@sphereon/ssi-sdk.oid4vci-holder 0.34.1-next.7 → 0.34.1-next.85

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (11) hide show
  1. package/dist/index.cjs +78 -55
  2. package/dist/index.cjs.map +1 -1
  3. package/dist/index.d.cts +7 -5
  4. package/dist/index.d.ts +7 -5
  5. package/dist/index.js +57 -34
  6. package/dist/index.js.map +1 -1
  7. package/package.json +25 -24
  8. package/src/agent/OID4VCIHolder.ts +35 -21
  9. package/src/services/OID4VCIHolderService.ts +28 -6
  10. package/src/types/FirstPartyMachine.ts +3 -2
  11. package/src/types/IOID4VCIHolder.ts +3 -1
package/dist/index.cjs CHANGED
@@ -139,7 +139,8 @@ var import_oid4vci_common4 = require("@sphereon/oid4vci-common");
139
139
  var import_ssi_sdk_ext5 = require("@sphereon/ssi-sdk-ext.did-utils");
140
140
  var import_ssi_sdk_ext6 = require("@sphereon/ssi-sdk-ext.identifier-resolution");
141
141
  var import_ssi_sdk_ext7 = require("@sphereon/ssi-sdk-ext.key-utils");
142
- var import_ssi_sdk2 = require("@sphereon/ssi-sdk.data-store");
142
+ var import_ssi_sdk2 = require("@sphereon/ssi-sdk.core");
143
+ var import_ssi_sdk3 = require("@sphereon/ssi-sdk.data-store");
143
144
  var import_ssi_types2 = require("@sphereon/ssi-types");
144
145
  var import_utils2 = require("@veramo/utils");
145
146
  var import_did_jwt = require("did-jwt");
@@ -154,18 +155,18 @@ var import_i18n_js = __toESM(require("i18n-js"), 1);
154
155
  var import_lodash = __toESM(require("lodash.memoize"), 1);
155
156
 
156
157
  // src/types/IOID4VCIHolder.ts
157
- var OID4VCIHolderEvent = /* @__PURE__ */ function(OID4VCIHolderEvent2) {
158
+ var OID4VCIHolderEvent = /* @__PURE__ */ (function(OID4VCIHolderEvent2) {
158
159
  OID4VCIHolderEvent2["CONTACT_IDENTITY_CREATED"] = "contact_identity_created";
159
160
  OID4VCIHolderEvent2["CREDENTIAL_STORED"] = "credential_stored";
160
161
  OID4VCIHolderEvent2["IDENTIFIER_CREATED"] = "identifier_created";
161
162
  return OID4VCIHolderEvent2;
162
- }({});
163
- var SupportedLanguage = /* @__PURE__ */ function(SupportedLanguage2) {
163
+ })({});
164
+ var SupportedLanguage = /* @__PURE__ */ (function(SupportedLanguage2) {
164
165
  SupportedLanguage2["ENGLISH"] = "en";
165
166
  SupportedLanguage2["DUTCH"] = "nl";
166
167
  return SupportedLanguage2;
167
- }({});
168
- var OID4VCIMachineStates = /* @__PURE__ */ function(OID4VCIMachineStates2) {
168
+ })({});
169
+ var OID4VCIMachineStates = /* @__PURE__ */ (function(OID4VCIMachineStates2) {
169
170
  OID4VCIMachineStates2["start"] = "start";
170
171
  OID4VCIMachineStates2["createCredentialsToSelectFrom"] = "createCredentialsToSelectFrom";
171
172
  OID4VCIMachineStates2["getContact"] = "getContact";
@@ -196,18 +197,18 @@ var OID4VCIMachineStates = /* @__PURE__ */ function(OID4VCIMachineStates2) {
196
197
  OID4VCIMachineStates2["error"] = "error";
197
198
  OID4VCIMachineStates2["done"] = "done";
198
199
  return OID4VCIMachineStates2;
199
- }({});
200
- var OID4VCIMachineAddContactStates = /* @__PURE__ */ function(OID4VCIMachineAddContactStates2) {
200
+ })({});
201
+ var OID4VCIMachineAddContactStates = /* @__PURE__ */ (function(OID4VCIMachineAddContactStates2) {
201
202
  OID4VCIMachineAddContactStates2["idle"] = "idle";
202
203
  OID4VCIMachineAddContactStates2["next"] = "next";
203
204
