@sphereon/ssi-sdk.oid4vci-holder 0.34.1-next.6 → 0.34.1-next.85
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.cjs +90 -57
- package/dist/index.cjs.map +1 -1
- package/dist/index.d.cts +7 -5
- package/dist/index.d.ts +7 -5
- package/dist/index.js +69 -36
- package/dist/index.js.map +1 -1
- package/package.json +25 -24
- package/src/agent/OID4VCIHolder.ts +56 -23
- package/src/services/OID4VCIHolderService.ts +28 -6
- package/src/types/FirstPartyMachine.ts +3 -2
- package/src/types/IOID4VCIHolder.ts +3 -1
package/dist/index.d.cts
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import { AuthorizationChallengeCodeResponse, EndpointMetadataResult, CredentialOfferRequestWithBaseUrl, AuthzFlowType, AuthorizationRequestOpts, AuthorizationServerClientOpts, CredentialConfigurationSupported, ExperimentalSubjectIssuance, CredentialResponse, AuthorizationResponse, CredentialsSupportedDisplay, IssuerCredentialSubject, MetadataDisplay, NotificationRequest, Jwt } from '@sphereon/oid4vci-common';
|
|
1
|
+
import { AuthorizationChallengeCodeResponse, EndpointMetadataResult, CredentialOfferRequestWithBaseUrl, AuthzFlowType, AuthorizationRequestOpts, AuthorizationServerClientOpts, CredentialConfigurationSupported, ExperimentalSubjectIssuance, CredentialResponseV1_0_15, CredentialResponse, AuthorizationResponse, CredentialsSupportedDisplay, IssuerCredentialSubject, MetadataDisplay, NotificationRequest, Jwt } from '@sphereon/oid4vci-common';
|
|
2
2
|
import { IIdentifierResolution, ManagedIdentifierMethod, ManagedIdentifierOptsOrResult, ManagedIdentifierResult } from '@sphereon/ssi-sdk-ext.identifier-resolution';
|
|
3
3
|
import { IJwtService } from '@sphereon/ssi-sdk-ext.jwt-service';
|
|
4
4
|
import { IIdentifier, IPluginMethodMap, IAgentContext, ICredentialVerifier, ICredentialIssuer, IDIDManager, IResolver, IKeyManager, TKeyType, VerificationPolicies, TAgent, IAgentPlugin } from '@veramo/core';
|
|
@@ -15,7 +15,8 @@ import { ICredentialValidation, SchemaValidation } from '@sphereon/ssi-sdk.crede
|
|
|
15
15
|
import { IDidAuthSiopOpAuthenticator, CreateConfigResult } from '@sphereon/ssi-sdk.siopv2-oid4vp-op-auth';
|
|
16
16
|
import { IVerifiableCredential, W3CVerifiableCredential, WrappedVerifiableCredential, WrappedVerifiablePresentation, JoseSignatureAlgorithm, JoseSignatureAlgorithmString, HasherSync, SdJwtTypeDisplayMetadata, SdJwtClaimMetadata, OriginalVerifiableCredential } from '@sphereon/ssi-types';
|
|
17
17
|
import { Interpreter, State, StatesConfig, StateMachine, BaseActionObject, ServiceMap, ResolveTypegenMeta, TypegenDisabled } from 'xstate';
|
|
18
|
-
import { RPRegistrationMetadataPayload
|
|
18
|
+
import { RPRegistrationMetadataPayload } from '@sphereon/did-auth-siop';
|
|
19
|
+
import { DcqlQuery } from 'dcql';
|
|
19
20
|
import { LinkHandlerAdapter, DefaultLinkPriorities } from '@sphereon/ssi-sdk.core';
|
|
20
21
|
import { IMachineStatePersistence, SerializableState } from '@sphereon/ssi-sdk.xstate-machine-persistence';
|
|
21
22
|
|
|
@@ -113,7 +114,7 @@ type SiopV2AuthorizationRequestData = {
|
|
|
113
114
|
clientIdScheme?: string;
|
|
114
115
|
clientId?: string;
|
|
115
116
|
entityId?: string;
|
|
116
|
-
|
|
117
|
+
dcqlQuery: DcqlQuery;
|
|
117
118
|
};
|
|
118
119
|
type FirstPartyMachineNavigationArgs = {
|
|
119
120
|
firstPartyMachine: FirstPartyMachineInterpreter;
|
|
@@ -356,6 +357,7 @@ declare enum OID4VCIMachineGuards {
|
|
|
356
357
|
requirePinGuard = "oid4vciRequirePinGuard",
