@sphereon/ssi-sdk.oid4vci-holder 0.34.1-feature.SSISDK.82.linkedVP.328 → 0.34.1-feature.SSISDK.82.linkedVP.341

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@sphereon/ssi-sdk.oid4vci-holder",
-  "version": "0.34.1-feature.SSISDK.82.linkedVP.328+20af9c29",
+  "version": "0.34.1-feature.SSISDK.82.linkedVP.341+483672e1",
   "source": "src/index.ts",
   "type": "module",
   "main": "./dist/index.cjs",
@@ -26,27 +26,27 @@
     "build": "tsup --config ../../tsup.config.ts --tsconfig ../../tsconfig.tsup.json"
   },
   "dependencies": {
-    "@sphereon/did-auth-siop": "0.19.1-next.226",
+    "@sphereon/did-auth-siop": "0.19.1-next.234",
     "@sphereon/kmp-mdoc-core": "0.2.0-SNAPSHOT.26",
-    "@sphereon/oid4vci-client": "0.19.1-next.226",
-    "@sphereon/oid4vci-common": "0.19.1-next.226",
-    "@sphereon/ssi-sdk-ext.did-utils": "0.34.1-feature.SSISDK.82.linkedVP.328+20af9c29",
-    "@sphereon/ssi-sdk-ext.identifier-resolution": "0.34.1-feature.SSISDK.82.linkedVP.328+20af9c29",
-    "@sphereon/ssi-sdk-ext.jwt-service": "0.34.1-feature.SSISDK.82.linkedVP.328+20af9c29",
-    "@sphereon/ssi-sdk-ext.key-utils": "0.34.1-feature.SSISDK.82.linkedVP.328+20af9c29",
-    "@sphereon/ssi-sdk.contact-manager": "0.34.1-feature.SSISDK.82.linkedVP.328+20af9c29",
-    "@sphereon/ssi-sdk.core": "0.34.1-feature.SSISDK.82.linkedVP.328+20af9c29",
-    "@sphereon/ssi-sdk.credential-store": "0.34.1-feature.SSISDK.82.linkedVP.328+20af9c29",
-    "@sphereon/ssi-sdk.credential-validation": "0.34.1-feature.SSISDK.82.linkedVP.328+20af9c29",
-    "@sphereon/ssi-sdk.data-store-types": "0.34.1-feature.SSISDK.82.linkedVP.328+20af9c29",
-    "@sphereon/ssi-sdk.issuance-branding": "0.34.1-feature.SSISDK.82.linkedVP.328+20af9c29",
-    "@sphereon/ssi-sdk.mdl-mdoc": "0.34.1-feature.SSISDK.82.linkedVP.328+20af9c29",
-    "@sphereon/ssi-sdk.oidf-client": "0.34.1-feature.SSISDK.82.linkedVP.328+20af9c29",
-    "@sphereon/ssi-sdk.sd-jwt": "0.34.1-feature.SSISDK.82.linkedVP.328+20af9c29",
-    "@sphereon/ssi-sdk.siopv2-oid4vp-common": "0.34.1-feature.SSISDK.82.linkedVP.328+20af9c29",
-    "@sphereon/ssi-sdk.siopv2-oid4vp-op-auth": "0.34.1-feature.SSISDK.82.linkedVP.328+20af9c29",
-    "@sphereon/ssi-sdk.xstate-machine-persistence": "0.34.1-feature.SSISDK.82.linkedVP.328+20af9c29",
-    "@sphereon/ssi-types": "0.34.1-feature.SSISDK.82.linkedVP.328+20af9c29",
+    "@sphereon/oid4vci-client": "0.19.1-next.234",
+    "@sphereon/oid4vci-common": "0.19.1-next.234",
+    "@sphereon/ssi-sdk-ext.did-utils": "0.34.1-feature.SSISDK.82.linkedVP.341+483672e1",
+    "@sphereon/ssi-sdk-ext.identifier-resolution": "0.34.1-feature.SSISDK.82.linkedVP.341+483672e1",
+    "@sphereon/ssi-sdk-ext.jwt-service": "0.34.1-feature.SSISDK.82.linkedVP.341+483672e1",
+    "@sphereon/ssi-sdk-ext.key-utils": "0.34.1-feature.SSISDK.82.linkedVP.341+483672e1",
+    "@sphereon/ssi-sdk.contact-manager": "0.34.1-feature.SSISDK.82.linkedVP.341+483672e1",
+    "@sphereon/ssi-sdk.core": "0.34.1-feature.SSISDK.82.linkedVP.341+483672e1",
+    "@sphereon/ssi-sdk.credential-store": "0.34.1-feature.SSISDK.82.linkedVP.341+483672e1",
+    "@sphereon/ssi-sdk.credential-validation": "0.34.1-feature.SSISDK.82.linkedVP.341+483672e1",
+    "@sphereon/ssi-sdk.data-store-types": "0.34.1-feature.SSISDK.82.linkedVP.341+483672e1",
+    "@sphereon/ssi-sdk.issuance-branding": "0.34.1-feature.SSISDK.82.linkedVP.341+483672e1",
+    "@sphereon/ssi-sdk.mdl-mdoc": "0.34.1-feature.SSISDK.82.linkedVP.341+483672e1",
+    "@sphereon/ssi-sdk.oidf-client": "0.34.1-feature.SSISDK.82.linkedVP.341+483672e1",
+    "@sphereon/ssi-sdk.sd-jwt": "0.34.1-feature.SSISDK.82.linkedVP.341+483672e1",
+    "@sphereon/ssi-sdk.siopv2-oid4vp-common": "0.34.1-feature.SSISDK.82.linkedVP.341+483672e1",
+    "@sphereon/ssi-sdk.siopv2-oid4vp-op-auth": "0.34.1-feature.SSISDK.82.linkedVP.341+483672e1",
+    "@sphereon/ssi-sdk.xstate-machine-persistence": "0.34.1-feature.SSISDK.82.linkedVP.341+483672e1",
+    "@sphereon/ssi-types": "0.34.1-feature.SSISDK.82.linkedVP.341+483672e1",
     "@veramo/core": "4.2.0",
     "@veramo/data-store": "4.2.0",
     "@veramo/utils": "4.2.0",
@@ -59,8 +59,8 @@
     "xstate": "^4.38.3"
   },
   "devDependencies": {
-    "@sphereon/oid4vc-common": "0.19.1-next.226",
-    "@sphereon/ssi-sdk-ext.did-resolver-jwk": "0.34.1-feature.SSISDK.82.linkedVP.328+20af9c29",
+    "@sphereon/oid4vc-common": "0.19.1-next.234",
+    "@sphereon/ssi-sdk-ext.did-resolver-jwk": "0.34.1-feature.SSISDK.82.linkedVP.341+483672e1",
     "@sphereon/ssi-sdk.siopv2-oid4vp-common": "workspace:*",
     "@types/i18n-js": "^3.8.9",
     "@types/lodash.memoize": "^4.1.9",
@@ -90,5 +90,5 @@
     "OID4VCI",
     "State Machine"
   ],
-  "gitHead": "20af9c298b5d6764da6c804d1c6d8a758b710513"
+  "gitHead": "483672e1d9b2891a346216a0ebea64745561d6ed"
 }

