@sphereon/ssi-sdk.oid4vci-issuer 0.33.1-feature.vcdm2.tsup.32 → 0.33.1-next.3

package/dist/functions.js

@@ -0,0 +1,328 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.getJwtVerifyCallback = getJwtVerifyCallback;
+exports.getAccessTokenKeyRef = getAccessTokenKeyRef;
+exports.getAccessTokenSignerCallback = getAccessTokenSignerCallback;
+exports.getCredentialSignerCallback = getCredentialSignerCallback;
+exports.createVciIssuerBuilder = createVciIssuerBuilder;
+exports.createVciIssuer = createVciIssuer;
+exports.createAuthRequestUriCallback = createAuthRequestUriCallback;
+exports.createVerifyAuthResponseCallback = createVerifyAuthResponseCallback;
+const oid4vci_issuer_1 = require("@sphereon/oid4vci-issuer");
+const ssi_sdk_ext_did_utils_1 = require("@sphereon/ssi-sdk-ext.did-utils");
+const ssi_sdk_ext_identifier_resolution_1 = require("@sphereon/ssi-sdk-ext.identifier-resolution");
+const ssi_sdk_agent_config_1 = require("@sphereon/ssi-sdk.agent-config");
+const ssi_types_1 = require("@sphereon/ssi-types");
+const utils_1 = require("@veramo/utils");
+const did_jwt_1 = require("did-jwt");
+const jwt_decode_1 = require("jwt-decode");
+const cross_fetch_1 = __importDefault(require("cross-fetch"));
+const did_auth_siop_1 = require("@sphereon/did-auth-siop");
+function getJwtVerifyCallback({ verifyOpts }, _context) {
+    return (args) => __awaiter(this, void 0, void 0, function* () {
+        var _a, _b, _c;
+        const resolver = (0, ssi_sdk_ext_did_utils_1.getAgentResolver)(_context, {
+            resolverResolution: true,
+            uniresolverResolution: true,
+            localResolution: true,
+        });
+        verifyOpts = Object.assign(Object.assign({}, verifyOpts), { resolver: verifyOpts === null || verifyOpts === void 0 ? void 0 : verifyOpts.resolver }); // Resolver separately as that is a function
+        if (!(verifyOpts === null || verifyOpts === void 0 ? void 0 : verifyOpts.resolver) || typeof ((_a = verifyOpts === null || verifyOpts === void 0 ? void 0 : verifyOpts.resolver) === null || _a === void 0 ? void 0 : _a.resolve) !== 'function') {
+            verifyOpts.resolver = resolver;
+        }
+        const result = yield _context.agent.jwtVerifyJwsSignature({ jws: args.jwt });
+        if (!result.error) {
+            const identifier = result.jws.signatures[0].identifier;
+            if (!identifier) {
+                return Promise.reject(Error('the jws did not contain a signature with an identifier'));
+            }
+            const jwkInfo = identifier.jwks[0];
+            if (!jwkInfo) {
+                return Promise.reject(Error(`the identifier of type ${identifier.method} is missing jwks (ExternalJwkInfo)`));
+            }
+            const { alg } = jwkInfo.jwk;
+            const header = (0, jwt_decode_1.jwtDecode)(args.jwt, { header: true });
+            const payload = (0, jwt_decode_1.jwtDecode)(args.jwt, { header: false });
+            const kid = (_b = args.kid) !== null && _b !== void 0 ? _b : header.kid;
+            //const jwk = !kid ? jwkInfo.jwk : undefined // TODO double-check if this is correct
+            const jwk = jwkInfo.jwk; // FIXME workaround IATAB2B-57
+            return Object.assign(Object.assign(Object.assign(Object.assign({ alg }, identifier), { jwt: { header, payload } }), (kid && { kid })), (jwk && { jwk }));
+        }
+        const decodedJwt = (yield (0, did_jwt_1.decodeJWT)(args.jwt));
+        const kid = (_c = args.kid) !== null && _c !== void 0 ? _c : decodedJwt.header.kid;
+        if (!kid || !kid.startsWith('did:')) {
+            // No DID method present in header. We already performed the validation above. So return that
+            return {
+                alg: decodedJwt.header.alg,
+                jwt: decodedJwt,
+            };
+        }
+        const did = kid.split('#')[0];
+        const didResult = yield (0, did_jwt_1.verifyJWT)(args.jwt, verifyOpts);
+        if (!didResult.verified) {
+            console.log(`JWT invalid: ${args.jwt}`);
+            throw Error('JWT did not verify successfully');
+        }
+        const didResolution = yield resolver.resolve(did);
+        if (!didResolution || !didResolution.didDocument) {
+            throw Error(`Could not resolve did: ${did}, metadata: ${didResolution === null || didResolution === void 0 ? void 0 : didResolution.didResolutionMetadata}`);
+        }
+        const alg = decodedJwt.header.alg;
+        return {
+            alg,
+            kid,
+            did,