|
|
357
358
|
requireAuthorizationGuard = "oid4vciRequireAuthorizationGuard",
|
|
358
359
|
noAuthorizationGuard = "oid4vciNoAuthorizationGuard",
|
|
360
|
+
hasNonceEndpointGuard = "oid4vciHasNonceEndpointGuard ",
|
|
359
361
|
hasAuthorizationResponse = "oid4vciHasAuthorizationResponse",
|
|
360
362
|
hasNoContactIdentityGuard = "oid4vciHasNoContactIdentityGuard",
|
|
361
363
|
verificationCodeGuard = "oid4vciVerificationCodeGuard",
|
|
@@ -482,7 +484,7 @@ type CredentialToAccept = {
|
|
|
482
484
|
id?: string;
|
|
483
485
|
types: string[];
|
|
484
486
|
issuanceOpt: IssuanceOpts;
|
|
485
|
-
credentialResponse: CredentialResponse;
|
|
487
|
+
credentialResponse: CredentialResponseV1_0_15 | CredentialResponse;
|
|
486
488
|
};
|
|
487
489
|
type GetCredentialConfigsSupportedArgs = {
|
|
488
490
|
client: OpenID4VCIClient;
|
|
@@ -667,7 +669,7 @@ type RequiredContext = IAgentContext<IIssuanceBranding & IContactManager & ICred
|
|
|
667
669
|
* {@inheritDoc IOID4VCIHolder}
|
|
668
670
|
*/
|
|
669
671
|
declare const oid4vciHolderContextMethods: Array<string>;
|
|
670
|
-
declare function signCallback(identifier: ManagedIdentifierOptsOrResult, context: IAgentContext<IKeyManager & IDIDManager & IResolver & IIdentifierResolution & IJwtService>, nonce?: string): (jwt: Jwt, kid?: string) => Promise<string>;
|
|
672
|
+
declare function signCallback(identifier: ManagedIdentifierOptsOrResult, context: IAgentContext<IKeyManager & IDIDManager & IResolver & IIdentifierResolution & IJwtService>, nonce?: string): (jwt: Jwt, kid?: string, noIssPayloadUpdate?: boolean) => Promise<string>;
|
|
671
673
|
declare class OID4VCIHolder implements IAgentPlugin {
|
|
672
674
|
private readonly hasher?;
|
|
673
675
|
readonly eventTypes: Array<OID4VCIHolderEvent>;
|
package/dist/index.d.ts
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import { AuthorizationChallengeCodeResponse, EndpointMetadataResult, CredentialOfferRequestWithBaseUrl, AuthzFlowType, AuthorizationRequestOpts, AuthorizationServerClientOpts, CredentialConfigurationSupported, ExperimentalSubjectIssuance, CredentialResponse, AuthorizationResponse, CredentialsSupportedDisplay, IssuerCredentialSubject, MetadataDisplay, NotificationRequest, Jwt } from '@sphereon/oid4vci-common';
|
|
1
|
+
import { AuthorizationChallengeCodeResponse, EndpointMetadataResult, CredentialOfferRequestWithBaseUrl, AuthzFlowType, AuthorizationRequestOpts, AuthorizationServerClientOpts, CredentialConfigurationSupported, ExperimentalSubjectIssuance, CredentialResponseV1_0_15, CredentialResponse, AuthorizationResponse, CredentialsSupportedDisplay, IssuerCredentialSubject, MetadataDisplay, NotificationRequest, Jwt } from '@sphereon/oid4vci-common';
|
|
2
2
|
import { IIdentifierResolution, ManagedIdentifierMethod, ManagedIdentifierOptsOrResult, ManagedIdentifierResult } from '@sphereon/ssi-sdk-ext.identifier-resolution';
|
|
3
3
|
import { IJwtService } from '@sphereon/ssi-sdk-ext.jwt-service';
|
|
4
4
|
import { IIdentifier, IPluginMethodMap, IAgentContext, ICredentialVerifier, ICredentialIssuer, IDIDManager, IResolver, IKeyManager, TKeyType, VerificationPolicies, TAgent, IAgentPlugin } from '@veramo/core';
|
|
@@ -15,7 +15,8 @@ import { ICredentialValidation, SchemaValidation } from '@sphereon/ssi-sdk.crede
|
|
|
15
15
|
import { IDidAuthSiopOpAuthenticator, CreateConfigResult } from '@sphereon/ssi-sdk.siopv2-oid4vp-op-auth';
|
|
16
16
|
