|
1468
|
+
locale
|
|
1469
|
+
},
|
|
1470
|
+
claims
|
|
1471
|
+
};
|
|
1472
|
+
}));
|
|
1473
|
+
}, "oid4vciCombineDisplayLocalesFrom");
|
|
1474
|
+
var sdJwtGetCredentialBrandingFrom = /* @__PURE__ */ __name(async (args) => {
|
|
1475
|
+
const { credentialDisplay, claimsMetadata } = args;
|
|
1476
|
+
return sdJwtCombineDisplayLocalesFrom({
|
|
1477
|
+
...claimsMetadata && {
|
|
1478
|
+
claimsMetadata: await sdJwtCredentialClaimLocalesFrom({
|
|
1479
|
+
claimsMetadata
|
|
1480
|
+
})
|
|
1481
|
+
},
|
|
1482
|
+
...credentialDisplay && {
|
|
1483
|
+
credentialDisplayLocales: await sdJwtCredentialDisplayLocalesFrom({
|
|
1484
|
+
credentialDisplay
|
|
1485
|
+
})
|
|
1540
1486
|
}
|
|
1541
1487
|
});
|
|
1542
|
-
}, "
|
|
1543
|
-
var
|
|
1544
|
-
|
|
1545
|
-
|
|
1546
|
-
|
|
1547
|
-
|
|
1548
|
-
|
|
1549
|
-
|
|
1550
|
-
|
|
1551
|
-
|
|
1552
|
-
|
|
1553
|
-
|
|
1554
|
-
|
|
1555
|
-
|
|
1556
|
-
|
|
1557
|
-
|
|
1558
|
-
|
|
1559
|
-
|
|
1560
|
-
if (stop) {
|
|
1561
|
-
_FirstPartyMachine.stopInstance();
|
|
1488
|
+
}, "sdJwtGetCredentialBrandingFrom");
|
|
1489
|
+
var sdJwtCredentialDisplayLocalesFrom = /* @__PURE__ */ __name(async (args) => {
|
|
1490
|
+
const { credentialDisplay } = args;
|
|
1491
|
+
return credentialDisplay.reduce((localeDisplays, display) => {
|
|
1492
|
+
const localeKey = display.lang || "";
|
|
1493
|
+
localeDisplays.set(localeKey, display);
|
|
1494
|
+
return localeDisplays;
|
|
1495
|
+
}, /* @__PURE__ */ new Map());
|
|
1496
|
+
}, "sdJwtCredentialDisplayLocalesFrom");
|
|
1497
|
+
var sdJwtCredentialClaimLocalesFrom = /* @__PURE__ */ __name(async (args) => {
|
|
1498
|
+
const { claimsMetadata } = args;
|
|
1499
|
+
const localeClaims = /* @__PURE__ */ new Map();
|
|
1500
|
+
claimsMetadata.forEach((claim) => {
|
|
1501
|
+
claim.display?.forEach((display) => {
|
|
1502
|
+
const { lang = "", label } = display;
|
|
1503
|
+
const key = claim.path.map((value) => String(value)).join(".");
|
|
1504
|
+
if (!localeClaims.has(lang)) {
|
|
1505
|
+
localeClaims.set(lang, []);
|
|
1562
1506
|
}
|
|
1563
|
-
|
|
1564
|
-
|
|
1565
|
-
|
|
1566
|
-
|
|
1567
|
-
|
|
1568
|
-
|
|
1569
|
-
|
|
1570
|
-
|
|
1571
|
-
|
|
1572
|
-
}
|
|
1573
|
-
|
|
1574
|
-
|
|
1575
|
-
|
|
1576
|
-
|
|
1577
|
-
|
|
1578
|
-
|
|
1579
|
-
|
|
1580
|
-
|
|
1581
|
-
|
|
1582
|
-
|
|
1583
|
-
|
|
1584
|
-
|
|
1585
|
-
|
|
1586
|
-
|
|
1587
|
-
|
|
1507
|
+
localeClaims.get(lang).push({
|
|
1508
|
+
key,
|
|
1509
|
+
name: label
|
|
1510
|
+
});
|
|
1511
|
+
});
|
|
1512
|
+
});
|
|
1513
|
+
return localeClaims;
|
|
1514
|
+
}, "sdJwtCredentialClaimLocalesFrom");
|
|
1515
|
+
var sdJwtCredentialLocaleBrandingFrom = /* @__PURE__ */ __name(async (args) => {
|
|
1516
|
+
const { credentialDisplay } = args;
|
|
1517
|
+
return {
|
|
1518
|
+
...credentialDisplay.name && {
|
|
1519
|
+
alias: credentialDisplay.name
|
|
1520
|
+
},
|
|
1521
|
+
...credentialDisplay.lang && {
|
|
1522
|
+
locale: credentialDisplay.lang
|
|
1523
|
+
},
|
|
1524
|
+
...credentialDisplay.rendering?.simple?.logo && {
|
|
1525
|
+
logo: {
|
|
1526
|
+