  return OID4VCIMachineAddContactStates2;
204
- }({});
205
- var OID4VCIMachineVerifyPinStates = /* @__PURE__ */ function(OID4VCIMachineVerifyPinStates2) {
205
+ })({});
206
+ var OID4VCIMachineVerifyPinStates = /* @__PURE__ */ (function(OID4VCIMachineVerifyPinStates2) {
206
207
  OID4VCIMachineVerifyPinStates2["idle"] = "idle";
207
208
  OID4VCIMachineVerifyPinStates2["next"] = "next";
208
209
  return OID4VCIMachineVerifyPinStates2;
209
- }({});
210
- var OID4VCIMachineEvents = /* @__PURE__ */ function(OID4VCIMachineEvents2) {
210
+ })({});
211
+ var OID4VCIMachineEvents = /* @__PURE__ */ (function(OID4VCIMachineEvents2) {
211
212
  OID4VCIMachineEvents2["NEXT"] = "NEXT";
212
213
  OID4VCIMachineEvents2["PREVIOUS"] = "PREVIOUS";
213
214
  OID4VCIMachineEvents2["DECLINE"] = "DECLINE";
@@ -220,14 +221,15 @@ var OID4VCIMachineEvents = /* @__PURE__ */ function(OID4VCIMachineEvents2) {
220
221
  OID4VCIMachineEvents2["INVOKED_AUTHORIZATION_CODE_REQUEST"] = "INVOKED_AUTHORIZATION_CODE_REQUEST";
221
222
  OID4VCIMachineEvents2["PROVIDE_AUTHORIZATION_CODE_RESPONSE"] = "PROVIDE_AUTHORIZATION_CODE_RESPONSE";
222
223
  return OID4VCIMachineEvents2;
223
- }({});
224
- var OID4VCIMachineGuards = /* @__PURE__ */ function(OID4VCIMachineGuards2) {
224
+ })({});
225
+ var OID4VCIMachineGuards = /* @__PURE__ */ (function(OID4VCIMachineGuards2) {
225
226
  OID4VCIMachineGuards2["hasContactGuard"] = "oid4vciHasContactGuard";
226
227
  OID4VCIMachineGuards2["hasNoContactGuard"] = "oid4vciHasNoContactGuard";
227
228
  OID4VCIMachineGuards2["credentialsToSelectRequiredGuard"] = "oid4vciCredentialsToSelectRequiredGuard";
228
229
  OID4VCIMachineGuards2["requirePinGuard"] = "oid4vciRequirePinGuard";
229
230
  OID4VCIMachineGuards2["requireAuthorizationGuard"] = "oid4vciRequireAuthorizationGuard";
230
231
  OID4VCIMachineGuards2["noAuthorizationGuard"] = "oid4vciNoAuthorizationGuard";
232
+ OID4VCIMachineGuards2["hasNonceEndpointGuard"] = "oid4vciHasNonceEndpointGuard ";
231
233
  OID4VCIMachineGuards2["hasAuthorizationResponse"] = "oid4vciHasAuthorizationResponse";
232
234
  OID4VCIMachineGuards2["hasNoContactIdentityGuard"] = "oid4vciHasNoContactIdentityGuard";
233
235
  OID4VCIMachineGuards2["verificationCodeGuard"] = "oid4vciVerificationCodeGuard";
@@ -237,8 +239,8 @@ var OID4VCIMachineGuards = /* @__PURE__ */ function(OID4VCIMachineGuards2) {
237
239
  OID4VCIMachineGuards2["contactHasLowTrustGuard"] = "oid4vciContactHasLowTrustGuard";
238
240
  OID4VCIMachineGuards2["isFirstPartyApplication"] = "oid4vciIsFirstPartyApplication";
239
241
  return OID4VCIMachineGuards2;
240
- }({});
241
- var OID4VCIMachineServices = /* @__PURE__ */ function(OID4VCIMachineServices2) {
242
+ })({});
243
+ var OID4VCIMachineServices = /* @__PURE__ */ (function(OID4VCIMachineServices2) {
242
244
  OID4VCIMachineServices2["start"] = "start";
243
245
  OID4VCIMachineServices2["getContact"] = "getContact";
244
246
  OID4VCIMachineServices2["getFederationTrust"] = "getFederationTrust";
@@ -253,17 +255,17 @@ var OID4VCIMachineServices = /* @__PURE__ */ function(OID4VCIMachineServices2) {
253
255
  OID4VCIMachineServices2["storeCredentials"] = "storeCredentials";
254
256
  OID4VCIMachineServices2["startFirstPartApplicationFlow"] = "startFirstPartApplicationFlow";
255
257
  return OID4VCIMachineServices2;
