@sphereon/ssi-sdk.oid4vci-issuer 0.32.1-next.54 → 0.33.1-feature.jose.vcdm.55

package/src/functions.ts

@@ -3,18 +3,20 @@ import {
   CredentialRequest,
   IssuerMetadata,
   Jwt,
+  JWTHeader,
+  JWTPayload,
   JwtVerifyResult,
-  OID4VCICredentialFormat,
+  type OID4VCICredentialFormat,
+  StatusListOpts,
 } from '@sphereon/oid4vci-common'
-import { JWTHeader, JWTPayload } from '@sphereon/oid4vci-common/lib/types'
 import { CredentialDataSupplier, CredentialIssuanceInput, CredentialSignerCallback, VcIssuer, VcIssuerBuilder } from '@sphereon/oid4vci-issuer'
 import { getAgentResolver, IDIDOptions } from '@sphereon/ssi-sdk-ext.did-utils'
 import { legacyKeyRefsToIdentifierOpts, ManagedIdentifierOptsOrResult } from '@sphereon/ssi-sdk-ext.identifier-resolution'
 import { contextHasPlugin } from '@sphereon/ssi-sdk.agent-config'
-import { SdJwtVcPayload } from '@sphereon/ssi-sdk.sd-jwt/dist'
+import { SdJwtVcPayload } from '@sphereon/ssi-sdk.sd-jwt'
 import { IStatusListPlugin } from '@sphereon/ssi-sdk.vc-status-list'
 import { CompactSdJwtVc, CredentialMapper, ICredential, W3CVerifiableCredential } from '@sphereon/ssi-types'
-import { CredentialPayload, DIDDocument, ProofFormat } from '@veramo/core'
+import { CredentialPayload, ProofFormat } from '@veramo/core'
 import { bytesToBase64 } from '@veramo/utils'
 import { createJWT, decodeJWT, JWTVerifyOptions, verifyJWT } from 'did-jwt'
 import { Resolvable } from 'did-resolver'
@@ -24,7 +26,7 @@ import fetch from 'cross-fetch'
 import { AuthorizationResponseStateStatus } from '@sphereon/did-auth-siop'
 
 export function getJwtVerifyCallback({ verifyOpts }: { verifyOpts?: JWTVerifyOptions }, _context: IRequiredContext) {
-  return async (args: { jwt: string; kid?: string }): Promise<JwtVerifyResult<DIDDocument>> => {
+  return async (args: { jwt: string; kid?: string }): Promise<JwtVerifyResult> => {
     const resolver = getAgentResolver(_context, {
       resolverResolution: true,
       uniresolverResolution: true,
@@ -45,17 +47,18 @@ export function getJwtVerifyCallback({ verifyOpts }: { verifyOpts?: JWTVerifyOpt
         return Promise.reject(Error(`the identifier of type ${identifier.method} is missing jwks (ExternalJwkInfo)`))
       }
       const { alg } = jwkInfo.jwk
-      if (!alg) {
-        return Promise.reject(Error(`the ExternalJwkInfo of identifier of type ${identifier.method} is missing alg in its jwk`))
-      }
-
       const header = jwtDecode<JWTHeader>(args.jwt, { header: true })
       const payload = jwtDecode<JWTPayload>(args.jwt, { header: false })
+      const kid = args.kid ?? header.kid
+      //const jwk = !kid ? jwkInfo.jwk : undefined // TODO double-check if this is correct
+      const jwk = jwkInfo.jwk // FIXME workaround IATAB2B-57
       return {
         alg,
         ...identifier,
         jwt: { header, payload },
-      } as JwtVerifyResult<DIDDocument>
+        ...(kid && { kid }),
+        ...(jwk && { jwk }),
+      } as JwtVerifyResult
     }
 
     const decodedJwt = (await decodeJWT(args.jwt)) as Jwt
@@ -66,7 +69,7 @@ export function getJwtVerifyCallback({ verifyOpts }: { verifyOpts?: JWTVerifyOpt
       return {
         alg: decodedJwt.header.alg,
         jwt: decodedJwt,
-      } as JwtVerifyResult<DIDDocument>
+      } as JwtVerifyResult
     }
     const did = kid.split('#')[0]
 