import { IVerifiableCredential, W3CVerifiableCredential, WrappedVerifiableCredential, WrappedVerifiablePresentation, JoseSignatureAlgorithm, JoseSignatureAlgorithmString, HasherSync, SdJwtTypeDisplayMetadata, SdJwtClaimMetadata, OriginalVerifiableCredential } from '@sphereon/ssi-types';
|
|
17
17
|
import { Interpreter, State, StatesConfig, StateMachine, BaseActionObject, ServiceMap, ResolveTypegenMeta, TypegenDisabled } from 'xstate';
|
|
18
|
-
import { RPRegistrationMetadataPayload
|
|
18
|
+
import { RPRegistrationMetadataPayload } from '@sphereon/did-auth-siop';
|
|
19
|
+
import { DcqlQuery } from 'dcql';
|
|
19
20
|
import { LinkHandlerAdapter, DefaultLinkPriorities } from '@sphereon/ssi-sdk.core';
|
|
20
21
|
import { IMachineStatePersistence, SerializableState } from '@sphereon/ssi-sdk.xstate-machine-persistence';
|
|
21
22
|
|
|
@@ -113,7 +114,7 @@ type SiopV2AuthorizationRequestData = {
|
|
|
113
114
|
clientIdScheme?: string;
|
|
114
115
|
clientId?: string;
|
|
115
116
|
entityId?: string;
|
|
116
|
-
|
|
117
|
+
dcqlQuery: DcqlQuery;
|
|
117
118
|
};
|
|
118
119
|
type FirstPartyMachineNavigationArgs = {
|
|
119
120
|
firstPartyMachine: FirstPartyMachineInterpreter;
|
|
@@ -356,6 +357,7 @@ declare enum OID4VCIMachineGuards {
|
|
|
356
357
|
requirePinGuard = "oid4vciRequirePinGuard",
|
|
357
358
|
requireAuthorizationGuard = "oid4vciRequireAuthorizationGuard",
|
|
358
359
|
noAuthorizationGuard = "oid4vciNoAuthorizationGuard",
|
|
360
|
+
hasNonceEndpointGuard = "oid4vciHasNonceEndpointGuard ",
|
|
359
361
|
hasAuthorizationResponse = "oid4vciHasAuthorizationResponse",
|
|
360
362
|
hasNoContactIdentityGuard = "oid4vciHasNoContactIdentityGuard",
|
|
361
363
|
verificationCodeGuard = "oid4vciVerificationCodeGuard",
|
|
@@ -482,7 +484,7 @@ type CredentialToAccept = {
|
|
|
482
484
|
id?: string;
|
|
483
485
|
types: string[];
|
|
484
486
|
issuanceOpt: IssuanceOpts;
|
|
485
|
-
credentialResponse: CredentialResponse;
|
|
487
|
+
credentialResponse: CredentialResponseV1_0_15 | CredentialResponse;
|
|
486
488
|
};
|
|
487
489
|
type GetCredentialConfigsSupportedArgs = {
|
|
488
490
|
client: OpenID4VCIClient;
|
|
@@ -667,7 +669,7 @@ type RequiredContext = IAgentContext<IIssuanceBranding & IContactManager & ICred
|
|
|
667
669
|
* {@inheritDoc IOID4VCIHolder}
|
|
668
670
|
*/
|
|
669
671
|
declare const oid4vciHolderContextMethods: Array<string>;
|
|
670
|
-
declare function signCallback(identifier: ManagedIdentifierOptsOrResult, context: IAgentContext<IKeyManager & IDIDManager & IResolver & IIdentifierResolution & IJwtService>, nonce?: string): (jwt: Jwt, kid?: string) => Promise<string>;
|
|
672
|
+
declare function signCallback(identifier: ManagedIdentifierOptsOrResult, context: IAgentContext<IKeyManager & IDIDManager & IResolver & IIdentifierResolution & IJwtService>, nonce?: string): (jwt: Jwt, kid?: string, noIssPayloadUpdate?: boolean) => Promise<string>;
|
|
671
673
|
declare class OID4VCIHolder implements IAgentPlugin {
|
|
672
674
|
private readonly hasher?;
|
|
673
675
|
readonly eventTypes: Array<OID4VCIHolderEvent>;
|
package/dist/index.js
CHANGED
|
@@ -60,6 +60,7 @@ import { DefaultURISchemes, getTypesFromAuthorizationDetails, getTypesFromCreden
|
|
|
60
60
|
import { SupportedDidMethodEnum as SupportedDidMethodEnum2 } from "@sphereon/ssi-sdk-ext.did-utils";
|
|
61
61
|