...credentialDisplay.rendering.simple.logo.uri && {
|
|
1527
|
+
uri: credentialDisplay.rendering.simple.logo.uri
|
|
1528
|
+
},
|
|
1529
|
+
...credentialDisplay.rendering.simple.logo.alt_text && {
|
|
1530
|
+
alt: credentialDisplay.rendering.simple.logo.alt_text
|
|
1531
|
+
}
|
|
1532
|
+
}
|
|
1533
|
+
},
|
|
1534
|
+
...credentialDisplay.description && {
|
|
1535
|
+
description: credentialDisplay.description
|
|
1536
|
+
},
|
|
1537
|
+
...credentialDisplay.rendering?.simple?.text_color && {
|
|
1538
|
+
text: {
|
|
1539
|
+
color: credentialDisplay.rendering.simple.text_color
|
|
1540
|
+
}
|
|
1541
|
+
},
|
|
1542
|
+
...credentialDisplay.rendering?.simple?.background_color && {
|
|
1543
|
+
background: {
|
|
1544
|
+
color: credentialDisplay.rendering.simple.background_color
|
|
1588
1545
|
}
|
|
1589
|
-
}));
|
|
1590
|
-
if (typeof opts?.subscription === "function") {
|
|
1591
|
-
newInst.onTransition(opts.subscription);
|
|
1592
1546
|
}
|
|
1593
|
-
|
|
1594
|
-
|
|
1595
|
-
|
|
1596
|
-
|
|
1547
|
+
};
|
|
1548
|
+
}, "sdJwtCredentialLocaleBrandingFrom");
|
|
1549
|
+
var sdJwtCombineDisplayLocalesFrom = /* @__PURE__ */ __name(async (args) => {
|
|
1550
|
+
const { credentialDisplayLocales = /* @__PURE__ */ new Map(), claimsMetadata = /* @__PURE__ */ new Map() } = args;
|
|
1551
|
+
const locales = Array.from(/* @__PURE__ */ new Set([
|
|
1552
|
+
...claimsMetadata.keys(),
|
|
1553
|
+
...credentialDisplayLocales.keys()
|
|
1554
|
+
]));
|
|
1555
|
+
return Promise.all(locales.map(async (locale) => {
|
|
1556
|
+
const display = credentialDisplayLocales.get(locale);
|
|
1557
|
+
const claims = claimsMetadata.get(locale);
|
|
1558
|
+
return {
|
|
1559
|
+
...display && await sdJwtCredentialLocaleBrandingFrom({
|
|
1560
|
+
credentialDisplay: display
|
|
1561
|
+
}),
|
|
1562
|
+
...locale.length > 0 && {
|
|
1563
|
+
locale
|
|
1564
|
+
},
|
|
1565
|
+
claims
|
|
1566
|
+
};
|
|
1567
|
+
}));
|
|
1568
|
+
}, "sdJwtCombineDisplayLocalesFrom");
|
|
1569
|
+
var issuerLocaleBrandingFrom = /* @__PURE__ */ __name(async (args) => {
|
|
1570
|
+
const { issuerDisplay, dynamicRegistrationClientMetadata } = args;
|
|
1571
|
+
return {
|
|
1572
|
+
...dynamicRegistrationClientMetadata?.client_name && {
|
|
1573
|
+
alias: dynamicRegistrationClientMetadata.client_name
|
|
1574
|
+
},
|
|
1575
|
+
...issuerDisplay.name && {
|
|
1576
|
+
alias: issuerDisplay.name
|
|
1577
|
+
},
|
|
1578
|
+
...issuerDisplay.locale && {
|
|
1579
|
+
locale: issuerDisplay.locale
|
|
1580
|
+
},
|
|
1581
|
+
...(issuerDisplay.logo || dynamicRegistrationClientMetadata?.logo_uri) && {
|
|
1582
|
+
logo: {
|
|
1583
|
+
...dynamicRegistrationClientMetadata?.logo_uri && {
|
|
1584
|
+
uri: dynamicRegistrationClientMetadata?.logo_uri
|
|
1585
|
+
},
|
|
1586
|
+
...(issuerDisplay.logo?.url || issuerDisplay.logo?.uri) && {
|
|
1587
|
+
uri: issuerDisplay.logo?.url ?? issuerDisplay.logo?.uri
|
|
1588
|
+
},
|
|
1589
|
+
...issuerDisplay.logo?.alt_text && {
|
|
1590
|
+
alt: issuerDisplay.logo?.alt_text
|
|
1597
1591
|
}
|
|
1598
|
-
});
|
|
1599
|
-
}
|
|
1600
|
-
return newInst;
|
|
1601
|
-
}
|
|