@@ -157,11 +160,25 @@ export async function getAccessTokenSignerCallback(
   }
 
   async function accessTokenSignerCallback(jwt: Jwt, kid?: string): Promise<string> {
-    const issuer = opts?.iss ?? opts.didOpts?.idOpts?.identifier.toString()
+    const issuer =
+      opts.idOpts?.issuer ??
+      (typeof opts.idOpts?.identifier === 'string' ? opts.idOpts.identifier : (opts.didOpts?.idOpts?.identifier?.toString() ?? opts?.iss))
     if (!issuer) {
       throw Error('No issuer configured for access tokens')
     }
-    return await createJWT(jwt.payload, { signer, issuer }, { ...jwt.header, typ: 'JWT' })
+
+    let kidHeader: string | undefined = jwt?.header?.kid ?? kid
+    if (!kidHeader) {
+      if (
+        opts.idOpts?.method === 'did' ||
+        opts.idOpts?.method === 'kid' ||
+        (typeof opts.didOpts?.idOpts.identifier === 'string' && opts.didOpts?.idOpts?.identifier?.startsWith('did:'))
+      ) {
+        // @ts-ignore
+        kidHeader = opts.idOpts?.kid ?? opts.didOpts?.idOpts?.kid ?? opts?.didOpts?.identifierOpts?.kid
+      }
+    }
+    return await createJWT(jwt.payload, { signer, issuer }, { ...jwt.header, ...(kidHeader && { kid: kidHeader }), typ: 'JWT' })
   }
 
   return accessTokenSignerCallback
@@ -172,14 +189,15 @@ export async function getCredentialSignerCallback(
     crypto?: Crypto
   },
   context: IRequiredContext,
-): Promise<CredentialSignerCallback<DIDDocument>> {
+): Promise<CredentialSignerCallback> {
   async function issueVCCallback(args: {
     credentialRequest: CredentialRequest
     credential: CredentialIssuanceInput
-    jwtVerifyResult: JwtVerifyResult<DIDDocument>
+    jwtVerifyResult: JwtVerifyResult
     format?: OID4VCICredentialFormat
+    statusLists?: Array<StatusListOpts>
   }): Promise<W3CVerifiableCredential | CompactSdJwtVc> {
-    const { jwtVerifyResult, format } = args
+    const { jwtVerifyResult, format, statusLists } = args
     const credential = args.credential as ICredential // TODO: SDJWT
     let proofFormat: ProofFormat
 
@@ -206,9 +224,10 @@ export async function getCredentialSignerCallback(
       // TODO: We should extend the plugin capabilities of issuance so we do not have to tuck this into the sign callback
       if (contextHasPlugin<IStatusListPlugin>(context, 'slAddStatusToCredential')) {
         // Add status list if enabled (and when the input has a credentialStatus object (can be empty))
-        const credentialStatusVC = await context.agent.slAddStatusToCredential({ credential })
+        const credentialStatusVC = await context.agent.slAddStatusToCredential({ credential, statusLists })
         if (credential.credentialStatus && !credential.credentialStatus.statusListCredential) {
           credential.credentialStatus = credentialStatusVC.credentialStatus
+          // TODO update statusLists somehow?
         }
       }
 
@@ -239,6 +258,28 @@ export async function getCredentialSignerCallback(
           _sd: credential['_sd'],
         }
       }
+
+      if (contextHasPlugin<IStatusListPlugin>(context, 'slAddStatusToSdJwtCredential')) {
+        if ((sdJwtPayload.status && sdJwtPayload.status.status_list) || (statusLists && statusLists.length > 0)) {
+          // Add status list if enabled (and when the input has a credentialStatus object (can be empty))
+          const sdJwtPayloadWithStatus = await context.agent.slAddStatusToSdJwtCredential({ credential: sdJwtPayload, statusLists })
+          if (sdJwtPayload.status?.status_list?.idx) {
+            if (!sdJwtPayloadWithStatus.status || !sdJwtPayloadWithStatus.status.status_list) {
+              // sdJwtPayload and sdJwtPayloadWithStatus is the same for now, but we should use the result anyway as this could be subject to change
+              return Promise.reject(Error('slAddStatusToSdJwtCredential did not return a status_list'))
+            }
+
+            // Update statusListId & statusListIndex back to the credential session TODO SSISDK-4 This is not a clean way to do this.
+            if (statusLists && statusLists.length > 0) {
+              const statusList = statusLists[0]
+              statusList.statusListId = sdJwtPayloadWithStatus.status.status_list.uri
+              statusList.statusListIndex = sdJwtPayloadWithStatus.status.status_list.idx
+            }
+            sdJwtPayload.status.status_list.idx = sdJwtPayloadWithStatus.status.status_list.idx
+          }
+        }
+      }
+
       const result = await context.agent.createSdJwtVc({
         credentialPayload: sdJwtPayload,
         disclosureFrame: disclosureFrame,
@@ -263,10 +304,10 @@ export async function createVciIssuerBuilder(
     credentialDataSupplier?: CredentialDataSupplier
   },
   context: IRequiredContext,
-): Promise<VcIssuerBuilder<DIDDocument>> {
+): Promise<VcIssuerBuilder> {
   const { issuerOpts, issuerMetadata, authorizationServerMetadata } = args
 