256
- }({});
257
- var RequestType = /* @__PURE__ */ function(RequestType2) {
258
+ })({});
259
+ var RequestType = /* @__PURE__ */ (function(RequestType2) {
258
260
  RequestType2["OPENID_INITIATE_ISSUANCE"] = "openid-initiate-issuance";
259
261
  RequestType2["OPENID_CREDENTIAL_OFFER"] = "openid-credential-offer";
260
262
  RequestType2["URL"] = "URL";
261
263
  return RequestType2;
262
- }({});
263
- var IdentifierAliasEnum = /* @__PURE__ */ function(IdentifierAliasEnum2) {
264
+ })({});
265
+ var IdentifierAliasEnum = /* @__PURE__ */ (function(IdentifierAliasEnum2) {
264
266
  IdentifierAliasEnum2["PRIMARY"] = "primary";
265
267
  return IdentifierAliasEnum2;
266
- }({});
268
+ })({});
267
269
 
268
270
  // src/localization/Localization.ts
269
271
  var Localization = class Localization2 {
@@ -305,7 +307,7 @@ var Localization = class Localization2 {
305
307
  var translate = Localization.translate;
306
308
 
307
309
  // src/types/FirstPartyMachine.ts
308
- var FirstPartyMachineStateTypes = /* @__PURE__ */ function(FirstPartyMachineStateTypes2) {
310
+ var FirstPartyMachineStateTypes = /* @__PURE__ */ (function(FirstPartyMachineStateTypes2) {
309
311
  FirstPartyMachineStateTypes2["sendAuthorizationChallengeRequest"] = "sendAuthorizationChallengeRequest";
310
312
  FirstPartyMachineStateTypes2["sendAuthorizationResponse"] = "sendAuthorizationResponse";
311
313
  FirstPartyMachineStateTypes2["selectCredentials"] = "selectCredentials";
@@ -316,21 +318,21 @@ var FirstPartyMachineStateTypes = /* @__PURE__ */ function(FirstPartyMachineStat
316
318
  FirstPartyMachineStateTypes2["aborted"] = "aborted";
317
319
  FirstPartyMachineStateTypes2["declined"] = "declined";
318
320
  return FirstPartyMachineStateTypes2;
319
- }({});
320
- var FirstPartyMachineServices = /* @__PURE__ */ function(FirstPartyMachineServices2) {
321
+ })({});
322
+ var FirstPartyMachineServices = /* @__PURE__ */ (function(FirstPartyMachineServices2) {
321
323
  FirstPartyMachineServices2["sendAuthorizationChallengeRequest"] = "sendAuthorizationChallengeRequest";
322
324
  FirstPartyMachineServices2["sendAuthorizationResponse"] = "sendAuthorizationResponse";
323
325
  FirstPartyMachineServices2["createConfig"] = "createConfig";
324
326
  FirstPartyMachineServices2["getSiopRequest"] = "getSiopRequest";
325
327
  return FirstPartyMachineServices2;
326
- }({});
327
- var FirstPartyMachineEvents = /* @__PURE__ */ function(FirstPartyMachineEvents2) {
328
+ })({});
329
+ var FirstPartyMachineEvents = /* @__PURE__ */ (function(FirstPartyMachineEvents2) {
328
330
  FirstPartyMachineEvents2["NEXT"] = "NEXT";
329
331
  FirstPartyMachineEvents2["PREVIOUS"] = "PREVIOUS";
330
332
  FirstPartyMachineEvents2["DECLINE"] = "DECLINE";
331
333
  FirstPartyMachineEvents2["SET_SELECTED_CREDENTIALS"] = "SET_SELECTED_CREDENTIALS";
332
334
  return FirstPartyMachineEvents2;
333
- }({});
335
+ })({});
334
336
 
335
337
  // src/machines/oid4vciMachine.ts
336
338
  var oid4vciHasNoContactGuard = /* @__PURE__ */ __name((_ctx, _event) => {
@@ -1617,7 +1619,7 @@ var getCredentialBranding = /* @__PURE__ */ __name(async (args) => {
1617
1619
  const credentialBranding = {};
1618
1620
  await Promise.all(Object.entries(credentialsSupported).map(async ([configId, credentialsConfigSupported]) => {