1602
|
-
static getInstance(opts) {
|
|
1603
|
-
if (!_FirstPartyMachine._instance) {
|
|
1604
|
-
if (opts?.requireExisting === true) {
|
|
1605
|
-
throw Error(`Existing FirstPartyMachine instance requested, but none was created at this point!`);
|
|
1606
1592
|
}
|
|
1607
|
-
|
|
1593
|
+
},
|
|
1594
|
+
...issuerDisplay.description && {
|
|
1595
|
+
description: issuerDisplay.description
|
|
1596
|
+
},
|
|
1597
|
+
...issuerDisplay.text_color && {
|
|
1598
|
+
text: {
|
|
1599
|
+
color: issuerDisplay.text_color
|
|
1600
|
+
}
|
|
1601
|
+
},
|
|
1602
|
+
...dynamicRegistrationClientMetadata?.client_uri && {
|
|
1603
|
+
clientUri: dynamicRegistrationClientMetadata.client_uri
|
|
1604
|
+
},
|
|
1605
|
+
...dynamicRegistrationClientMetadata?.tos_uri && {
|
|
1606
|
+
tosUri: dynamicRegistrationClientMetadata.tos_uri
|
|
1607
|
+
},
|
|
1608
|
+
...dynamicRegistrationClientMetadata?.policy_uri && {
|
|
1609
|
+
policyUri: dynamicRegistrationClientMetadata.policy_uri
|
|
1610
|
+
},
|
|
1611
|
+
...dynamicRegistrationClientMetadata?.contacts && {
|
|
1612
|
+
contacts: dynamicRegistrationClientMetadata.contacts
|
|
1608
1613
|
}
|
|
1609
|
-
|
|
1610
|
-
|
|
1611
|
-
};
|
|
1614
|
+
};
|
|
1615
|
+
}, "issuerLocaleBrandingFrom");
|
|
1612
1616
|
|
|
1613
1617
|
// src/services/OID4VCIHolderService.ts
|
|
1614
|
-
var import_ssi_sdk = require("@sphereon/ssi-sdk.core");
|
|
1615
1618
|
var getCredentialBranding = /* @__PURE__ */ __name(async (args) => {
|
|
1616
1619
|
const { credentialsSupported, context } = args;
|
|
1617
1620
|
const credentialBranding = {};
|
|
1618
1621
|
await Promise.all(Object.entries(credentialsSupported).map(async ([configId, credentialsConfigSupported]) => {
|
|
1619
1622
|
let sdJwtTypeMetadata;
|
|
1620
|
-
if (credentialsConfigSupported.format === "
|
|
1623
|
+
if (credentialsConfigSupported.format === "dc+sd-jwt") {
|
|
1621
1624
|
const vct = credentialsConfigSupported.vct;
|
|
1622
1625
|
if (vct.startsWith("http")) {
|
|
1623
1626
|
try {
|
|
@@ -1683,10 +1686,7 @@ var selectCredentialLocaleBranding = /* @__PURE__ */ __name(async (args) => {
|
|
|
1683
1686
|
}, "selectCredentialLocaleBranding");
|
|
1684
1687
|
var verifyCredentialToAccept = /* @__PURE__ */ __name(async (args) => {
|
|
1685
1688
|
const { mappedCredential, hasher, onVerifyEBSICredentialIssuer, schemaValidation, context } = args;
|
|
1686
|
-
const credential = mappedCredential.credentialToAccept.credentialResponse
|
|
1687
|
-
if (!credential) {
|
|
1688
|
-
return Promise.reject(Error("No credential found in credential response"));
|
|
1689
|
-
}
|
|
1689
|
+
const credential = extractCredentialFromResponse(mappedCredential.credentialToAccept.credentialResponse);
|
|
1690
1690
|
const wrappedVC = import_ssi_types.CredentialMapper.toWrappedVerifiableCredential(credential, {
|
|
1691
1691
|
hasher: hasher ?? import_ssi_sdk.defaultHasher
|
|
1692
1692
|
});
|
|
@@ -1738,11 +1738,7 @@ var verifyCredentialToAccept = /* @__PURE__ */ __name(async (args) => {
|
|
|
1738
1738
|
}, "verifyCredentialToAccept");
|
|
1739
1739
|