import { isManagedIdentifierDidOpts, isManagedIdentifierDidResult as isManagedIdentifierDidResult2, isManagedIdentifierJwkResult, isManagedIdentifierKidResult, isManagedIdentifierResult as isManagedIdentifierResult2, isManagedIdentifierX5cOpts, isManagedIdentifierX5cResult } from "@sphereon/ssi-sdk-ext.identifier-resolution";
|
|
62
62
|
import { signatureAlgorithmFromKey } from "@sphereon/ssi-sdk-ext.key-utils";
|
|
63
|
+
import { defaultHasher as defaultHasher2 } from "@sphereon/ssi-sdk.core";
|
|
63
64
|
import { ConnectionType, CorrelationIdentifierType, CredentialCorrelationType, CredentialRole, ensureRawDocument, IdentityOrigin } from "@sphereon/ssi-sdk.data-store";
|
|
64
65
|
import { CredentialMapper as CredentialMapper2, JoseSignatureAlgorithm as JoseSignatureAlgorithm2, Loggers, parseDid } from "@sphereon/ssi-types";
|
|
65
66
|
import { asArray as asArray2, computeEntryHash } from "@veramo/utils";
|
|
@@ -75,18 +76,18 @@ import i18n from "i18n-js";
|
|
|
75
76
|
import memoize from "lodash.memoize";
|
|
76
77
|
|
|
77
78
|
// src/types/IOID4VCIHolder.ts
|
|
78
|
-
var OID4VCIHolderEvent = /* @__PURE__ */ function(OID4VCIHolderEvent2) {
|
|
79
|
+
var OID4VCIHolderEvent = /* @__PURE__ */ (function(OID4VCIHolderEvent2) {
|
|
79
80
|
OID4VCIHolderEvent2["CONTACT_IDENTITY_CREATED"] = "contact_identity_created";
|
|
80
81
|
OID4VCIHolderEvent2["CREDENTIAL_STORED"] = "credential_stored";
|
|
81
82
|
OID4VCIHolderEvent2["IDENTIFIER_CREATED"] = "identifier_created";
|
|
82
83
|
return OID4VCIHolderEvent2;
|
|
83
|
-
}({});
|
|
84
|
-
var SupportedLanguage = /* @__PURE__ */ function(SupportedLanguage2) {
|
|
84
|
+
})({});
|
|
85
|
+
var SupportedLanguage = /* @__PURE__ */ (function(SupportedLanguage2) {
|
|
85
86
|
SupportedLanguage2["ENGLISH"] = "en";
|
|
86
87
|
SupportedLanguage2["DUTCH"] = "nl";
|
|
87
88
|
return SupportedLanguage2;
|
|
88
|
-
}({});
|
|
89
|
-
var OID4VCIMachineStates = /* @__PURE__ */ function(OID4VCIMachineStates2) {
|
|
89
|
+
})({});
|
|
90
|
+
var OID4VCIMachineStates = /* @__PURE__ */ (function(OID4VCIMachineStates2) {
|
|
90
91
|
OID4VCIMachineStates2["start"] = "start";
|
|
91
92
|
OID4VCIMachineStates2["createCredentialsToSelectFrom"] = "createCredentialsToSelectFrom";
|
|
92
93
|
OID4VCIMachineStates2["getContact"] = "getContact";
|
|
@@ -117,18 +118,18 @@ var OID4VCIMachineStates = /* @__PURE__ */ function(OID4VCIMachineStates2) {
|
|
|
117
118
|
OID4VCIMachineStates2["error"] = "error";
|
|
118
119
|
OID4VCIMachineStates2["done"] = "done";
|
|
119
120
|
return OID4VCIMachineStates2;
|
|
120
|
-
}({});
|
|
121
|
-
var OID4VCIMachineAddContactStates = /* @__PURE__ */ function(OID4VCIMachineAddContactStates2) {
|
|
121
|
+
})({});
|
|
122
|
+
var OID4VCIMachineAddContactStates = /* @__PURE__ */ (function(OID4VCIMachineAddContactStates2) {
|
|
122
123
|
OID4VCIMachineAddContactStates2["idle"] = "idle";
|
|
123
124
|
OID4VCIMachineAddContactStates2["next"] = "next";
|
|
124
125
|
return OID4VCIMachineAddContactStates2;
|
|
125
|
-
}({});
|
|
126
|
-
var OID4VCIMachineVerifyPinStates = /* @__PURE__ */ function(OID4VCIMachineVerifyPinStates2) {
|
|
126
|
+
})({});
|
|
127
|
+
var OID4VCIMachineVerifyPinStates = /* @__PURE__ */ (function(OID4VCIMachineVerifyPinStates2) {
|
|
127
128
|
OID4VCIMachineVerifyPinStates2["idle"] = "idle";
|
|
128
129
|
OID4VCIMachineVerifyPinStates2["next"] = "next";
|
|
129
130
|
return OID4VCIMachineVerifyPinStates2;
|
|
130
|
-
}({});
|
|
131
|
-
var OID4VCIMachineEvents = /* @__PURE__ */ function(OID4VCIMachineEvents2) {
|
|
131
|
+
})({});
|
|
132
|
+
var OID4VCIMachineEvents = /* @__PURE__ */ (function(OID4VCIMachineEvents2) {