1619
1621
  let sdJwtTypeMetadata;
1620
- if (credentialsConfigSupported.format === "vc+sd-jwt") {
1622
+ if (credentialsConfigSupported.format === "dc+sd-jwt") {
1621
1623
  const vct = credentialsConfigSupported.vct;
1622
1624
  if (vct.startsWith("http")) {
1623
1625
  try {
@@ -1683,7 +1685,13 @@ var selectCredentialLocaleBranding = /* @__PURE__ */ __name(async (args) => {
1683
1685
  }, "selectCredentialLocaleBranding");
1684
1686
  var verifyCredentialToAccept = /* @__PURE__ */ __name(async (args) => {
1685
1687
  const { mappedCredential, hasher, onVerifyEBSICredentialIssuer, schemaValidation, context } = args;
1686
- const credential = mappedCredential.credentialToAccept.credentialResponse.credential;
1688
+ const credentialResponse = mappedCredential.credentialToAccept.credentialResponse;
1689
+ let credential;
1690
+ if ("credential" in credentialResponse) {
1691
+ credential = credentialResponse.credential;
1692
+ } else if ("credentials" in credentialResponse && credentialResponse.credentials && Array.isArray(credentialResponse.credentials) && credentialResponse.credentials.length > 0) {
1693
+ credential = credentialResponse.credentials[0].credential;
1694
+ }
1687
1695
  if (!credential) {
1688
1696
  return Promise.reject(Error("No credential found in credential response"));
1689
1697
  }
@@ -1739,7 +1747,12 @@ var verifyCredentialToAccept = /* @__PURE__ */ __name(async (args) => {
1739
1747
  var mapCredentialToAccept = /* @__PURE__ */ __name(async (args) => {
1740
1748
  const { credentialToAccept, hasher } = args;
1741
1749
  const credentialResponse = credentialToAccept.credentialResponse;
1742
- const verifiableCredential = credentialResponse.credential;
1750
+ let verifiableCredential;
1751
+ if ("credential" in credentialResponse) {
1752
+ verifiableCredential = credentialResponse.credential;
1753
+ } else if ("credentials" in credentialResponse && credentialResponse.credentials && Array.isArray(credentialResponse.credentials) && credentialResponse.credentials.length > 0) {
1754
+ verifiableCredential = credentialResponse.credentials[0].credential;
1755
+ }
1743
1756
  if (!verifiableCredential) {
1744
1757
  return Promise.reject(Error("No credential found in credential response"));
1745
1758
  }
@@ -2073,7 +2086,8 @@ var getIssuanceCryptoSuite = /* @__PURE__ */ __name(async (opts) => {
2073
2086
  case "jwt":
2074
2087
  case "jwt_vc_json":
2075
2088
  case "jwt_vc":
2076
- case "vc+sd-jwt":
2089
+ case "dc+sd-jwt":
2090
+ case "dc+sd-jwt":
2077
2091
  case "mso_mdoc": {
2078
2092
  const supportedPreferences = jwtCryptographicSuitePreferences.filter((suite) => signing_algs_supported.includes(suite));
2079
2093
  if (supportedPreferences.length > 0) {
@@ -2142,7 +2156,6 @@ var startFirstPartApplicationMachine = /* @__PURE__ */ __name(async (args, conte
2142
2156
 
2143
2157
  // src/agent/OID4VCIHolder.ts
2144
2158
  var import_polyfill = require("cross-fetch/polyfill");
2145
- var import_ssi_sdk3 = require("@sphereon/ssi-sdk.core");
2146
2159
  var oid4vciHolderContextMethods = [
2147
2160
  "cmGetContacts",
2148
2161
  "cmGetContact",
@@ -2158,7 +2171,7 @@ var oid4vciHolderContextMethods = [
2158
2171
  ];
2159
2172
  var logger = import_ssi_types2.Loggers.DEFAULT.get("sphereon:oid4vci:holder");
2160