package/src/agent/OID4VCIHolder.ts

@@ -1,6 +1,6 @@
 import { CredentialOfferClient, MetadataClient, OpenID4VCIClient, OpenID4VCIClientV1_0_15 } from '@sphereon/oid4vci-client'
 import {
-  AuthorizationDetails,
+  AuthorizationDetailsV1_0_15,
   AuthorizationRequestOpts,
   AuthorizationServerClientOpts,
   AuthorizationServerOpts,
@@ -123,6 +123,7 @@ import {
   VerificationResult,
   VerifyEBSICredentialIssuerArgs,
   VerifyEBSICredentialIssuerResult,
+  WalletType,
 } from '../types/IOID4VCIHolder'
 
 /**
@@ -378,11 +379,9 @@ export class OID4VCIHolder implements IAgentPlugin {
     }
 
     const authorizationRequestOpts = { ...this.defaultAuthorizationRequestOpts, ...args.authorizationRequestOpts } satisfies AuthorizationRequestOpts
-    // We filter the details first against our vcformat prefs
+    // TODO: Previously we filtered the details first against our vcformat prefs. However auth details does not have the notion of formats anymore
     authorizationRequestOpts.authorizationDetails = authorizationRequestOpts?.authorizationDetails
-      ? asArray(authorizationRequestOpts.authorizationDetails).filter(
-          (detail) => typeof detail === 'string' || this.vcFormatPreferences.includes(detail.format),
-        )
+      ? asArray(authorizationRequestOpts.authorizationDetails)
       : undefined
 
     if (!authorizationRequestOpts.redirectUri) {
@@ -394,9 +393,10 @@ export class OID4VCIHolder implements IAgentPlugin {
       authorizationRequestOpts.clientId = authorizationRequestOpts.redirectUri
     }
 