var mapCredentialToAccept = /* @__PURE__ */ __name(async (args) => {
|
|
1740
1740
|
const { credentialToAccept, hasher } = args;
|
|
1741
|
-
const
|
|
1742
|
-
const verifiableCredential = credentialResponse.credential;
|
|
1743
|
-
if (!verifiableCredential) {
|
|
1744
|
-
return Promise.reject(Error("No credential found in credential response"));
|
|
1745
|
-
}
|
|
1741
|
+
const verifiableCredential = extractCredentialFromResponse(credentialToAccept.credentialResponse);
|
|
1746
1742
|
const wrappedVerifiableCredential = import_ssi_types.CredentialMapper.toWrappedVerifiableCredential(verifiableCredential, {
|
|
1747
1743
|
hasher
|
|
1748
1744
|
});
|
|
@@ -1762,6 +1758,7 @@ var mapCredentialToAccept = /* @__PURE__ */ __name(async (args) => {
|
|
|
1762
1758
|
uniformVerifiableCredential = wrappedVerifiableCredential.credential;
|
|
1763
1759
|
}
|
|
1764
1760
|
const correlationId = typeof uniformVerifiableCredential.issuer === "string" ? uniformVerifiableCredential.issuer : import_ssi_types.CredentialMapper.isSdJwtDecodedCredential(uniformVerifiableCredential) ? uniformVerifiableCredential.decodedPayload.iss : uniformVerifiableCredential.issuer.id;
|
|
1761
|
+
const credentialResponse = credentialToAccept.credentialResponse;
|
|
1765
1762
|
return {
|
|
1766
1763
|
correlationId,
|
|
1767
1764
|
credentialToAccept,
|
|
@@ -1773,6 +1770,18 @@ var mapCredentialToAccept = /* @__PURE__ */ __name(async (args) => {
|
|
|
1773
1770
|
}
|
|
1774
1771
|
};
|
|
1775
1772
|
}, "mapCredentialToAccept");
|
|
1773
|
+
var extractCredentialFromResponse = /* @__PURE__ */ __name((credentialResponse) => {
|
|
1774
|
+
let credential;
|
|
1775
|
+
if ("credential" in credentialResponse) {
|
|
1776
|
+
credential = credentialResponse.credential;
|
|
1777
|
+
} else if ("credentials" in credentialResponse && credentialResponse.credentials && Array.isArray(credentialResponse.credentials) && credentialResponse.credentials.length > 0) {
|
|
1778
|
+
credential = credentialResponse.credentials[0].credential;
|
|
1779
|
+
}
|
|
1780
|
+
if (!credential) {
|
|
1781
|
+
throw new Error("No credential found in credential response");
|
|
1782
|
+
}
|
|
1783
|
+
return credential;
|
|
1784
|
+
}, "extractCredentialFromResponse");
|
|
1776
1785
|
var getIdentifierOpts = /* @__PURE__ */ __name(async (args) => {
|
|
1777
1786
|
const { issuanceOpt, context } = args;
|
|
1778
1787
|
const { identifier: identifierArg } = issuanceOpt;
|
|
@@ -1881,24 +1890,22 @@ var getCredentialConfigsSupportedBySingleTypeOrId = /* @__PURE__ */ __name(async
|
|
|
1881
1890
|
}
|
|
1882
1891
|
__name(createIdFromTypes, "createIdFromTypes");
|
|
1883
1892
|
if (configurationId) {
|
|
1884
|
-
|
|
1893
|
+
if (!format) {
|
|
1894
|
+
return Promise.reject(Error("format parameter missing from input"));
|
|
1895
|
+
}
|
|
1896
|
+
const allSupported2 = client.getCredentialsSupported(format);
|
|
1885
1897
|
return Object.fromEntries(Object.entries(allSupported2).filter(([id, supported]) => id === configurationId || supported.id === configurationId || createIdFromTypes(supported) === configurationId));
|
|
1886
1898
|
}
|
|
1887
|
-
if (!