2173
  function signCallback(identifier, context, nonce) {
2161
- return async (jwt, kid) => {
2174
+ return async (jwt, kid, noIssPayloadUpdate) => {
2162
2175
  let resolution = await context.agent.identifierManagedGet(identifier);
2163
2176
  const jwk = jwt.header.jwk ?? (resolution.method === "jwk" ? resolution.jwk : void 0);
2164
2177
  if (!resolution.issuer && !jwt.payload.iss) {
@@ -2176,7 +2189,7 @@ function signCallback(identifier, context, nonce) {
2176
2189
  return (await context.agent.jwtCreateJwsCompactSignature({
2177
2190
  issuer: {
2178
2191
  ...resolution,
2179
- noIssPayloadUpdate: false
2192
+ noIssPayloadUpdate: noIssPayloadUpdate ?? false
2180
2193
  },
2181
2194
  protectedHeader: header,
2182
2195
  payload
@@ -2211,6 +2224,7 @@ var OID4VCIHolder = class _OID4VCIHolder {
2211
2224
  oid4vciHolderStoreIssuerBranding: this.oid4vciHolderStoreIssuerBranding.bind(this)
2212
2225
  };
2213
2226
  vcFormatPreferences = [
2227
+ "dc+sd-jwt",
2214
2228
  "vc+sd-jwt",
2215
2229
  "mso_mdoc",
2216
2230
  "jwt_vc_json",
@@ -2244,7 +2258,7 @@ var OID4VCIHolder = class _OID4VCIHolder {
2244
2258
  onIdentifierCreated;
2245
2259
  onVerifyEBSICredentialIssuer;
2246
2260
  constructor(options) {
2247
- const { onContactIdentityCreated, onCredentialStored, onIdentifierCreated, onVerifyEBSICredentialIssuer, vcFormatPreferences, jsonldCryptographicSuitePreferences, didMethodPreferences, jwtCryptographicSuitePreferences, defaultAuthorizationRequestOptions, hasher = import_ssi_sdk3.defaultHasher } = {
2261
+ const { onContactIdentityCreated, onCredentialStored, onIdentifierCreated, onVerifyEBSICredentialIssuer, vcFormatPreferences, jsonldCryptographicSuitePreferences, didMethodPreferences, jwtCryptographicSuitePreferences, defaultAuthorizationRequestOptions, hasher = import_ssi_sdk2.defaultHasher } = {
2248
2262
  ...options
2249
2263
  };
2250
2264
  this.hasher = hasher;
@@ -2625,26 +2639,26 @@ var OID4VCIHolder = class _OID4VCIHolder {
2625
2639
  return Promise.reject(Error("Missing credential offers in context"));
2626
2640
  }
2627
2641
  let correlationId = credentialsToAccept[0].correlationId;
2628
- let identifierType = import_ssi_sdk2.CorrelationIdentifierType.DID;
2642
+ let identifierType = import_ssi_sdk3.CorrelationIdentifierType.DID;
2629
2643
  if (!correlationId.toLowerCase().startsWith("did:")) {
2630
- identifierType = import_ssi_sdk2.CorrelationIdentifierType.URL;
2644
+ identifierType = import_ssi_sdk3.CorrelationIdentifierType.URL;
2631
2645
  if (correlationId.startsWith("http")) {
2632
2646
  correlationId = new URL(correlationId).hostname;
2633
2647
  }
2634
2648
  }
2635
2649
  const identity = {
2636
2650
  alias: credentialsToAccept[0].correlationId,
2637
- origin: import_ssi_sdk2.IdentityOrigin.EXTERNAL,
2651
+ origin: import_ssi_sdk3.IdentityOrigin.EXTERNAL,
2638
2652
  roles: [
2639
- import_ssi_sdk2.CredentialRole.ISSUER
2653
+ import_ssi_sdk3.CredentialRole.ISSUER
2640
2654
  ],
2641
2655
  identifier: {
2642
2656
  type: identifierType,
2643
2657
  correlationId
2644
2658
  },
2645
- ...identifierType === import_ssi_sdk2.CorrelationIdentifierType.URL && {
2659
+ ...identifierType === import_ssi_sdk3.CorrelationIdentifierType.URL && {
2646
2660
  connection: {
2647
- type: import_ssi_sdk2.ConnectionType.OPENID_CONNECT,