|
|
132
133
|
OID4VCIMachineEvents2["NEXT"] = "NEXT";
|
|
133
134
|
OID4VCIMachineEvents2["PREVIOUS"] = "PREVIOUS";
|
|
134
135
|
OID4VCIMachineEvents2["DECLINE"] = "DECLINE";
|
|
@@ -141,14 +142,15 @@ var OID4VCIMachineEvents = /* @__PURE__ */ function(OID4VCIMachineEvents2) {
|
|
|
141
142
|
OID4VCIMachineEvents2["INVOKED_AUTHORIZATION_CODE_REQUEST"] = "INVOKED_AUTHORIZATION_CODE_REQUEST";
|
|
142
143
|
OID4VCIMachineEvents2["PROVIDE_AUTHORIZATION_CODE_RESPONSE"] = "PROVIDE_AUTHORIZATION_CODE_RESPONSE";
|
|
143
144
|
return OID4VCIMachineEvents2;
|
|
144
|
-
}({});
|
|
145
|
-
var OID4VCIMachineGuards = /* @__PURE__ */ function(OID4VCIMachineGuards2) {
|
|
145
|
+
})({});
|
|
146
|
+
var OID4VCIMachineGuards = /* @__PURE__ */ (function(OID4VCIMachineGuards2) {
|
|
146
147
|
OID4VCIMachineGuards2["hasContactGuard"] = "oid4vciHasContactGuard";
|
|
147
148
|
OID4VCIMachineGuards2["hasNoContactGuard"] = "oid4vciHasNoContactGuard";
|
|
148
149
|
OID4VCIMachineGuards2["credentialsToSelectRequiredGuard"] = "oid4vciCredentialsToSelectRequiredGuard";
|
|
149
150
|
OID4VCIMachineGuards2["requirePinGuard"] = "oid4vciRequirePinGuard";
|
|
150
151
|
OID4VCIMachineGuards2["requireAuthorizationGuard"] = "oid4vciRequireAuthorizationGuard";
|
|
151
152
|
OID4VCIMachineGuards2["noAuthorizationGuard"] = "oid4vciNoAuthorizationGuard";
|
|
153
|
+
OID4VCIMachineGuards2["hasNonceEndpointGuard"] = "oid4vciHasNonceEndpointGuard ";
|
|
152
154
|
OID4VCIMachineGuards2["hasAuthorizationResponse"] = "oid4vciHasAuthorizationResponse";
|
|
153
155
|
OID4VCIMachineGuards2["hasNoContactIdentityGuard"] = "oid4vciHasNoContactIdentityGuard";
|
|
154
156
|
OID4VCIMachineGuards2["verificationCodeGuard"] = "oid4vciVerificationCodeGuard";
|
|
@@ -158,8 +160,8 @@ var OID4VCIMachineGuards = /* @__PURE__ */ function(OID4VCIMachineGuards2) {
|
|
|
158
160
|
OID4VCIMachineGuards2["contactHasLowTrustGuard"] = "oid4vciContactHasLowTrustGuard";
|
|
159
161
|
OID4VCIMachineGuards2["isFirstPartyApplication"] = "oid4vciIsFirstPartyApplication";
|
|
160
162
|
return OID4VCIMachineGuards2;
|
|
161
|
-
}({});
|
|
162
|
-
var OID4VCIMachineServices = /* @__PURE__ */ function(OID4VCIMachineServices2) {
|
|
163
|
+
})({});
|
|
164
|
+
var OID4VCIMachineServices = /* @__PURE__ */ (function(OID4VCIMachineServices2) {
|
|
163
165
|
OID4VCIMachineServices2["start"] = "start";
|
|
164
166
|
OID4VCIMachineServices2["getContact"] = "getContact";
|
|
165
167
|
OID4VCIMachineServices2["getFederationTrust"] = "getFederationTrust";
|
|
@@ -174,17 +176,17 @@ var OID4VCIMachineServices = /* @__PURE__ */ function(OID4VCIMachineServices2) {
|
|
|
174
176
|
OID4VCIMachineServices2["storeCredentials"] = "storeCredentials";
|
|
175
177
|
OID4VCIMachineServices2["startFirstPartApplicationFlow"] = "startFirstPartApplicationFlow";
|
|
176
178
|
return OID4VCIMachineServices2;
|
|
177
|
-
}({});
|
|
178
|
-
var RequestType = /* @__PURE__ */ function(RequestType2) {
|
|
179
|
+
})({});
|
|
180
|
+
var RequestType = /* @__PURE__ */ (function(RequestType2) {
|
|
179
181
|
RequestType2["OPENID_INITIATE_ISSUANCE"] = "openid-initiate-issuance";
|
|
180
182
|
RequestType2["OPENID_CREDENTIAL_OFFER"] = "openid-credential-offer";
|
|
181
183
|
RequestType2["URL"] = "URL";
|
|
182
184
|
return RequestType2;
|
|
183
|
-
}({});
|
|
184
|
-
var IdentifierAliasEnum = /* @__PURE__ */ function(IdentifierAliasEnum2) {
|
|
185
|
+
})({});
|
|
186
|
+
