npm - @sphereon/ssi-sdk.oid4vci-holder - Versions diffs - 0.34.1-feature.SSISDK.73.dcql.array.fix.264 → 0.34.1-feature.SSISDK.78.279 - Mend

@sphereon/ssi-sdk.oid4vci-holder 0.34.1-feature.SSISDK.73.dcql.array.fix.264 → 0.34.1-feature.SSISDK.78.279

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (10) hide show

package/dist/index.cjs +77 -30
package/dist/index.cjs.map +1 -1
package/dist/index.d.cts +9 -2
package/dist/index.d.ts +9 -2
package/dist/index.js +61 -14
package/dist/index.js.map +1 -1
package/package.json +24 -24
package/src/agent/OID4VCIHolder.ts +44 -8
package/src/machines/oid4vciMachine.ts +29 -5
package/src/types/IOID4VCIHolder.ts +8 -1

package/dist/index.cjs CHANGED Viewed

@@ -142,7 +142,6 @@ var import_ssi_sdk_ext6 = require("@sphereon/ssi-sdk-ext.identifier-resolution")
 var import_ssi_sdk_ext7 = require("@sphereon/ssi-sdk-ext.key-utils");
 var import_ssi_sdk2 = require("@sphereon/ssi-sdk.core");
 var import_ssi_sdk3 = require("@sphereon/ssi-sdk.data-store-types");
-var import_ssi_sdk4 = require("@sphereon/ssi-sdk.data-store-types");
 var import_ssi_types2 = require("@sphereon/ssi-types");
 var import_utils2 = require("@veramo/utils");
 var import_cross_fetch = __toESM(require("cross-fetch"), 1);
@@ -185,6 +184,7 @@ var OID4VCIMachineStates = /* @__PURE__ */ (function(OID4VCIMachineStates2) {
   OID4VCIMachineStates2["selectCredentials"] = "selectCredentials";
   OID4VCIMachineStates2["transitionFromSelectingCredentials"] = "transitionFromSelectingCredentials";
   OID4VCIMachineStates2["verifyPin"] = "verifyPin";
+  OID4VCIMachineStates2["prepareAuthorizationRequest"] = "prepareAuthorizationRequest";
   OID4VCIMachineStates2["initiateAuthorizationRequest"] = "initiateAuthorizationRequest";
   OID4VCIMachineStates2["waitForAuthorizationResponse"] = "waitForAuthorizationResponse";
   OID4VCIMachineStates2["getCredentials"] = "getCredentials";
@@ -249,6 +249,7 @@ var OID4VCIMachineServices = /* @__PURE__ */ (function(OID4VCIMachineServices2)
   OID4VCIMachineServices2["getFederationTrust"] = "getFederationTrust";
   OID4VCIMachineServices2["addContactIdentity"] = "addContactIdentity";
   OID4VCIMachineServices2["createCredentialsToSelectFrom"] = "createCredentialsToSelectFrom";
+  OID4VCIMachineServices2["prepareAuthorizationRequest"] = "prepareAuthorizationRequest";
   OID4VCIMachineServices2["getIssuerBranding"] = "getIssuerBranding";
   OID4VCIMachineServices2["storeIssuerBranding"] = "storeIssuerBranding";
   OID4VCIMachineServices2["getCredentials"] = "getCredentials";
@@ -390,9 +391,7 @@ var oid4vciRequireAuthorizationGuard = /* @__PURE__ */ __name((ctx, _event) => {
   if (!openID4VCIClientState) {
     throw Error("Missing openID4VCI client state in context");
   }
-  if (!openID4VCIClientState.authorizationURL) {
-    return false;
-  } else if (openID4VCIClientState.authorizationRequestOpts) {
+  if (openID4VCIClientState.authorizationRequestOpts) {
     return !ctx.openID4VCIClientState?.authorizationCodeResponse;
   } else if (openID4VCIClientState.credentialOffer?.supportedFlows?.includes(import_oid4vci_common.AuthzFlowType.AUTHORIZATION_CODE_FLOW)) {
     return !ctx.openID4VCIClientState?.authorizationCodeResponse;
@@ -443,7 +442,6 @@ var createOID4VCIMachine = /* @__PURE__ */ __name((opts) => {
           onDone: {
             target: OID4VCIMachineStates.createCredentialsToSelectFrom,
             actions: (0, import_xstate.assign)({
-              authorizationCodeURL: /* @__PURE__ */ __name((_ctx, _event) => _event.data.authorizationCodeURL, "authorizationCodeURL"),
               credentialBranding: /* @__PURE__ */ __name((_ctx, _event) => _event.data.credentialBranding ?? {}, "credentialBranding"),
               credentialsSupported: /* @__PURE__ */ __name((_ctx, _event) => _event.data.credentialsSupported, "credentialsSupported"),