2661
+ type: import_ssi_sdk3.ConnectionType.OPENID_CONNECT,
2648
2662
  config: {
2649
2663
  clientId: "138d7bf8-c930-4c6e-b928-97d3a4928b01",
2650
2664
  clientSecret: "03b3955f-d020-4f2a-8a27-4e452d4e27a0",
@@ -2671,7 +2685,7 @@ var OID4VCIHolder = class _OID4VCIHolder {
2671
2685
  }
2672
2686
  async oid4vciHolderGetIssuerBranding(args, context) {
2673
2687
  const { serverMetadata, contact } = args;
2674
- const issuerCorrelationId = contact?.identities.filter((identity) => identity.roles.includes(import_ssi_sdk2.CredentialRole.ISSUER)).map((identity) => identity.identifier.correlationId)[0];
2688
+ const issuerCorrelationId = contact?.identities.filter((identity) => identity.roles.includes(import_ssi_sdk3.CredentialRole.ISSUER)).map((identity) => identity.identifier.correlationId)[0];
2675
2689
  if (issuerCorrelationId) {
2676
2690
  const branding = await context.agent.ibGetIssuerBranding({
2677
2691
  filter: [
@@ -2701,7 +2715,7 @@ var OID4VCIHolder = class _OID4VCIHolder {
2701
2715
  if (!contact) {
2702
2716
  return Promise.reject(Error("Missing contact in context"));
2703
2717
  }
2704
- const issuerCorrelationId = contact?.identities.filter((identity) => identity.roles.includes(import_ssi_sdk2.CredentialRole.ISSUER)).map((identity) => identity.identifier.correlationId)[0];
2718
+ const issuerCorrelationId = contact?.identities.filter((identity) => identity.roles.includes(import_ssi_sdk3.CredentialRole.ISSUER)).map((identity) => identity.identifier.correlationId)[0];
2705
2719
  const branding = await context.agent.ibGetIssuerBranding({
2706
2720
  filter: [
2707
2721
  {
@@ -2797,9 +2811,18 @@ var OID4VCIHolder = class _OID4VCIHolder {
2797
2811
  if (Array.isArray(subjectIssuance?.notification_events_supported)) {
2798
2812
  event = subjectIssuance.notification_events_supported.includes("credential_accepted_holder_signed") ? "credential_accepted_holder_signed" : "credential_deleted_holder_signed";
2799
2813
  logger.log(`Subject issuance/signing will be used, with event`, event);
2800
- const issuerVC = mappedCredentialToAccept.credentialToAccept.credentialResponse.credential;
2814
+ const credentialResponse = mappedCredentialToAccept.credentialToAccept.credentialResponse;
2815
+ let issuerVC;
2816
+ if ("credential" in credentialResponse) {
2817
+ issuerVC = credentialResponse.credential;
2818
+ } else if ("credentials" in credentialResponse && credentialResponse.credentials && Array.isArray(credentialResponse.credentials) && credentialResponse.credentials.length > 0) {
2819
+ issuerVC = credentialResponse.credentials[0].credential;
2820
+ }
2821
+ if (!issuerVC) {
2822
+ return Promise.reject(Error("No credential found in credential response"));
2823
+ }
2801
2824
  const wrappedIssuerVC = import_ssi_types2.CredentialMapper.toWrappedVerifiableCredential(issuerVC, {
2802
- hasher: this.hasher ?? import_ssi_sdk3.defaultHasher
2825
+ hasher: this.hasher ?? import_ssi_sdk2.defaultHasher
2803
2826
  });
2804
2827
  console.log(`Wrapped VC: ${wrappedIssuerVC.type}, ${wrappedIssuerVC.format}`);
2805
2828
  let issuer;
@@ -2900,11 +2923,11 @@ var OID4VCIHolder = class _OID4VCIHolder {
2900
2923
  const [subjectCorrelationType, subjectCorrelationId] = this.determineSubjectCorrelation(issuanceOpt.identifier, issuer);