+    // TODO: This entire filter and formats population should not work anymore, as the auth details no longer have the format property.
     let formats: string[] = this.vcFormatPreferences
     const authFormats = authorizationRequestOpts?.authorizationDetails
-      ?.map((detail: AuthorizationDetails) => (typeof detail === 'object' && 'format' in detail && detail.format ? detail.format : undefined))
+      ?.map((detail: AuthorizationDetailsV1_0_15) => (typeof detail === 'object' && 'format' in detail && detail.format ? detail.format : undefined))
       .filter((format) => !!format)
       .map((format) => format as string)
     if (authFormats && authFormats.length > 0) {
@@ -449,7 +449,7 @@ export class OID4VCIHolder implements IAgentPlugin {
       configurationIds = offer.original_credential_offer.credential_configuration_ids
     } else {
       configurationIds = asArray(authorizationRequestOpts.authorizationDetails)
-        .filter((authDetails): authDetails is Exclude<AuthorizationDetails, string> => typeof authDetails !== 'string')
+        // .filter((authDetails): authDetails is Exclude<AuthorizationDetailsV1_0_15, string> => typeof authDetails !== 'string')
         .map((authReqOpts) => authReqOpts.credential_configuration_id)
         .filter((id): id is string => !!id)
     }
@@ -616,7 +616,7 @@ export class OID4VCIHolder implements IAgentPlugin {
   }
 
   private async oid4vciHolderGetCredentials(args: GetCredentialsArgs, context: RequiredContext): Promise<Array<MappedCredentialToAccept>> {
-    const { verificationCode, openID4VCIClientState, didMethodPreferences = this.didMethodPreferences, issuanceOpt, accessTokenOpts } = args
+    const { verificationCode, openID4VCIClientState, didMethodPreferences, issuanceOpt, accessTokenOpts, walletType } = args
     logger.debug(`Getting credentials`, issuanceOpt, accessTokenOpts)
 
     if (!openID4VCIClientState) {
@@ -635,7 +635,7 @@ export class OID4VCIHolder implements IAgentPlugin {
       credentialsSupported,
       serverMetadata,
       context,
-      didMethodPreferences: Array.isArray(didMethodPreferences) && didMethodPreferences.length > 0 ? didMethodPreferences : this.didMethodPreferences,
+      didMethodPreferences: this.selectDidMethodPreferences(didMethodPreferences, walletType),
       jwtCryptographicSuitePreferences: this.jwtCryptographicSuitePreferences,
       jsonldCryptographicSuitePreferences: this.jsonldCryptographicSuitePreferences,
       ...(issuanceOpt && { forceIssuanceOpt: issuanceOpt }),
@@ -660,6 +660,15 @@ export class OID4VCIHolder implements IAgentPlugin {
     return allCredentials
   }
 
+  private selectDidMethodPreferences(didMethodPreferences: Array<SupportedDidMethodEnum> | undefined, walletType: WalletType) {
+    const supportedDidMethodEnums =
+      Array.isArray(didMethodPreferences) && didMethodPreferences.length > 0 ? didMethodPreferences : this.didMethodPreferences
+    if (walletType === 'ORGANIZATIONAL') {
+      return [SupportedDidMethodEnum.DID_WEB, ...supportedDidMethodEnums]
+    }
+    return supportedDidMethodEnums
+  }
+
   private async oid4vciHolderGetCredential(args: GetCredentialArgs, context: RequiredContext): Promise<MappedCredentialToAccept> {
     const { issuanceOpt, pin, client, accessTokenOpts } = args
     logger.info(`Getting credential`, issuanceOpt)

package/src/link-handler/index.ts

@@ -3,7 +3,7 @@ import { AuthorizationRequestOpts, AuthorizationServerClientOpts, AuthzFlowType,
 import { DefaultLinkPriorities, LinkHandlerAdapter } from '@sphereon/ssi-sdk.core'
 import { IMachineStatePersistence, interpreterStartOrResume, SerializableState } from '@sphereon/ssi-sdk.xstate-machine-persistence'
 import { IAgentContext } from '@veramo/core'
-import { GetMachineArgs, IOID4VCIHolder, OID4VCIMachineEvents, OID4VCIMachineStateNavigationListener } from '../types/IOID4VCIHolder'
+import { GetMachineArgs, IOID4VCIHolder, OID4VCIMachineEvents, OID4VCIMachineStateNavigationListener, WalletType } from '../types/IOID4VCIHolder'
 import { FirstPartyMachineStateNavigationListener } from '../types/FirstPartyMachine'
 