               serverMetadata: /* @__PURE__ */ __name((_ctx, _event) => _event.data.serverMetadata, "serverMetadata"),
@@ -760,7 +758,7 @@ var createOID4VCIMachine = /* @__PURE__ */ __name((opts) => {
             cond: OID4VCIMachineGuards.requirePinGuard
           },
           {
-            target: OID4VCIMachineStates.initiateAuthorizationRequest,
+            target: OID4VCIMachineStates.prepareAuthorizationRequest,
             cond: OID4VCIMachineGuards.requireAuthorizationGuard
           },
           {
@@ -768,6 +766,28 @@ var createOID4VCIMachine = /* @__PURE__ */ __name((opts) => {
           }
         ]
       },
+      [OID4VCIMachineStates.prepareAuthorizationRequest]: {
+        id: OID4VCIMachineStates.prepareAuthorizationRequest,
+        invoke: {
+          src: OID4VCIMachineServices.prepareAuthorizationRequest,
+          onDone: {
+            target: OID4VCIMachineStates.initiateAuthorizationRequest,
+            actions: (0, import_xstate.assign)({
+              authorizationCodeURL: /* @__PURE__ */ __name((_ctx, _event) => _event.data.authorizationCodeURL, "authorizationCodeURL")
+            })
+          },
+          onError: {
+            target: OID4VCIMachineStates.handleError,
+            actions: (0, import_xstate.assign)({
+              error: /* @__PURE__ */ __name((_ctx, _event) => ({
+                title: translate("oid4vci_machine_prepare_authorization_error_title"),
+                message: _event.data.message,
+                stack: _event.data.stack
+              }), "error")
+            })
+          }
+        }
+      },
       [OID4VCIMachineStates.initiateAuthorizationRequest]: {
         id: OID4VCIMachineStates.initiateAuthorizationRequest,
         on: {
@@ -2203,6 +2223,7 @@ var OID4VCIHolder = class _OID4VCIHolder {
     oid4vciHolderStart: this.oid4vciHolderStart.bind(this),
     oid4vciHolderGetIssuerMetadata: this.oid4vciHolderGetIssuerMetadata.bind(this),
     oid4vciHolderGetMachineInterpreter: this.oid4vciHolderGetMachineInterpreter.bind(this),
+    oid4vciHolderPrepareAuthorizationRequest: this.oid4vciHolderPrepareAuthorizationRequest.bind(this),
     oid4vciHolderCreateCredentialsToSelectFrom: this.oid4vciHolderCreateCredentialsToSelectFrom.bind(this),
     oid4vciHolderGetContact: this.oid4vciHolderGetContact.bind(this),
     oid4vciHolderGetCredentials: this.oid4vciHolderGetCredentials.bind(this),
@@ -2307,6 +2328,7 @@ var OID4VCIHolder = class _OID4VCIHolder {
         stateNavigationListener: opts.firstPartyStateNavigationListener
       }, context),
       [OID4VCIMachineServices.createCredentialsToSelectFrom]: (args) => this.oid4vciHolderCreateCredentialsToSelectFrom(args, context),
+      [OID4VCIMachineServices.prepareAuthorizationRequest]: (args) => this.oid4vciHolderPrepareAuthorizationRequest(args, context),
       [OID4VCIMachineServices.getContact]: (args) => this.oid4vciHolderGetContact(args, context),
       [OID4VCIMachineServices.getCredentials]: (args) => this.oid4vciHolderGetCredentials({
         accessTokenOpts: args.accessTokenOpts ?? opts.accessTokenOpts,
@@ -2391,7 +2413,7 @@ var OID4VCIHolder = class _OID4VCIHolder {
           credentialIssuer: uri,
           authorizationRequest: authorizationRequestOpts,
           clientId: authorizationRequestOpts.clientId,
-          createAuthorizationRequestURL: requestData.createAuthorizationRequestURL ?? true
+          createAuthorizationRequestURL: false
         });
       } else {
         logger.log(`Credential offer received: ${uri}`);
@@ -2399,7 +2421,7 @@ var OID4VCIHolder = class _OID4VCIHolder {
           uri,
           authorizationRequest: authorizationRequestOpts,
           clientId: authorizationRequestOpts.clientId,
-          createAuthorizationRequestURL: requestData.createAuthorizationRequestURL ?? true
+          createAuthorizationRequestURL: false
         });