2901
2924
  const persistedCredential = await context.agent.crsAddCredential({
2902
2925
  credential: {
2903
- rawDocument: (0, import_ssi_sdk2.ensureRawDocument)(persistCredential),
2926
+ rawDocument: (0, import_ssi_sdk3.ensureRawDocument)(persistCredential),
2904
2927
  kmsKeyRef,
2905
2928
  identifierMethod: method,
2906
- credentialRole: import_ssi_sdk2.CredentialRole.HOLDER,
2907
- issuerCorrelationType: issuer?.startsWith("did:") ? import_ssi_sdk2.CredentialCorrelationType.DID : import_ssi_sdk2.CredentialCorrelationType.URL,
2929
+ credentialRole: import_ssi_sdk3.CredentialRole.HOLDER,
2930
+ issuerCorrelationType: issuer?.startsWith("did:") ? import_ssi_sdk3.CredentialCorrelationType.DID : import_ssi_sdk3.CredentialCorrelationType.URL,
2908
2931
  issuerCorrelationId: issuer,
2909
2932
  subjectCorrelationType,
2910
2933
  subjectCorrelationId
@@ -2972,12 +2995,12 @@ var OID4VCIHolder = class _OID4VCIHolder {
2972
2995
  case "did":
2973
2996
  if ((0, import_ssi_sdk_ext6.isManagedIdentifierResult)(identifier) && (0, import_ssi_sdk_ext6.isManagedIdentifierDidResult)(identifier)) {
2974
2997
  return [
2975
- import_ssi_sdk2.CredentialCorrelationType.DID,
2998
+ import_ssi_sdk3.CredentialCorrelationType.DID,
2976
2999
  identifier.did
2977
3000
  ];
2978
3001
  } else if ((0, import_ssi_sdk_ext6.isManagedIdentifierDidOpts)(identifier)) {
2979
3002
  return [
2980
- import_ssi_sdk2.CredentialCorrelationType.DID,
3003
+ import_ssi_sdk3.CredentialCorrelationType.DID,
2981
3004
  typeof identifier.identifier === "string" ? identifier.identifier : identifier.identifier.did
2982
3005
  ];
2983
3006
  }
@@ -2985,12 +3008,12 @@ var OID4VCIHolder = class _OID4VCIHolder {
2985
3008
  case "kid":
2986
3009
  if ((0, import_ssi_sdk_ext6.isManagedIdentifierResult)(identifier) && (0, import_ssi_sdk_ext6.isManagedIdentifierKidResult)(identifier)) {
2987
3010
  return [
2988
- import_ssi_sdk2.CredentialCorrelationType.KID,
3011
+ import_ssi_sdk3.CredentialCorrelationType.KID,
2989
3012
  identifier.kid
2990
3013
  ];
2991
3014
  } else if ((0, import_ssi_sdk_ext6.isManagedIdentifierDidOpts)(identifier)) {
2992
3015
  return [
2993
- import_ssi_sdk2.CredentialCorrelationType.KID,
3016
+ import_ssi_sdk3.CredentialCorrelationType.KID,
2994
3017
  identifier.identifier
2995
3018
  ];
2996
3019
  }
@@ -2998,19 +3021,19 @@ var OID4VCIHolder = class _OID4VCIHolder {
2998
3021
  case "x5c":
2999
3022
  if ((0, import_ssi_sdk_ext6.isManagedIdentifierResult)(identifier) && (0, import_ssi_sdk_ext6.isManagedIdentifierX5cResult)(identifier)) {
3000
3023
  return [
3001
- import_ssi_sdk2.CredentialCorrelationType.X509_SAN,
3024
+ import_ssi_sdk3.CredentialCorrelationType.X509_SAN,
3002
3025
  identifier.x5c.join("\r\n")
3003
3026
  ];
3004
3027
  } else if ((0, import_ssi_sdk_ext6.isManagedIdentifierX5cOpts)(identifier)) {
3005
3028
  return [
3006
- import_ssi_sdk2.CredentialCorrelationType.X509_SAN,
3029
+ import_ssi_sdk3.CredentialCorrelationType.X509_SAN,
3007
3030
  identifier.identifier.join("\r\n")
3008
3031
  ];
3009
3032
  }
3010
3033
  break;
3011
3034
  }
3012
3035
  return [
3013
- import_ssi_sdk2.CredentialCorrelationType.URL,
3036
+ import_ssi_sdk3.CredentialCorrelationType.URL,
3014
3037
  issuer
3015
3038
  ];
3016
3039
  }