-  const builder = new VcIssuerBuilder<DIDDocument>()
+  const builder = new VcIssuerBuilder()
   // @ts-ignore
   const resolver =
     args.resolver ??
@@ -287,14 +328,23 @@ export async function createVciIssuerBuilder(
   builder.withAuthorizationMetadata(authorizationServerMetadata)
   // builder.withUserPinRequired(issuerOpts.userPinRequired ?? false) was removed from implementers draft v1
   builder.withCredentialSignerCallback(await getCredentialSignerCallback(idOpts, context))
+
+  if (issuerOpts.asClientOpts) {
+    builder.withASClientMetadata(issuerOpts.asClientOpts)
+    // @ts-ignore
+    // const authorizationServer = issuerMetadata.authorization_servers[0] as string
+    // Set the OIDC verifier
+    // builder.withJWTVerifyCallback(oidcAccessTokenVerifyCallback({clientMetadata: issuerOpts.asClientOpts, credentialIssuer: issuerMetadata.credential_issuer as string, authorizationServer}))
+  }
+  // Do not use it when asClient is used
   builder.withJWTVerifyCallback(getJwtVerifyCallback({ verifyOpts: jwtVerifyOpts }, context))
+
   if (args.credentialDataSupplier) {
     builder.withCredentialDataSupplier(args.credentialDataSupplier)
   }
   builder.withInMemoryCNonceState()
   builder.withInMemoryCredentialOfferState()
   builder.withInMemoryCredentialOfferURIState()
-  builder.build()
 
   return builder
 }
@@ -312,7 +362,7 @@ export async function createVciIssuer(
     credentialDataSupplier?: CredentialDataSupplier
   },
   context: IRequiredContext,
-): Promise<VcIssuer<DIDDocument>> {
+): Promise<VcIssuer> {
   return (
     await createVciIssuerBuilder(
       {
@@ -326,20 +376,19 @@ export async function createVciIssuer(
   ).build()
 }
 
-export async function createAuthRequestUriCallback(opts: { path: string, presentationDefinitionId: string }): Promise<() => Promise<string>> {
+export async function createAuthRequestUriCallback(opts: { path: string; presentationDefinitionId: string }): Promise<() => Promise<string>> {
   async function authRequestUriCallback(): Promise<string> {
     const path = opts.path.replace(':definitionId', opts.presentationDefinitionId)
     return fetch(path, {
       method: 'POST',
       headers: {
         'Content-Type': 'application/json',
-      }
-    })
-    .then(async (response): Promise<string> => {
+      },
+    }).then(async (response): Promise<string> => {
       if (response.status >= 400) {
         return Promise.reject(Error(await response.text()))
       } else {
-        const responseData = await response.json();
+        const responseData = await response.json()
 
         if (!responseData.authRequestURI) {
           return Promise.reject(Error('Missing auth request uri in response body'))
@@ -348,13 +397,15 @@ export async function createAuthRequestUriCallback(opts: { path: string, present
         return responseData.authRequestURI
       }
     })
-
   }
 
   return authRequestUriCallback
 }
 
-export async function createVerifyAuthResponseCallback(opts: { path: string, presentationDefinitionId: string }): Promise<(correlationId: string) => Promise<boolean>> {
+export async function createVerifyAuthResponseCallback(opts: {
+  path: string
+  presentationDefinitionId: string
+}): Promise<(correlationId: string) => Promise<boolean>> {
   async function verifyAuthResponseCallback(correlationId: string): Promise<boolean> {
     return fetch(opts.path, {
       method: 'POST',
@@ -362,12 +413,11 @@ export async function createVerifyAuthResponseCallback(opts: { path: string, pre
         'Content-Type': 'application/json',
       },
       body: JSON.stringify({ definitionId: opts.presentationDefinitionId, correlationId }),
-    })
-    .then(async (response): Promise<boolean> => {
+    }).then(async (response): Promise<boolean> => {
       if (response.status >= 400) {
         return Promise.reject(Error(await response.text()))
       } else {
-        const responseData = await response.json();
+        const responseData = await response.json()
 
         if (!responseData.status) {
           return Promise.reject(Error('Missing status in response body'))