var IdentifierAliasEnum = /* @__PURE__ */ (function(IdentifierAliasEnum2) {
|
|
185
187
|
IdentifierAliasEnum2["PRIMARY"] = "primary";
|
|
186
188
|
return IdentifierAliasEnum2;
|
|
187
|
-
}({});
|
|
189
|
+
})({});
|
|
188
190
|
|
|
189
191
|
// src/localization/Localization.ts
|
|
190
192
|
var Localization = class Localization2 {
|
|
@@ -226,7 +228,7 @@ var Localization = class Localization2 {
|
|
|
226
228
|
var translate = Localization.translate;
|
|
227
229
|
|
|
228
230
|
// src/types/FirstPartyMachine.ts
|
|
229
|
-
var FirstPartyMachineStateTypes = /* @__PURE__ */ function(FirstPartyMachineStateTypes2) {
|
|
231
|
+
var FirstPartyMachineStateTypes = /* @__PURE__ */ (function(FirstPartyMachineStateTypes2) {
|
|
230
232
|
FirstPartyMachineStateTypes2["sendAuthorizationChallengeRequest"] = "sendAuthorizationChallengeRequest";
|
|
231
233
|
FirstPartyMachineStateTypes2["sendAuthorizationResponse"] = "sendAuthorizationResponse";
|
|
232
234
|
FirstPartyMachineStateTypes2["selectCredentials"] = "selectCredentials";
|
|
@@ -237,21 +239,21 @@ var FirstPartyMachineStateTypes = /* @__PURE__ */ function(FirstPartyMachineStat
|
|
|
237
239
|
FirstPartyMachineStateTypes2["aborted"] = "aborted";
|
|
238
240
|
FirstPartyMachineStateTypes2["declined"] = "declined";
|
|
239
241
|
return FirstPartyMachineStateTypes2;
|
|
240
|
-
}({});
|
|
241
|
-
var FirstPartyMachineServices = /* @__PURE__ */ function(FirstPartyMachineServices2) {
|
|
242
|
+
})({});
|
|
243
|
+
var FirstPartyMachineServices = /* @__PURE__ */ (function(FirstPartyMachineServices2) {
|
|
242
244
|
FirstPartyMachineServices2["sendAuthorizationChallengeRequest"] = "sendAuthorizationChallengeRequest";
|
|
243
245
|
FirstPartyMachineServices2["sendAuthorizationResponse"] = "sendAuthorizationResponse";
|
|
244
246
|
FirstPartyMachineServices2["createConfig"] = "createConfig";
|
|
245
247
|
FirstPartyMachineServices2["getSiopRequest"] = "getSiopRequest";
|
|
246
248
|
return FirstPartyMachineServices2;
|
|
247
|
-
}({});
|
|
248
|
-
var FirstPartyMachineEvents = /* @__PURE__ */ function(FirstPartyMachineEvents2) {
|
|
249
|
+
})({});
|
|
250
|
+
var FirstPartyMachineEvents = /* @__PURE__ */ (function(FirstPartyMachineEvents2) {
|
|
249
251
|
FirstPartyMachineEvents2["NEXT"] = "NEXT";
|
|
250
252
|
FirstPartyMachineEvents2["PREVIOUS"] = "PREVIOUS";
|
|
251
253
|
FirstPartyMachineEvents2["DECLINE"] = "DECLINE";
|
|
252
254
|
FirstPartyMachineEvents2["SET_SELECTED_CREDENTIALS"] = "SET_SELECTED_CREDENTIALS";
|
|
253
255
|
return FirstPartyMachineEvents2;
|
|
254
|
-
}({});
|
|
256
|
+
})({});
|
|
255
257
|
|
|
256
258
|
// src/machines/oid4vciMachine.ts
|
|
257
259
|
var oid4vciHasNoContactGuard = /* @__PURE__ */ __name((_ctx, _event) => {
|
|
@@ -1538,7 +1540,7 @@ var getCredentialBranding = /* @__PURE__ */ __name(async (args) => {
|
|
|
1538
1540
|
const credentialBranding = {};
|
|
1539
1541
|
await Promise.all(Object.entries(credentialsSupported).map(async ([configId, credentialsConfigSupported]) => {
|
|
1540
1542
|
let sdJwtTypeMetadata;
|
|
1541
|
-
if (credentialsConfigSupported.format === "
|
|
1543
|
+
if (credentialsConfigSupported.format === "dc+sd-jwt") {
|
|
1542
1544
|
const vct = credentialsConfigSupported.vct;
|
|
1543
1545
|
if (vct.startsWith("http")) {
|
|
1544
1546
|
try {
|
|
@@ -1604,7 +1606,13 @@ var selectCredentialLocaleBranding = /* @__PURE__ */ __name(async (args) => {
|
|
|
1604
1606
|
}, "selectCredentialLocaleBranding");
|
|
1605
1607
|