       }
     }
@@ -2419,19 +2441,44 @@ var OID4VCIHolder = class _OID4VCIHolder {
       credentialsSupported,
       context
     });
-    const authorizationCodeURL = oid4vciClient.authorizationURL;
-    if (authorizationCodeURL) {
-      logger.log(`authorization code URL ${authorizationCodeURL}`);
-    }
     const oid4vciClientState = JSON.parse(await oid4vciClient.exportState());
     return {
-      authorizationCodeURL,
       credentialBranding,
       credentialsSupported,
       serverMetadata,
       oid4vciClientState
     };
   }
+  async oid4vciHolderPrepareAuthorizationRequest(args, context) {
+    const { openID4VCIClientState, contact } = args;
+    if (!openID4VCIClientState) {
+      return Promise.reject(Error("Missing openID4VCI client state in context"));
+    }
+    const clientId = contact?.identities.map((identity) => {
+      const connectionConfig = identity.connection?.config;
+      if (connectionConfig && "clientId" in connectionConfig) {
+        return connectionConfig.clientId;
+      }
+      return void 0;
+    }).find((clientId2) => clientId2);
+    if (!clientId) {
+      return Promise.reject(Error(`Missing client id in contact's connectionConfig`));
+    }
+    const client = await import_oid4vci_client3.OpenID4VCIClient.fromState({
+      state: openID4VCIClientState
+    });
+    const authorizationCodeURL = await client.createAuthorizationRequestUrl({
+      authorizationRequest: {
+        clientId
+      }
+    });
+    if (authorizationCodeURL) {
+      logger.log(`authorization code URL ${authorizationCodeURL}`);
+    }
+    return {
+      authorizationCodeURL
+    };
+  }
   async oid4vciHolderCreateCredentialsToSelectFrom(args, context) {
     const { credentialBranding, locale, selectedCredentials, credentialsSupported } = args;
     logger.info(`Credentials supported ${Object.keys(credentialsSupported).join(", ")}`);
@@ -2631,16 +2678,16 @@ var OID4VCIHolder = class _OID4VCIHolder {
       return Promise.reject(Error("Missing credential offers in context"));
     }
     let correlationId = credentialsToAccept[0].correlationId;
-    let identifierType = import_ssi_sdk4.CorrelationIdentifierType.DID;
+    let identifierType = import_ssi_sdk3.CorrelationIdentifierType.DID;
     if (!correlationId.toLowerCase().startsWith("did:")) {
-      identifierType = import_ssi_sdk4.CorrelationIdentifierType.URL;
+      identifierType = import_ssi_sdk3.CorrelationIdentifierType.URL;
       if (correlationId.startsWith("http")) {
         correlationId = new URL(correlationId).hostname;
       }
     }
     const identity = {
       alias: credentialsToAccept[0].correlationId,
-      origin: import_ssi_sdk4.IdentityOrigin.EXTERNAL,
+      origin: import_ssi_sdk3.IdentityOrigin.EXTERNAL,
       roles: [
         import_ssi_types2.CredentialRole.ISSUER
       ],
@@ -2648,9 +2695,9 @@ var OID4VCIHolder = class _OID4VCIHolder {
         type: identifierType,
         correlationId
       },
-      ...identifierType === import_ssi_sdk4.CorrelationIdentifierType.URL && {
+      ...identifierType === import_ssi_sdk3.CorrelationIdentifierType.URL && {
         connection: {
-          type: import_ssi_sdk4.ConnectionType.OPENID_CONNECT,
+          type: import_ssi_sdk3.ConnectionType.OPENID_CONNECT,
           config: {
             clientId: "138d7bf8-c930-4c6e-b928-97d3a4928b01",
             clientSecret: "03b3955f-d020-4f2a-8a27-4e452d4e27a0",
@@ -2910,7 +2957,7 @@ var OID4VCIHolder = class _OID4VCIHolder {
           kmsKeyRef,
           identifierMethod: method,
           credentialRole: import_ssi_types2.CredentialRole.HOLDER,
-          issuerCorrelationType: issuer?.startsWith("did:") ? import_ssi_sdk4.CredentialCorrelationType.DID : import_ssi_sdk4.CredentialCorrelationType.URL,