+            didDocument: didResolution.didDocument,
+            jwt: decodedJwt,
+        };
+    });
+}
+function getAccessTokenKeyRef(opts, context) {
+    return __awaiter(this, void 0, void 0, function* () {
+        let identifier = (0, ssi_sdk_ext_identifier_resolution_1.legacyKeyRefsToIdentifierOpts)(opts);
+        return yield context.agent.identifierManagedGet(identifier);
+    });
+}
+function getAccessTokenSignerCallback(opts, context) {
+    return __awaiter(this, void 0, void 0, function* () {
+        const signer = (data) => __awaiter(this, void 0, void 0, function* () {
+            let dataString, encoding;
+            const resolution = yield (0, ssi_sdk_ext_identifier_resolution_1.legacyKeyRefsToIdentifierOpts)(opts);
+            const keyRef = resolution.kmsKeyRef;
+            if (!keyRef) {
+                throw Error('Cannot sign access tokens without a key ref');
+            }
+            if (typeof data === 'string') {
+                dataString = data;
+                encoding = undefined;
+            }
+            else {
+                dataString = (0, utils_1.bytesToBase64)(data);
+                encoding = 'base64';
+            }
+            return context.agent.keyManagerSign({ keyRef, data: dataString, encoding });
+        });
+        function accessTokenSignerCallback(jwt, kid) {
+            return __awaiter(this, void 0, void 0, function* () {
+                var _a, _b, _c, _d, _e, _f, _g, _h, _j, _k, _l, _m, _o, _p, _q, _r, _s, _t, _u, _v, _w, _x;
+                const issuer = (_b = (_a = opts.idOpts) === null || _a === void 0 ? void 0 : _a.issuer) !== null && _b !== void 0 ? _b : (typeof ((_c = opts.idOpts) === null || _c === void 0 ? void 0 : _c.identifier) === 'string' ? opts.idOpts.identifier : ((_g = (_f = (_e = (_d = opts.didOpts) === null || _d === void 0 ? void 0 : _d.idOpts) === null || _e === void 0 ? void 0 : _e.identifier) === null || _f === void 0 ? void 0 : _f.toString()) !== null && _g !== void 0 ? _g : opts === null || opts === void 0 ? void 0 : opts.iss));
+                if (!issuer) {
+                    throw Error('No issuer configured for access tokens');
+                }
+                let kidHeader = (_j = (_h = jwt === null || jwt === void 0 ? void 0 : jwt.header) === null || _h === void 0 ? void 0 : _h.kid) !== null && _j !== void 0 ? _j : kid;
+                if (!kidHeader) {
+                    if (((_k = opts.idOpts) === null || _k === void 0 ? void 0 : _k.method) === 'did' ||
+                        ((_l = opts.idOpts) === null || _l === void 0 ? void 0 : _l.method) === 'kid' ||
+                        (typeof ((_m = opts.didOpts) === null || _m === void 0 ? void 0 : _m.idOpts.identifier) === 'string' && ((_q = (_p = (_o = opts.didOpts) === null || _o === void 0 ? void 0 : _o.idOpts) === null || _p === void 0 ? void 0 : _p.identifier) === null || _q === void 0 ? void 0 : _q.startsWith('did:')))) {
+                        // @ts-ignore
+                        kidHeader = (_v = (_s = (_r = opts.idOpts) === null || _r === void 0 ? void 0 : _r.kid) !== null && _s !== void 0 ? _s : (_u = (_t = opts.didOpts) === null || _t === void 0 ? void 0 : _t.idOpts) === null || _u === void 0 ? void 0 : _u.kid) !== null && _v !== void 0 ? _v : (_x = (_w = opts === null || opts === void 0 ? void 0 : opts.didOpts) === null || _w === void 0 ? void 0 : _w.identifierOpts) === null || _x === void 0 ? void 0 : _x.kid;
+                    }
+                }
+                return yield (0, did_jwt_1.createJWT)(jwt.payload, { signer, issuer }, Object.assign(Object.assign(Object.assign({}, jwt.header), (kidHeader && { kid: kidHeader })), { typ: 'JWT' }));
+            });
+        }
+        return accessTokenSignerCallback;
+    });
+}
+function getCredentialSignerCallback(idOpts, context) {
+    return __awaiter(this, void 0, void 0, function* () {
+        function issueVCCallback(args) {
+            return __awaiter(this, void 0, void 0, function* () {
+                var _a, _b, _c;
+                const { jwtVerifyResult, format, statusLists } = args;
+                const credential = args.credential; // TODO: SDJWT
+                let proofFormat;
+                const resolution = yield context.agent.identifierManagedGet(idOpts);
+                proofFormat = (format === null || format === void 0 ? void 0 : format.includes('ld')) ? 'lds' : 'jwt';
+                const issuer = (_a = resolution.issuer) !== null && _a !== void 0 ? _a : resolution.kmsKeyRef;