package/src/state-manager/oid4vcState/IAbstractMachineStateStore.ts

@@ -0,0 +1,51 @@
+import { StateType } from '@sphereon/oid4vci-common'
+import { Oid4vcStateEntity } from '@sphereon/ssi-sdk.data-store'
+
+export interface IOid4vcStateStore<StateType> {
+  persistOid4vcState(args: Oid4vcStateStoreParams<StateType>): Promise<Oid4vcStatePersisted<StateType>>
+
+  findOid4vcStates(args: StoreOid4vcFindActiveArgs): Promise<Array<Oid4vcStatePersisted<StateType>>>
+
+  getOid4vcState(args: StoreOid4vcGetArgs): Promise<Oid4vcStatePersisted<StateType>>
+
+  deleteOid4vcState(args: StoreOid4vcDeleteArgs): Promise<boolean>
+
+  deleteExpiredOid4vcStates(args: StoreOid4vcDeleteExpiredArgs): Promise<number>
+}
+
+export type StoreMachineStatePersistArgs<StateType> = Omit<Oid4vcStateStoreParams<StateType>, 'createdAt' | 'updatedAt'>
+
+export type StoreOid4vcFindActiveArgs = Partial<Pick<Oid4vcStateStoreParams<StateType>, 'expiresAt' | 'tenantId' | 'stateId'>>
+
+export type FindMachineStatesFilterArgs = Array<Partial<Omit<Oid4vcStateStoreParams<StateType>, 'state'>>>
+
+export type StoreFindMachineStatesArgs = {
+  filter: FindMachineStatesFilterArgs
+}
+
+export type StoreOid4vcGetArgs = Pick<Oid4vcStateEntity<StateType>, 'id' | 'stateId' | 'correlationId' | 'lookups' | 'tenantId'>
+export type Oid4vcStateStore<StateType> = Pick<Oid4vcStateEntity<StateType>, 'id' | 'stateId' | 'correlationId' | 'lookups'>
+
+export type StoreOid4vcDeleteArgs = StoreOid4vcGetArgs
+export type StoreOid4vcDeleteExpiredArgs = {
+  id?: string
+  correlationId?: string
+  sessionId?: string
+  lookups?: Array<string>
+  tenantId?: string
+}
+
+export type Oid4vcStatePersisted<StateType> = {
+  id: string
+  stateId?: string
+  correlationId?: string
+  type: string
+  state: StateType
+  lookups?: Array<string>
+  createdAt: Date
+  lastUpdatedAt: Date
+  expiresAt?: Date
+  tenantId?: string
+}
+
+export type Oid4vcStateStoreParams<StateType> = Omit<Oid4vcStatePersisted<StateType>, 'id'>