+          issuerCorrelationType: issuer?.startsWith("did:") ? import_ssi_sdk3.CredentialCorrelationType.DID : import_ssi_sdk3.CredentialCorrelationType.URL,
           issuerCorrelationId: issuer,
           subjectCorrelationType,
           subjectCorrelationId
@@ -2978,12 +3025,12 @@ var OID4VCIHolder = class _OID4VCIHolder {
       case "did":
         if ((0, import_ssi_sdk_ext6.isManagedIdentifierResult)(identifier) && (0, import_ssi_sdk_ext6.isManagedIdentifierDidResult)(identifier)) {
           return [
-            import_ssi_sdk4.CredentialCorrelationType.DID,
+            import_ssi_sdk3.CredentialCorrelationType.DID,
             identifier.did
           ];
         } else if ((0, import_ssi_sdk_ext6.isManagedIdentifierDidOpts)(identifier)) {
           return [
-            import_ssi_sdk4.CredentialCorrelationType.DID,
+            import_ssi_sdk3.CredentialCorrelationType.DID,
             typeof identifier.identifier === "string" ? identifier.identifier : identifier.identifier.did
           ];
         }
@@ -2991,12 +3038,12 @@ var OID4VCIHolder = class _OID4VCIHolder {
       case "kid":
         if ((0, import_ssi_sdk_ext6.isManagedIdentifierResult)(identifier) && (0, import_ssi_sdk_ext6.isManagedIdentifierKidResult)(identifier)) {
           return [
-            import_ssi_sdk4.CredentialCorrelationType.KID,
+            import_ssi_sdk3.CredentialCorrelationType.KID,
             identifier.kid
           ];
         } else if ((0, import_ssi_sdk_ext6.isManagedIdentifierDidOpts)(identifier)) {
           return [
-            import_ssi_sdk4.CredentialCorrelationType.KID,
+            import_ssi_sdk3.CredentialCorrelationType.KID,
             identifier.identifier
           ];
         }
@@ -3004,19 +3051,19 @@ var OID4VCIHolder = class _OID4VCIHolder {
       case "x5c":
         if ((0, import_ssi_sdk_ext6.isManagedIdentifierResult)(identifier) && (0, import_ssi_sdk_ext6.isManagedIdentifierX5cResult)(identifier)) {
           return [
-            import_ssi_sdk4.CredentialCorrelationType.X509_SAN,
+            import_ssi_sdk3.CredentialCorrelationType.X509_SAN,
             identifier.x5c.join("\r\n")
           ];
         } else if ((0, import_ssi_sdk_ext6.isManagedIdentifierX5cOpts)(identifier)) {
           return [
-            import_ssi_sdk4.CredentialCorrelationType.X509_SAN,
+            import_ssi_sdk3.CredentialCorrelationType.X509_SAN,
             identifier.identifier.join("\r\n")
           ];
         }
         break;
     }
     return [
-      import_ssi_sdk4.CredentialCorrelationType.URL,
+      import_ssi_sdk3.CredentialCorrelationType.URL,
       issuer
     ];
   }
@@ -3075,9 +3122,9 @@ var OID4VCICallbackStateListener = /* @__PURE__ */ __name((callbacks) => {
 // src/link-handler/index.ts
 var import_oid4vci_client4 = require("@sphereon/oid4vci-client");
 var import_oid4vci_common5 = require("@sphereon/oid4vci-common");
-var import_ssi_sdk5 = require("@sphereon/ssi-sdk.core");
-var import_ssi_sdk6 = require("@sphereon/ssi-sdk.xstate-machine-persistence");
-var OID4VCIHolderLinkHandler = class extends import_ssi_sdk5.LinkHandlerAdapter {
+var import_ssi_sdk4 = require("@sphereon/ssi-sdk.core");
+var import_ssi_sdk5 = require("@sphereon/ssi-sdk.xstate-machine-persistence");
+var OID4VCIHolderLinkHandler = class extends import_ssi_sdk4.LinkHandlerAdapter {
   static {
     __name(this, "OID4VCIHolderLinkHandler");
   }
@@ -3137,7 +3184,7 @@ var OID4VCIHolderLinkHandler = class extends import_ssi_sdk5.LinkHandlerAdapter
     const interpreter = oid4vciMachine.interpreter;
     if (!opts?.machineState && this.context.agent.availableMethods().includes("machineStatesFindActive")) {
       const stateType = hasCode ? "existing" : "new";
-      await (0, import_ssi_sdk6.interpreterStartOrResume)({
+      await (0, import_ssi_sdk5.interpreterStartOrResume)({
         stateType,
         interpreter,
         context: this.context,