|
|
1888
|
-
return Promise.reject(Error("openID4VCIClient has no credentialOffer
|
|
1899
|
+
if (!client.credentialOffer) {
|
|
1900
|
+
return Promise.reject(Error("openID4VCIClient has no credentialOffer"));
|
|
1889
1901
|
}
|
|
1890
|
-
if (!
|
|
1891
|
-
|
|
1892
|
-
format = client.credentialOffer.credential_offer.credentials.filter((cred) => typeof cred !== "string").map((cred) => cred.format);
|
|
1893
|
-
if (format?.length === 0) {
|
|
1894
|
-
format = void 0;
|
|
1895
|
-
}
|
|
1896
|
-
}
|
|
1902
|
+
if (!types) {
|
|
1903
|
+
return Promise.reject(Error("openID4VCIClient has no types"));
|
|
1897
1904
|
}
|
|
1898
1905
|
const offerSupported = (0, import_oid4vci_common3.getSupportedCredentials)({
|
|
1899
|
-
types:
|
|
1906
|
+
types: [
|
|
1900
1907
|
types
|
|
1901
|
-
]
|
|
1908
|
+
],
|
|
1902
1909
|
format,
|
|
1903
1910
|
version: client.version(),
|
|
1904
1911
|
issuerMetadata: client.endpointMetadata.credentialIssuerMetadata
|
|
@@ -2073,7 +2080,8 @@ var getIssuanceCryptoSuite = /* @__PURE__ */ __name(async (opts) => {
|
|
|
2073
2080
|
case "jwt":
|
|
2074
2081
|
case "jwt_vc_json":
|
|
2075
2082
|
case "jwt_vc":
|
|
2076
|
-
case
|
|
2083
|
+
//case 'vc+sd-jwt': // TODO see SSISDK-52 concerning vc+sd-jwt
|
|
2084
|
+
case "dc+sd-jwt":
|
|
2077
2085
|
case "mso_mdoc": {
|
|
2078
2086
|
const supportedPreferences = jwtCryptographicSuitePreferences.filter((suite) => signing_algs_supported.includes(suite));
|
|
2079
2087
|
if (supportedPreferences.length > 0) {
|
|
@@ -2142,7 +2150,6 @@ var startFirstPartApplicationMachine = /* @__PURE__ */ __name(async (args, conte
|
|
|
2142
2150
|
|
|
2143
2151
|
// src/agent/OID4VCIHolder.ts
|
|
2144
2152
|
var import_polyfill = require("cross-fetch/polyfill");
|
|
2145
|
-
var import_ssi_sdk3 = require("@sphereon/ssi-sdk.core");
|
|
2146
2153
|
var oid4vciHolderContextMethods = [
|
|
2147
2154
|
"cmGetContacts",
|
|
2148
2155
|
"cmGetContact",
|
|
@@ -2158,7 +2165,7 @@ var oid4vciHolderContextMethods = [
|
|
|
2158
2165
|
];
|
|
2159
2166
|
var logger = import_ssi_types2.Loggers.DEFAULT.get("sphereon:oid4vci:holder");
|
|
2160
2167
|
function signCallback(identifier, context, nonce) {
|
|
2161
|
-
return async (jwt, kid) => {
|
|
2168
|
+
return async (jwt, kid, noIssPayloadUpdate) => {
|
|
2162
2169
|
let resolution = await context.agent.identifierManagedGet(identifier);
|
|
2163
2170
|
const jwk = jwt.header.jwk ?? (resolution.method === "jwk" ? resolution.jwk : void 0);
|
|
2164
2171
|
if (!resolution.issuer && !jwt.payload.iss) {
|
|
@@ -2176,7 +2183,7 @@ function signCallback(identifier, context, nonce) {
|
|
|
2176
2183
|
return (await context.agent.jwtCreateJwsCompactSignature({
|
|
2177
2184
|
issuer: {
|
|
2178
2185
|
...resolution,
|
|
2179
|
-
noIssPayloadUpdate: false
|
|
2186
|
+
noIssPayloadUpdate: noIssPayloadUpdate ?? false
|
|
2180
2187
|
},
|
|
2181
2188
|
protectedHeader: header,
|
|
2182
2189
|
payload
|
|
@@ -2211,6 +2218,7 @@ var OID4VCIHolder = class _OID4VCIHolder {
|
|
|
2211
2218
|
oid4vciHolderStoreIssuerBranding: this.oid4vciHolderStoreIssuerBranding.bind(this)
|
|
2212
2219
|
};
|
|
2213
2220
|
vcFormatPreferences = [
|