var verifyCredentialToAccept = /* @__PURE__ */ __name(async (args) => {
|
|
1606
1608
|
const { mappedCredential, hasher, onVerifyEBSICredentialIssuer, schemaValidation, context } = args;
|
|
1607
|
-
const
|
|
1609
|
+
const credentialResponse = mappedCredential.credentialToAccept.credentialResponse;
|
|
1610
|
+
let credential;
|
|
1611
|
+
if ("credential" in credentialResponse) {
|
|
1612
|
+
credential = credentialResponse.credential;
|
|
1613
|
+
} else if ("credentials" in credentialResponse && credentialResponse.credentials && Array.isArray(credentialResponse.credentials) && credentialResponse.credentials.length > 0) {
|
|
1614
|
+
credential = credentialResponse.credentials[0].credential;
|
|
1615
|
+
}
|
|
1608
1616
|
if (!credential) {
|
|
1609
1617
|
return Promise.reject(Error("No credential found in credential response"));
|
|
1610
1618
|
}
|
|
@@ -1660,7 +1668,12 @@ var verifyCredentialToAccept = /* @__PURE__ */ __name(async (args) => {
|
|
|
1660
1668
|
var mapCredentialToAccept = /* @__PURE__ */ __name(async (args) => {
|
|
1661
1669
|
const { credentialToAccept, hasher } = args;
|
|
1662
1670
|
const credentialResponse = credentialToAccept.credentialResponse;
|
|
1663
|
-
|
|
1671
|
+
let verifiableCredential;
|
|
1672
|
+
if ("credential" in credentialResponse) {
|
|
1673
|
+
verifiableCredential = credentialResponse.credential;
|
|
1674
|
+
} else if ("credentials" in credentialResponse && credentialResponse.credentials && Array.isArray(credentialResponse.credentials) && credentialResponse.credentials.length > 0) {
|
|
1675
|
+
verifiableCredential = credentialResponse.credentials[0].credential;
|
|
1676
|
+
}
|
|
1664
1677
|
if (!verifiableCredential) {
|
|
1665
1678
|
return Promise.reject(Error("No credential found in credential response"));
|
|
1666
1679
|
}
|
|
@@ -1994,7 +2007,8 @@ var getIssuanceCryptoSuite = /* @__PURE__ */ __name(async (opts) => {
|
|
|
1994
2007
|
case "jwt":
|
|
1995
2008
|
case "jwt_vc_json":
|
|
1996
2009
|
case "jwt_vc":
|
|
1997
|
-
case "
|
|
2010
|
+
case "dc+sd-jwt":
|
|
2011
|
+
case "dc+sd-jwt":
|
|
1998
2012
|
case "mso_mdoc": {
|
|
1999
2013
|
const supportedPreferences = jwtCryptographicSuitePreferences.filter((suite) => signing_algs_supported.includes(suite));
|
|
2000
2014
|
if (supportedPreferences.length > 0) {
|
|
@@ -2063,7 +2077,6 @@ var startFirstPartApplicationMachine = /* @__PURE__ */ __name(async (args, conte
|
|
|
2063
2077
|
|
|
2064
2078
|
// src/agent/OID4VCIHolder.ts
|
|
2065
2079
|
import "cross-fetch/polyfill";
|
|
2066
|
-
import { defaultHasher as defaultHasher2 } from "@sphereon/ssi-sdk.core";
|
|
2067
2080
|
var oid4vciHolderContextMethods = [
|
|
2068
2081
|
"cmGetContacts",
|
|
2069
2082
|
"cmGetContact",
|
|
@@ -2079,7 +2092,7 @@ var oid4vciHolderContextMethods = [
|
|
|
2079
2092
|
];
|
|
2080
2093
|
var logger = Loggers.DEFAULT.get("sphereon:oid4vci:holder");
|
|
2081
2094
|
function signCallback(identifier, context, nonce) {
|
|
2082
|
-
return async (jwt, kid) => {
|
|
2095
|
+
return async (jwt, kid, noIssPayloadUpdate) => {
|
|
2083
2096
|
let resolution = await context.agent.identifierManagedGet(identifier);
|
|
2084
2097
|
const jwk = jwt.header.jwk ?? (resolution.method === "jwk" ? resolution.jwk : void 0);
|
|
2085
2098
|
if (!resolution.issuer && !jwt.payload.iss) {
|
|
@@ -2097,7 +2110,7 @@ function signCallback(identifier, context, nonce) {
|
|
|
2097
2110
|
return (await context.agent.jwtCreateJwsCompactSignature({