package/src/state-manager/oid4vcState/MachineStateStore.ts

@@ -0,0 +1,135 @@
+// import Debug from 'debug'
+//
+//
+// const debug = Debug('sphereon:ssi-sdk:machine-state:store')
+//
+// /**
+//  * Represents a data store for managing machine states.
+//  */
+// export class MachineStateStore extends IAbstractMachineStateStore {
+// private readonly _dbConnection: OrPromise<DataSource>
+//
+// constructor(dbConnection: OrPromise<DataSource>) {
+//   super()
+//   this._dbConnection = dbConnection
+// }
+// async persistMachineState(state: StoreMachineStatePersistArgs): Promise<StoreMachineStateInfo> {
+//   const connection: DataSource = await this._dbConnection
+//   const { machineName, instanceId, tenantId } = state
+//   debug(`Executing persistMachineState for machine ${machineName}, instance ${instanceId}, tenantId: ${tenantId}...`)
+//   const entity = MachineStateStore.machineStateInfoEntityFrom(state)
+//   const existing = await connection.getRepository(MachineStateInfoEntity).findOne({
+//     where: {
+//       instanceId: state.instanceId,
+//     },
+//   })
+//   if (existing && existing.updatedCount > state.updatedCount) {
+//     const error = `Updating machine state with an older version is not allowed. Machine ${existing.machineName}, last count: ${
+//       existing.updatedCount
+//     }, new count: ${existing.updatedCount}, last updated: ${existing.updatedAt}, current: ${new Date()}, instance: ${existing.instanceId}`
+//     console.log(error)
+//     return Promise.reject(new Error(error))
+//   }
+//   // No need for a transaction. This is a single entity. We don't want to be surprised by an isolation level hiding the state from others
+//   const result = await connection.getRepository(MachineStateInfoEntity).save(entity, { transaction: false })
+//   debug(`Done persistMachineState machine ${machineName}, instance ${instanceId}, tenantId: ${tenantId}`)
+//   return MachineStateStore.machineInfoFrom(result)
+// }
+//
+// async findActiveMachineStates(args: StoreMachineStatesFindActiveArgs): Promise<Array<StoreMachineStateInfo>> {
+//   const { tenantId, machineName, instanceId } = args
+//   const connection: DataSource = await this._dbConnection
+//   debug(`Executing findActiveMachineStates query with machineName: ${machineName}, tenantId: ${tenantId}`)
+//   const queryBuilder = connection
+//     .getRepository(MachineStateInfoEntity)
+//     .createQueryBuilder('state')
+//     .where('state.completedAt IS NULL')
+//     .andWhere(
+//       new Brackets((qb) => {
+//         qb.where('state.expiresAt IS NULL').orWhere('state.expiresAt > :now', { now: new Date() })
+//       }),
+//     )
+//
+//   if (instanceId) {
+//     queryBuilder.andWhere('state.instanceId = :instanceId', { instanceId })
+//   }
+//   if (tenantId) {
+//     queryBuilder.andWhere('state.tenantId = :tenantId', { tenantId })
+//   }
+//   if (machineName) {
+//     queryBuilder.andWhere('state.machineName = :machineName', { machineName })
+//   }
+//
+//   return (
+//     (await queryBuilder
+//       .orderBy('state.updatedAt', 'DESC')
+//       .getMany()
+//       .then((entities) => entities.map(MachineStateStore.machineInfoFrom))) ?? []
+//   )
+// }
+//
+// async findMachineStates(args?: StoreFindMachineStatesArgs): Promise<Array<StoreMachineStateInfo>> {
+//   const connection: DataSource = await this._dbConnection
+//   debug('findMachineStates', args)
+//   const result: Array<MachineStateInfoEntity> = await connection.getRepository(MachineStateInfoEntity).find({
+//     ...(args?.filter && { where: args?.filter }),
+//     transaction: false,
+//   })
+//
+//   return result.map((event: MachineStateInfoEntity) => MachineStateStore.machineInfoFrom(event))
+// }
+//
+// async getMachineState(args: StoreMachineStateGetArgs): Promise<StoreMachineStateInfo> {
+//   const connection: DataSource = await this._dbConnection
+//   debug('getMachineState', args)
+//   return connection.getRepository(MachineStateInfoEntity).findOneOrFail({ where: { instanceId: args.instanceId } })
+// }
+//
+// async deleteMachineState(args: StoreMachineStateDeleteArgs): Promise<boolean> {
+//   debug(`Executing deleteMachineState query with id: ${args.instanceId}`)
+//   if (!args.instanceId) {
+//     throw new Error('No instanceId parameter is provided.')
+//   }
+//   try {
+//     const connection: DataSource = await this._dbConnection
+//
+//     const result = await connection.getRepository(MachineStateInfoEntity).delete(args.instanceId)
+//     return result.affected != null && result.affected > 0
+//   } catch (error) {
+//     debug(`Error deleting state: ${error}`)
+//     return false
+//   }
+// }
+//
+// async deleteExpiredMachineStates(args: StoreMachineStateDeleteExpiredArgs): Promise<number> {
+//   const { machineName, tenantId, deleteDoneStates } = args
+//   debug(`Executing deleteExpiredMachineStates query with params: ${JSON.stringify(args)}`)
+//   try {
+//     const connection: DataSource = await this._dbConnection
+//
+//     const deleteCriteria: FindOptionsWhere<MachineStateInfoEntity> = {
+//       ...(machineName && { machineName }),
+//       ...(tenantId && { tenantId }),
+//       // When deleteOnDone state is set we only look at completedAt, in other cases we compare current time with expiresAt
+//       ...(!deleteDoneStates && { expiresAt: LessThan(new Date()) }),
+//       ...(deleteDoneStates && { completedAt: Not(IsNull()) }),
+//     }
+//     const result = await connection.getRepository(MachineStateInfoEntity).delete(deleteCriteria)
+//     return result.affected ?? 0
+//   } catch (error) {
+//     debug(`Error deleting machine info: ${error}`)
+//     return Promise.reject(new Error(`Error deleting expired machine states for machine type ${machineName}`))
+//   }
+// }
+//
+// protected static machineInfoFrom = (machineStateInfoEntity: MachineStateInfoEntity): StoreMachineStateInfo => {
+//   // We are making sure no entity function get copied
+//   return JSON.parse(JSON.stringify(machineStateInfoEntity))
+// }
+//
+// static machineStateInfoEntityFrom = (machineStateInfo: StoreMachineStateInfo | StoreMachineStatePersistArgs): MachineStateInfoEntity => {
+//   const entity = new MachineStateInfoEntity()
+//   Object.assign(entity, machineStateInfo)
+//   return entity
+// }
+// }