 /**
@@ -14,6 +14,7 @@ export class OID4VCIHolderLinkHandler extends LinkHandlerAdapter {
   private readonly stateNavigationListener?: OID4VCIMachineStateNavigationListener
   private readonly firstPartyStateNavigationListener?: FirstPartyMachineStateNavigationListener
   private readonly noStateMachinePersistence: boolean
+  private readonly walletType: WalletType
   private readonly authorizationRequestOpts?: AuthorizationRequestOpts
   private readonly clientOpts?: AuthorizationServerClientOpts
   private readonly trustAnchors?: Array<string>
@@ -21,7 +22,7 @@ export class OID4VCIHolderLinkHandler extends LinkHandlerAdapter {
   constructor(
     args: Pick<
       GetMachineArgs,
-      'stateNavigationListener' | 'authorizationRequestOpts' | 'clientOpts' | 'trustAnchors' | 'firstPartyStateNavigationListener'
+      'stateNavigationListener' | 'authorizationRequestOpts' | 'clientOpts' | 'trustAnchors' | 'firstPartyStateNavigationListener' | 'walletType'
     > & {
       priority?: number | DefaultLinkPriorities
       protocols?: Array<string | RegExp>
@@ -33,6 +34,7 @@ export class OID4VCIHolderLinkHandler extends LinkHandlerAdapter {
     this.authorizationRequestOpts = args.authorizationRequestOpts
     this.clientOpts = args.clientOpts
     this.context = args.context
+    this.walletType = args.walletType ?? 'NATURAL_PERSON'
     this.noStateMachinePersistence = args.noStateMachinePersistence === true
     this.stateNavigationListener = args.stateNavigationListener
     this.firstPartyStateNavigationListener = args.firstPartyStateNavigationListener
@@ -68,6 +70,7 @@ export class OID4VCIHolderLinkHandler extends LinkHandlerAdapter {
       ...((clientOpts.clientId || clientOpts.clientAssertionType) && { clientOpts: clientOpts as AuthorizationServerClientOpts }),
       stateNavigationListener: this.stateNavigationListener,
       firstPartyStateNavigationListener: this.firstPartyStateNavigationListener,
+      walletType: this.walletType,
     })
 
     const interpreter = oid4vciMachine.interpreter

package/src/machines/oid4vciMachine.ts

@@ -126,6 +126,7 @@ const createOID4VCIMachine = (opts?: CreateOID4VCIMachineOpts): OID4VCIStateMach
     // TODO WAL-671 we need to store the data from OpenIdProvider here in the context and make sure we can restart the machine with it and init the OpenIdProvider
     accessTokenOpts: opts?.accessTokenOpts,
     requestData: opts?.requestData,
+    walletType: opts?.walletType ?? 'NATURAL_PERSON',
     trustAnchors: opts?.trustAnchors ?? [],
     issuanceOpt: opts?.issuanceOpt,
     didMethodPreferences: opts?.didMethodPreferences,

package/src/types/IOID4VCIHolder.ts

@@ -136,6 +136,7 @@ export type OnIdentifierCreatedArgs = {
 
 export type GetMachineArgs = {
   requestData: RequestData
+  walletType: WalletType
   trustAnchors?: Array<string>
   authorizationRequestOpts?: AuthorizationRequestOpts
   clientOpts?: AuthorizationServerClientOpts
@@ -157,7 +158,7 @@ export type CreateCredentialsToSelectFromArgs = Pick<
 export type GetContactArgs = Pick<OID4VCIMachineContext, 'serverMetadata'>
 export type GetCredentialsArgs = Pick<
   OID4VCIMachineContext,
-  'verificationCode' | 'openID4VCIClientState' | 'selectedCredentials' | 'didMethodPreferences' | 'issuanceOpt' | 'accessTokenOpts'
+  'verificationCode' | 'openID4VCIClientState' | 'selectedCredentials' | 'didMethodPreferences' | 'issuanceOpt' | 'accessTokenOpts' | 'walletType'
 >
 export type AddContactIdentityArgs = Pick<OID4VCIMachineContext, 'credentialsToAccept' | 'contact'>
 export type GetIssuerBrandingArgs = Pick<OID4VCIMachineContext, 'serverMetadata' | 'contact'>
@@ -233,6 +234,7 @@ export type OID4VCIMachineContext = {
   openID4VCIClientState?: OpenID4VCIClientState
   credentialToSelectFrom: Array<CredentialToSelectFromResult>
   contactAlias: string
+  walletType: WalletType
   contact?: Party
   selectedCredentials: Array<string>
   credentialsToAccept: Array<MappedCredentialToAccept>
@@ -316,6 +318,7 @@ export type OID4VCIStateMachine = StateMachine<
 
 export type CreateOID4VCIMachineOpts = {
   requestData: RequestData
+  walletType: WalletType
   machineName?: string
   locale?: string
   trustAnchors?: Array<string>
@@ -728,6 +731,8 @@ export type DynamicRegistrationClientMetadataDisplay = Pick<
   'client_name' | 'client_uri' | 'contacts' | 'tos_uri' | 'policy_uri' | 'logo_uri'
 >
 
+export type WalletType = 'NATURAL_PERSON' | 'ORGANIZATIONAL'
+
 export type DidAgents = TAgent<IResolver & IDIDManager>
 
 export type RequiredContext = IAgentContext<