+                if (ssi_types_1.CredentialMapper.isW3cCredential(credential)) {
+                    if (!credential.issuer) {
+                        credential.issuer = { id: issuer };
+                    }
+                    else if (typeof credential.issuer === 'object' && !credential.issuer.id) {
+                        credential.issuer.id = issuer;
+                    }
+                    const subjectIsArray = Array.isArray(credential.credentialSubject);
+                    let credentialSubjects = Array.isArray(credential.credentialSubject) ? credential.credentialSubject : [credential.credentialSubject];
+                    credentialSubjects = credentialSubjects.map((subject) => {
+                        if (!subject.id) {
+                            subject.id = jwtVerifyResult.did;
+                        }
+                        return subject;
+                    });
+                    credential.credentialSubject = subjectIsArray ? credentialSubjects : credentialSubjects[0];
+                    // TODO: We should extend the plugin capabilities of issuance so we do not have to tuck this into the sign callback
+                    if ((0, ssi_sdk_agent_config_1.contextHasPlugin)(context, 'slAddStatusToCredential')) {
+                        // Add status list if enabled (and when the input has a credentialStatus object (can be empty))
+                        const credentialStatusVC = yield context.agent.slAddStatusToCredential({ credential, statusLists });
+                        if (credential.credentialStatus && !credential.credentialStatus.statusListCredential) {
+                            credential.credentialStatus = credentialStatusVC.credentialStatus;
+                            // TODO update statusLists somehow?
+                        }
+                    }
+                    const result = yield context.agent.createVerifiableCredential(Object.assign({ credential: credential, proofFormat, removeOriginalFields: false, fetchRemoteContexts: true, domain: typeof credential.issuer === 'object' ? credential.issuer.id : credential.issuer }, (resolution.kid && { header: { kid: resolution.kid } })));
+                    return (proofFormat === 'jwt' && 'jwt' in result.proof ? result.proof.jwt : result);
+                }
+                else if (ssi_types_1.CredentialMapper.isSdJwtDecodedCredentialPayload(credential)) {
+                    const sdJwtPayload = credential;
+                    if (sdJwtPayload.iss === undefined) {
+                        sdJwtPayload.iss = issuer;
+                    }
+                    if (sdJwtPayload.iat === undefined) {
+                        sdJwtPayload.iat = Math.floor(new Date().getTime() / 1000);
+                    }
+                    let disclosureFrame;
+                    if ('disclosureFrame' in credential) {
+                        disclosureFrame = credential['disclosureFrame'];
+                        delete credential['disclosureFrame'];
+                    }
+                    else {
+                        disclosureFrame = {
+                            _sd: credential['_sd'],
+                        };
+                    }
+                    if ((0, ssi_sdk_agent_config_1.contextHasPlugin)(context, 'slAddStatusToSdJwtCredential')) {
+                        if ((sdJwtPayload.status && sdJwtPayload.status.status_list) || (statusLists && statusLists.length > 0)) {
+                            // Add status list if enabled (and when the input has a credentialStatus object (can be empty))
+                            const sdJwtPayloadWithStatus = yield context.agent.slAddStatusToSdJwtCredential({ credential: sdJwtPayload, statusLists });
+                            if ((_c = (_b = sdJwtPayload.status) === null || _b === void 0 ? void 0 : _b.status_list) === null || _c === void 0 ? void 0 : _c.idx) {
+                                if (!sdJwtPayloadWithStatus.status || !sdJwtPayloadWithStatus.status.status_list) {
+                                    // sdJwtPayload and sdJwtPayloadWithStatus is the same for now, but we should use the result anyway as this could be subject to change
+                                    return Promise.reject(Error('slAddStatusToSdJwtCredential did not return a status_list'));
+                                }
+                                // Update statusListId & statusListIndex back to the credential session TODO SSISDK-4 This is not a clean way to do this.