package/src/types/IOID4VCIIssuer.ts

@@ -1,23 +1,27 @@
 import {
   AccessTokenRequest,
   AccessTokenResponse,
+  ClientMetadata,
   CredentialConfigurationSupported,
   CredentialDataSupplierInput,
   CredentialIssuerMetadataOpts,
+  CredentialOfferMode,
   CredentialOfferSession,
   CredentialRequest,
   CredentialResponse,
   Grant,
   JsonLdIssuerCredentialDefinition,
+  QRCodeOpts,
+  StatusListOpts,
 } from '@sphereon/oid4vci-common'
 import { CredentialDataSupplier } from '@sphereon/oid4vci-issuer'
 import { IDIDOptions, ResolveOpts } from '@sphereon/ssi-sdk-ext.did-utils'
 import { IIdentifierResolution, ManagedIdentifierOptsOrResult } from '@sphereon/ssi-sdk-ext.identifier-resolution'
 import { IOID4VCIStore } from '@sphereon/ssi-sdk.oid4vci-issuer-store'
-import { ICredential } from '@sphereon/ssi-types/dist'
+import { ICredential } from '@sphereon/ssi-types'
 import { IAgentContext, ICredentialIssuer, IDIDManager, IKeyManager, IPluginMethodMap, IResolver } from '@veramo/core'
 import { IssuerInstance } from '../IssuerInstance'
-import { IJwtService } from '@sphereon/ssi-sdk-ext.identifier-resolution/src/types/IJwtService'
+import { IJwtService } from '@sphereon/ssi-sdk-ext.jwt-service'
 
 export type IssuerCredentialDefinition = JsonLdIssuerCredentialDefinition
 
@@ -41,6 +45,16 @@ export interface ICreateOfferArgs extends IIssuerInstanceArgs {
   credentialDefinition?: IssuerCredentialDefinition
   credentialOfferUri?: string
   credentialDataSupplierInput?: CredentialDataSupplierInput // Optional storage that can help the credential Data Supplier. For instance to store credential input data during offer creation, if no additional data can be supplied later on
+
+  redirectUri?: string
+  // auth_session?: string; Would be a nice extension to support, to allow external systems to determine what the auth_session value should be
+  // @Deprecated use tx_code in the grant object
+  correlationId?: string
+  sessionLifeTimeInSec?: number
+  qrCodeOpts?: QRCodeOpts
+  client_id?: string
+  statusListOpts?: Array<StatusListOpts>
+  offerMode?: CredentialOfferMode
   baseUri?: string
   scheme?: string
   pinLength?: number
@@ -74,6 +88,7 @@ export interface IIssuerInstanceOptions extends IMetadataOptions {
 }
 
 export interface IIssuerOptions {
+  asClientOpts?: ClientMetadata
   idOpts?: ManagedIdentifierOptsOrResult
   resolveOpts?: ResolveOpts
   /**

package/dist/IssuerInstance.d.ts

@@ -1,27 +0,0 @@
-import { VcIssuer } from '@sphereon/oid4vci-issuer';
-import { DIDDocument } from '@veramo/core';
-import { AuthorizationServerMetadata, IssuerMetadata } from '@sphereon/oid4vci-common';
-import { CredentialDataSupplier } from '@sphereon/oid4vci-issuer';
-import { IIssuerOptions, IMetadataOptions, IRequiredContext } from './types/IOID4VCIIssuer';
-export declare class IssuerInstance {
-    private _issuer;
-    private readonly _metadataOptions;
-    private readonly _issuerOptions;
-    private readonly _issuerMetadata;
-    private readonly _authorizationServerMetadata;
-    constructor({ issuerOpts, metadataOpts, issuerMetadata, authorizationServerMetadata, }: {
-        issuerOpts: IIssuerOptions;
-        metadataOpts: IMetadataOptions;
-        issuerMetadata: IssuerMetadata;
-        authorizationServerMetadata: AuthorizationServerMetadata;
-    });
-    get(opts: {
-        context: IRequiredContext;
-        credentialDataSupplier?: CredentialDataSupplier;
-    }): Promise<VcIssuer<DIDDocument>>;
-    get issuerOptions(): IIssuerOptions;
-    get metadataOptions(): IMetadataOptions;
-    get issuerMetadata(): IssuerMetadata;
-    get authorizationServerMetadata(): AuthorizationServerMetadata;
-}
-//# sourceMappingURL=IssuerInstance.d.ts.map