|
2221
|
+
"dc+sd-jwt",
|
|
2214
2222
|
"vc+sd-jwt",
|
|
2215
2223
|
"mso_mdoc",
|
|
2216
2224
|
"jwt_vc_json",
|
|
@@ -2244,7 +2252,7 @@ var OID4VCIHolder = class _OID4VCIHolder {
|
|
|
2244
2252
|
onIdentifierCreated;
|
|
2245
2253
|
onVerifyEBSICredentialIssuer;
|
|
2246
2254
|
constructor(options) {
|
|
2247
|
-
const { onContactIdentityCreated, onCredentialStored, onIdentifierCreated, onVerifyEBSICredentialIssuer, vcFormatPreferences, jsonldCryptographicSuitePreferences, didMethodPreferences, jwtCryptographicSuitePreferences, defaultAuthorizationRequestOptions, hasher =
|
|
2255
|
+
const { onContactIdentityCreated, onCredentialStored, onIdentifierCreated, onVerifyEBSICredentialIssuer, vcFormatPreferences, jsonldCryptographicSuitePreferences, didMethodPreferences, jwtCryptographicSuitePreferences, defaultAuthorizationRequestOptions, hasher = import_ssi_sdk2.defaultHasher } = {
|
|
2248
2256
|
...options
|
|
2249
2257
|
};
|
|
2250
2258
|
this.hasher = hasher;
|
|
@@ -2399,7 +2407,13 @@ var OID4VCIHolder = class _OID4VCIHolder {
|
|
|
2399
2407
|
}
|
|
2400
2408
|
}
|
|
2401
2409
|
if (offer) {
|
|
2402
|
-
|
|
2410
|
+
const credentialsSupported2 = offer.original_credential_offer.credential_configuration_ids.flatMap((configId) => {
|
|
2411
|
+
const config = oid4vciClient.endpointMetadata.credentialIssuerMetadata?.credential_configurations_supported[configId];
|
|
2412
|
+
return config ? [
|
|
2413
|
+
config
|
|
2414
|
+
] : [];
|
|
2415
|
+
});
|
|
2416
|
+
types = credentialsSupported2.map((credentialSupported) => (0, import_oid4vci_common4.getTypesFromCredentialSupported)(credentialSupported));
|
|
2403
2417
|
} else {
|
|
2404
2418
|
types = (0, import_utils2.asArray)(authorizationRequestOpts.authorizationDetails).map((authReqOpts) => (0, import_oid4vci_common4.getTypesFromAuthorizationDetails)(authReqOpts) ?? []).filter((inner) => inner.length > 0);
|
|
2405
2419
|
}
|
|
@@ -2625,26 +2639,26 @@ var OID4VCIHolder = class _OID4VCIHolder {
|
|
|
2625
2639
|
return Promise.reject(Error("Missing credential offers in context"));
|
|
2626
2640
|
}
|
|
2627
2641
|
let correlationId = credentialsToAccept[0].correlationId;
|
|
2628
|
-
let identifierType =
|
|
2642
|
+
let identifierType = import_ssi_sdk3.CorrelationIdentifierType.DID;
|
|
2629
2643
|
if (!correlationId.toLowerCase().startsWith("did:")) {
|
|
2630
|
-
identifierType =
|
|
2644
|
+
identifierType = import_ssi_sdk3.CorrelationIdentifierType.URL;
|
|
2631
2645
|
if (correlationId.startsWith("http")) {
|
|
2632
2646
|
correlationId = new URL(correlationId).hostname;
|
|
2633
2647
|
}
|
|
2634
2648
|
}
|
|
2635
2649
|
const identity = {
|
|
2636
2650
|
alias: credentialsToAccept[0].correlationId,
|
|
2637
|
-
origin:
|
|
2651
|
+
origin: import_ssi_sdk3.IdentityOrigin.EXTERNAL,
|
|
2638
2652
|
roles: [
|
|
2639
|
-
|
|
2653
|
+
import_ssi_types2.CredentialRole.ISSUER
|
|
2640
2654
|
],
|
|
2641
2655
|
identifier: {
|
|
2642
2656
|
type: identifierType,
|
|
2643
2657
|
correlationId
|
|
2644
2658
|
},
|
|
2645
|
-
...identifierType ===
|
|
2659
|
+
...identifierType === import_ssi_sdk3.CorrelationIdentifierType.URL && {
|
|
2646
2660
|
connection: {