|
|
2098
2111
|
issuer: {
|
|
2099
2112
|
...resolution,
|
|
2100
|
-
noIssPayloadUpdate: false
|
|
2113
|
+
noIssPayloadUpdate: noIssPayloadUpdate ?? false
|
|
2101
2114
|
},
|
|
2102
2115
|
protectedHeader: header,
|
|
2103
2116
|
payload
|
|
@@ -2132,6 +2145,7 @@ var OID4VCIHolder = class _OID4VCIHolder {
|
|
|
2132
2145
|
oid4vciHolderStoreIssuerBranding: this.oid4vciHolderStoreIssuerBranding.bind(this)
|
|
2133
2146
|
};
|
|
2134
2147
|
vcFormatPreferences = [
|
|
2148
|
+
"dc+sd-jwt",
|
|
2135
2149
|
"vc+sd-jwt",
|
|
2136
2150
|
"mso_mdoc",
|
|
2137
2151
|
"jwt_vc_json",
|
|
@@ -2658,9 +2672,19 @@ var OID4VCIHolder = class _OID4VCIHolder {
|
|
|
2658
2672
|
}
|
|
2659
2673
|
let counter = 0;
|
|
2660
2674
|
for (const credentialId of selectedCredentials) {
|
|
2661
|
-
const
|
|
2675
|
+
const configId = credentialId;
|
|
2676
|
+
const types = credentialsToAccept.find((ac) => ac.correlationId === configId || ac.credentialToAccept.id === configId || ac.types.includes(configId))?.types?.filter((type) => type != "VerifiableCredential") ?? [];
|
|
2677
|
+
const localeBranding = credentialBranding?.[configId] ?? [];
|
|
2678
|
+
if (localeBranding.length === 0) {
|
|
2679
|
+
for (const type of types) {
|
|
2680
|
+
const branding = credentialBranding?.[type] ?? [];
|
|
2681
|
+
if (branding.length > 0) {
|
|
2682
|
+
localeBranding.push(...branding);
|
|
2683
|
+
}
|
|
2684
|
+
}
|
|
2685
|
+
}
|
|
2662
2686
|
if (localeBranding && localeBranding.length > 0) {
|
|
2663
|
-
const credential = credentialsToAccept.find((credAccept) => credAccept.credentialToAccept.id === credentialId || JSON.stringify(credAccept.types) === credentialId || credentialsToAccept[counter]);
|
|
2687
|
+
const credential = credentialsToAccept.find((credAccept) => credAccept.credentialToAccept.id === credentialId || JSON.stringify(credAccept.types) === credentialId || JSON.stringify(credAccept.types.filter((cred) => cred !== "VerifiableCredential")) === JSON.stringify(types) || credentialsToAccept[counter]);
|
|
2664
2688
|
counter++;
|
|
2665
2689
|
await context.agent.ibAddCredentialBranding({
|
|
2666
2690
|
vcHash: computeEntryHash(credential.rawVerifiableCredential),
|
|
@@ -2708,7 +2732,16 @@ var OID4VCIHolder = class _OID4VCIHolder {
|
|
|
2708
2732
|
if (Array.isArray(subjectIssuance?.notification_events_supported)) {
|
|
2709
2733
|
event = subjectIssuance.notification_events_supported.includes("credential_accepted_holder_signed") ? "credential_accepted_holder_signed" : "credential_deleted_holder_signed";
|
|
2710
2734
|
logger.log(`Subject issuance/signing will be used, with event`, event);
|
|
2711
|
-
const
|
|
2735
|
+
const credentialResponse = mappedCredentialToAccept.credentialToAccept.credentialResponse;
|
|
2736
|
+
let issuerVC;
|
|
2737
|
+
if ("credential" in credentialResponse) {
|
|
2738
|
+
issuerVC = credentialResponse.credential;
|
|
2739
|
+
} else if ("credentials" in credentialResponse && credentialResponse.credentials && Array.isArray(credentialResponse.credentials) && credentialResponse.credentials.length > 0) {
|
|
2740
|
+
issuerVC = credentialResponse.credentials[0].credential;
|
|
2741
|
+
}
|
|
2742
|
+
if (!issuerVC) {
|
|
2743
|
+
return Promise.reject(Error("No credential found in credential response"));
|
|
2744
|
+
}
|
|
2712
2745
|
const wrappedIssuerVC = CredentialMapper2.toWrappedVerifiableCredential(issuerVC, {
|
|
2713
2746
|
hasher: this.hasher ?? defaultHasher2
|
|
2714
2747
|
});
|