package/dist/IssuerInstance.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"IssuerInstance.d.ts","sourceRoot":"","sources":["../src/IssuerInstance.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,0BAA0B,CAAA;AACnD,OAAO,EAAE,WAAW,EAAE,MAAM,cAAc,CAAA;AAE1C,OAAO,EAAE,2BAA2B,EAAE,cAAc,EAAE,MAAM,0BAA0B,CAAA;AAEtF,OAAO,EAAE,sBAAsB,EAAE,MAAM,0BAA0B,CAAA;AACjE,OAAO,EAAE,cAAc,EAAE,gBAAgB,EAAE,gBAAgB,EAAE,MAAM,wBAAwB,CAAA;AAE3F,qBAAa,cAAc;IACzB,OAAO,CAAC,OAAO,CAAmC;IAClD,OAAO,CAAC,QAAQ,CAAC,gBAAgB,CAAkB;IACnD,OAAO,CAAC,QAAQ,CAAC,cAAc,CAAgB;IAC/C,OAAO,CAAC,QAAQ,CAAC,eAAe,CAAgB;IAChD,OAAO,CAAC,QAAQ,CAAC,4BAA4B,CAA6B;gBAEvD,EACjB,UAAU,EACV,YAAY,EACZ,cAAc,EACd,2BAA2B,GAC5B,EAAE;QACD,UAAU,EAAE,cAAc,CAAA;QAC1B,YAAY,EAAE,gBAAgB,CAAA;QAC9B,cAAc,EAAE,cAAc,CAAA;QAC9B,2BAA2B,EAAE,2BAA2B,CAAA;KACzD;IAOY,GAAG,CAAC,IAAI,EAAE;QAAE,OAAO,EAAE,gBAAgB,CAAC;QAAC,sBAAsB,CAAC,EAAE,sBAAsB,CAAA;KAAE,GAAG,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC;IAgBtI,IAAI,aAAa,mBAEhB;IAED,IAAI,eAAe,qBAElB;IAED,IAAI,cAAc,mBAEjB;IAED,IAAI,2BAA2B,gCAE9B;CACF"}

package/dist/IssuerInstance.js

@@ -1,49 +0,0 @@
-"use strict";
-var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
-    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
-    return new (P || (P = Promise))(function (resolve, reject) {
-        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
-        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
-        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
-        step((generator = generator.apply(thisArg, _arguments || [])).next());
-    });
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.IssuerInstance = void 0;
-const functions_1 = require("./functions");
-class IssuerInstance {
-    constructor({ issuerOpts, metadataOpts, issuerMetadata, authorizationServerMetadata, }) {
-        this._issuerOptions = issuerOpts;
-        this._metadataOptions = metadataOpts;
-        this._issuerMetadata = issuerMetadata;
-        this._authorizationServerMetadata = authorizationServerMetadata;
-    }
-    get(opts) {
-        return __awaiter(this, void 0, void 0, function* () {
-            if (!this._issuer) {
-                const builder = yield (0, functions_1.createVciIssuerBuilder)({
-                    issuerOpts: this.issuerOptions,
-                    issuerMetadata: this.issuerMetadata,
-                    authorizationServerMetadata: this.authorizationServerMetadata,
-                    credentialDataSupplier: opts === null || opts === void 0 ? void 0 : opts.credentialDataSupplier,
-                }, opts.context);
-                this._issuer = builder.build();
-            }
-            return this._issuer;
-        });
-    }
-    get issuerOptions() {
-        return this._issuerOptions;
-    }
-    get metadataOptions() {
-        return this._metadataOptions;
-    }
-    get issuerMetadata() {
-        return this._issuerMetadata;
-    }
-    get authorizationServerMetadata() {
-        return this._authorizationServerMetadata;
-    }
-}
-exports.IssuerInstance = IssuerInstance;
-//# sourceMappingURL=IssuerInstance.js.map