|
|
2647
|
-
type:
|
|
2661
|
+
type: import_ssi_sdk3.ConnectionType.OPENID_CONNECT,
|
|
2648
2662
|
config: {
|
|
2649
2663
|
clientId: "138d7bf8-c930-4c6e-b928-97d3a4928b01",
|
|
2650
2664
|
clientSecret: "03b3955f-d020-4f2a-8a27-4e452d4e27a0",
|
|
@@ -2671,7 +2685,7 @@ var OID4VCIHolder = class _OID4VCIHolder {
|
|
|
2671
2685
|
}
|
|
2672
2686
|
async oid4vciHolderGetIssuerBranding(args, context) {
|
|
2673
2687
|
const { serverMetadata, contact } = args;
|
|
2674
|
-
const issuerCorrelationId = contact?.identities.filter((identity) => identity.roles.includes(
|
|
2688
|
+
const issuerCorrelationId = contact?.identities.filter((identity) => identity.roles.includes(import_ssi_types2.CredentialRole.ISSUER)).map((identity) => identity.identifier.correlationId)[0];
|
|
2675
2689
|
if (issuerCorrelationId) {
|
|
2676
2690
|
const branding = await context.agent.ibGetIssuerBranding({
|
|
2677
2691
|
filter: [
|
|
@@ -2701,7 +2715,7 @@ var OID4VCIHolder = class _OID4VCIHolder {
|
|
|
2701
2715
|
if (!contact) {
|
|
2702
2716
|
return Promise.reject(Error("Missing contact in context"));
|
|
2703
2717
|
}
|
|
2704
|
-
const issuerCorrelationId = contact?.identities.filter((identity) => identity.roles.includes(
|
|
2718
|
+
const issuerCorrelationId = contact?.identities.filter((identity) => identity.roles.includes(import_ssi_types2.CredentialRole.ISSUER)).map((identity) => identity.identifier.correlationId)[0];
|
|
2705
2719
|
const branding = await context.agent.ibGetIssuerBranding({
|
|
2706
2720
|
filter: [
|
|
2707
2721
|
{
|
|
@@ -2797,9 +2811,9 @@ var OID4VCIHolder = class _OID4VCIHolder {
|
|
|
2797
2811
|
if (Array.isArray(subjectIssuance?.notification_events_supported)) {
|
|
2798
2812
|
event = subjectIssuance.notification_events_supported.includes("credential_accepted_holder_signed") ? "credential_accepted_holder_signed" : "credential_deleted_holder_signed";
|
|
2799
2813
|
logger.log(`Subject issuance/signing will be used, with event`, event);
|
|
2800
|
-
const issuerVC = mappedCredentialToAccept.credentialToAccept.credentialResponse
|
|
2814
|
+
const issuerVC = extractCredentialFromResponse(mappedCredentialToAccept.credentialToAccept.credentialResponse);
|
|
2801
2815
|
const wrappedIssuerVC = import_ssi_types2.CredentialMapper.toWrappedVerifiableCredential(issuerVC, {
|
|
2802
|
-
hasher: this.hasher ??
|
|
2816
|
+
hasher: this.hasher ?? import_ssi_sdk2.defaultHasher
|
|
2803
2817
|
});
|
|
2804
2818
|
console.log(`Wrapped VC: ${wrappedIssuerVC.type}, ${wrappedIssuerVC.format}`);
|
|
2805
2819
|
let issuer;
|
|
@@ -2900,11 +2914,11 @@ var OID4VCIHolder = class _OID4VCIHolder {
|
|
|
2900
2914
|
const [subjectCorrelationType, subjectCorrelationId] = this.determineSubjectCorrelation(issuanceOpt.identifier, issuer);
|
|
2901
2915
|
const persistedCredential = await context.agent.crsAddCredential({
|
|
2902
2916
|
credential: {
|
|
2903
|
-
rawDocument: (0,
|
|
2917
|
+
rawDocument: (0, import_ssi_sdk3.ensureRawDocument)(persistCredential),
|
|
2904
2918
|
kmsKeyRef,
|
|
2905
2919
|
identifierMethod: method,
|
|
2906
|
-
credentialRole:
|
|
2907
|
-
issuerCorrelationType: issuer?.startsWith("did:") ?
|
|
2920
|
+
credentialRole: import_ssi_types2.CredentialRole.HOLDER,
|
|
2921
|
+
issuerCorrelationType: issuer?.startsWith("did:") ? import_ssi_sdk3.CredentialCorrelationType.DID : import_ssi_sdk3.CredentialCorrelationType.URL,
|
|
2908
2922
|
issuerCorrelationId: issuer,
|
|
2909
2923
|
subjectCorrelationType,
|
|
2910
2924
|
subjectCorrelationId
|
|
@@ -2972,12 +2986,12 @@ var OID4VCIHolder = class _OID4VCIHolder {
|
|
|
2972
2986
|
case "did":
|
|
2973
2987
|
if ((0, import_ssi_sdk_ext6.isManagedIdentifierResult)(identifier) && (0, import_ssi_sdk_ext6.isManagedIdentifierDidResult)(identifier)) {
|
|
2974
2988
|
return [
|
|
2975
|
-
|
|
2989
|
+
import_ssi_sdk3.CredentialCorrelationType.DID,
|
|
2976
2990
|
identifier.did
|
|
2977
2991
|
];
|
|
2978
2992
|
} else if ((0, import_ssi_sdk_ext6.isManagedIdentifierDidOpts)(identifier)) {
|
|
2979
2993
|
return [
|
|
2980
|
-
|
|
2994
|
+
import_ssi_sdk3.CredentialCorrelationType.DID,
|
|
2981
2995
|
typeof identifier.identifier === "string" ? identifier.identifier : identifier.identifier.did
|
|
2982
2996
|
];
|
|
2983
2997
|
}
|
|
@@ -2985,12 +2999,12 @@ var OID4VCIHolder = class _OID4VCIHolder {
|
|
|
2985
2999
|
case "kid":
|
|
2986
3000
|
if ((0, import_ssi_sdk_ext6.isManagedIdentifierResult)(identifier) && (0, import_ssi_sdk_ext6.isManagedIdentifierKidResult)(identifier)) {
|
|
2987
3001
|
return [
|
|
2988
|
-
|
|
3002
|
+
import_ssi_sdk3.CredentialCorrelationType.KID,
|
|
2989
3003
|
identifier.kid
|
|
2990
3004
|
];
|
|
2991
3005
|
} else if ((0, import_ssi_sdk_ext6.isManagedIdentifierDidOpts)(identifier)) {
|
|
2992
3006
|
return [
|
|
2993
|
-
|
|
3007
|
+
import_ssi_sdk3.CredentialCorrelationType.KID,
|
|
2994
3008
|
identifier.identifier
|
|
2995
3009
|
];
|
|
2996
3010
|
}
|
|
@@ -2998,19 +3012,19 @@ var OID4VCIHolder = class _OID4VCIHolder {
|
|
|
2998
3012
|
case "x5c":
|
|
2999
3013
|
if ((0, import_ssi_sdk_ext6.isManagedIdentifierResult)(identifier) && (0, import_ssi_sdk_ext6.isManagedIdentifierX5cResult)(identifier)) {
|
|
3000
3014
|
return [
|
|
3001
|
-
|
|
3015
|
+
import_ssi_sdk3.CredentialCorrelationType.X509_SAN,
|
|
3002
3016
|
identifier.x5c.join("\r\n")
|
|
3003
3017
|
];
|
|
3004
3018
|
} else if ((0, import_ssi_sdk_ext6.isManagedIdentifierX5cOpts)(identifier)) {
|
|
3005
3019
|
return [
|
|
3006
|
-
|
|
3020
|
+
import_ssi_sdk3.CredentialCorrelationType.X509_SAN,
|
|
3007
3021
|
identifier.identifier.join("\r\n")
|
|
3008
3022
|
];
|
|
3009
3023
|
}
|
|
3010
3024
|
break;
|
|
3011
3025
|
}
|
|
3012
3026
|
return [
|
|
3013
|
-
|
|
3027
|
+
import_ssi_sdk3.CredentialCorrelationType.URL,
|
|
3014
3028
|
issuer
|
|
3015
3029
|
];
|
|
3016
3030
|
}
|