package/dist/IssuerInstance.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"IssuerInstance.js","sourceRoot":"","sources":["../src/IssuerInstance.ts"],"names":[],"mappings":";;;;;;;;;;;;AAEA,2CAAoD;AAMpD,MAAa,cAAc;IAOzB,YAAmB,EACjB,UAAU,EACV,YAAY,EACZ,cAAc,EACd,2BAA2B,GAM5B;QACC,IAAI,CAAC,cAAc,GAAG,UAAU,CAAA;QAChC,IAAI,CAAC,gBAAgB,GAAG,YAAY,CAAA;QACpC,IAAI,CAAC,eAAe,GAAG,cAAc,CAAA;QACrC,IAAI,CAAC,4BAA4B,GAAG,2BAA2B,CAAA;IACjE,CAAC;IAEY,GAAG,CAAC,IAAoF;;YACnG,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC;gBAClB,MAAM,OAAO,GAAG,MAAM,IAAA,kCAAsB,EAC1C;oBACE,UAAU,EAAE,IAAI,CAAC,aAAa;oBAC9B,cAAc,EAAE,IAAI,CAAC,cAAc;oBACnC,2BAA2B,EAAE,IAAI,CAAC,2BAA2B;oBAC7D,sBAAsB,EAAE,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,sBAAsB;iBACrD,EACD,IAAI,CAAC,OAAO,CACb,CAAA;gBACD,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC,KAAK,EAAE,CAAA;YAChC,CAAC;YACD,OAAO,IAAI,CAAC,OAAO,CAAA;QACrB,CAAC;KAAA;IAED,IAAI,aAAa;QACf,OAAO,IAAI,CAAC,cAAc,CAAA;IAC5B,CAAC;IAED,IAAI,eAAe;QACjB,OAAO,IAAI,CAAC,gBAAgB,CAAA;IAC9B,CAAC;IAED,IAAI,cAAc;QAChB,OAAO,IAAI,CAAC,eAAe,CAAA;IAC7B,CAAC;IAED,IAAI,2BAA2B;QAC7B,OAAO,IAAI,CAAC,4BAA4B,CAAA;IAC1C,CAAC;CACF;AAvDD,wCAuDC"}

package/dist/agent/OID4VCIIssuer.d.ts

@@ -1,24 +0,0 @@
-import { IAgentPlugin } from '@veramo/core';
-import { IIssuerInstanceArgs, IOID4VCIIssuerOpts, IRequiredContext } from '../index';
-import { IssuerInstance } from '../IssuerInstance';
-import { IOID4VCIIssuer } from '../types/IOID4VCIIssuer';
-export declare class OID4VCIIssuer implements IAgentPlugin {
-    private static readonly _DEFAULT_OPTS_KEY;
-    private readonly instances;
-    readonly schema: any;
-    readonly methods: IOID4VCIIssuer;
-    private _opts;
-    constructor(opts?: IOID4VCIIssuerOpts);
-    private oid4vciCreateOfferURI;
-    private oid4vciIssueCredential;
-    private oid4vciCreateAccessTokenResponse;
-    private createIssuerInstance;
-    oid4vciGetInstance(args: IIssuerInstanceArgs, context: IRequiredContext): Promise<IssuerInstance>;
-    private getIssuerOpts;
-    private getMetadataOpts;
-    private getIssuerMetadata;
-    private getAuthorizationServerMetadata;
-    private storeId;
-    private namespace;
-}
-//# sourceMappingURL=OID4VCIIssuer.d.ts.map

package/dist/agent/OID4VCIIssuer.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"OID4VCIIssuer.d.ts","sourceRoot":"","sources":["../../src/agent/OID4VCIIssuer.ts"],"names":[],"mappings":"AAIA,OAAO,EAAe,YAAY,EAAE,MAAM,cAAc,CAAA;AAExD,OAAO,EAKL,mBAAmB,EAEnB,kBAAkB,EAClB,gBAAgB,EAEjB,MAAM,UAAU,CAAA;AACjB,OAAO,EAAE,cAAc,EAAE,MAAM,mBAAmB,CAAA;AAElD,OAAO,EAAE,cAAc,EAAE,MAAM,yBAAyB,CAAA;AAExD,qBAAa,aAAc,YAAW,YAAY;IAChD,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,iBAAiB,CAAa;IACtD,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAyC;IACnE,QAAQ,CAAC,MAAM,MAAqC;IAEpD,QAAQ,CAAC,OAAO,EAAE,cAAc,CAK/B;IACD,OAAO,CAAC,KAAK,CAAoB;gBAErB,IAAI,CAAC,EAAE,kBAAkB;YAIvB,qBAAqB;YAcrB,sBAAsB;YAMtB,gCAAgC;YA0BhC,oBAAoB;IA0BrB,kBAAkB,CAAC,IAAI,EAAE,mBAAmB,EAAE,OAAO,EAAE,gBAAgB,GAAG,OAAO,CAAC,cAAc,CAAC;YAShG,aAAa;YAuBb,eAAe;YAcf,iBAAiB;YAuBjB,8BAA8B;YAqB9B,OAAO;YAQP,SAAS;CAOxB"}