+                                if (statusLists && statusLists.length > 0) {
+                                    const statusList = statusLists[0];
+                                    statusList.statusListId = sdJwtPayloadWithStatus.status.status_list.uri;
+                                    statusList.statusListIndex = sdJwtPayloadWithStatus.status.status_list.idx;
+                                }
+                                sdJwtPayload.status.status_list.idx = sdJwtPayloadWithStatus.status.status_list.idx;
+                            }
+                        }
+                    }
+                    const result = yield context.agent.createSdJwtVc({
+                        credentialPayload: sdJwtPayload,
+                        disclosureFrame: disclosureFrame,
+                        resolution,
+                    });
+                    return result.credential;
+                } /*else if (CredentialMapper.isMsoMdocDecodedCredential(credential)) {
+                  TODO
+                }*/
+                return Promise.reject('VC issuance failed, an incorrect or unsupported credential was supplied');
+            });
+        }
+        return issueVCCallback;
+    });
+}
+function createVciIssuerBuilder(args, context) {
+    return __awaiter(this, void 0, void 0, function* () {
+        var _a, _b, _c, _d, _e, _f, _g, _h, _j, _k, _l, _m, _o, _p;
+        const { issuerOpts, issuerMetadata, authorizationServerMetadata } = args;
+        const builder = new oid4vci_issuer_1.VcIssuerBuilder();
+        // @ts-ignore
+        const resolver = (_k = (_e = (_a = args.resolver) !== null && _a !== void 0 ? _a : (_d = (_c = (_b = args === null || args === void 0 ? void 0 : args.issuerOpts) === null || _b === void 0 ? void 0 : _b.didOpts) === null || _c === void 0 ? void 0 : _c.resolveOpts) === null || _d === void 0 ? void 0 : _d.resolver) !== null && _e !== void 0 ? _e : (_j = (_h = (_g = (_f = args.issuerOpts) === null || _f === void 0 ? void 0 : _f.didOpts) === null || _g === void 0 ? void 0 : _g.resolveOpts) === null || _h === void 0 ? void 0 : _h.jwtVerifyOpts) === null || _j === void 0 ? void 0 : _j.resolver) !== null && _k !== void 0 ? _k : (0, ssi_sdk_ext_did_utils_1.getAgentResolver)(context);
+        if (!resolver) {
+            throw Error('A Resolver is necessary to verify DID JWTs');
+        }
+        const idOpts = (0, ssi_sdk_ext_identifier_resolution_1.legacyKeyRefsToIdentifierOpts)({ didOpts: issuerOpts.didOpts, idOpts: issuerOpts.idOpts });
+        const jwtVerifyOpts = Object.assign(Object.assign(Object.assign({}, (_m = (_l = issuerOpts === null || issuerOpts === void 0 ? void 0 : issuerOpts.didOpts) === null || _l === void 0 ? void 0 : _l.resolveOpts) === null || _m === void 0 ? void 0 : _m.jwtVerifyOpts), (_p = (_o = args === null || args === void 0 ? void 0 : args.issuerOpts) === null || _o === void 0 ? void 0 : _o.resolveOpts) === null || _p === void 0 ? void 0 : _p.jwtVerifyOpts), { resolver, audience: issuerMetadata.credential_issuer });
+        builder.withIssuerMetadata(issuerMetadata);
+        builder.withAuthorizationMetadata(authorizationServerMetadata);
+        // builder.withUserPinRequired(issuerOpts.userPinRequired ?? false) was removed from implementers draft v1
+        builder.withCredentialSignerCallback(yield getCredentialSignerCallback(idOpts, context));
+        if (issuerOpts.asClientOpts) {
+            builder.withASClientMetadata(issuerOpts.asClientOpts);
+            // @ts-ignore
+            // const authorizationServer = issuerMetadata.authorization_servers[0] as string
+            // Set the OIDC verifier
+            // builder.withJWTVerifyCallback(oidcAccessTokenVerifyCallback({clientMetadata: issuerOpts.asClientOpts, credentialIssuer: issuerMetadata.credential_issuer as string, authorizationServer}))
+        }
+        // Do not use it when asClient is used
+        builder.withJWTVerifyCallback(getJwtVerifyCallback({ verifyOpts: jwtVerifyOpts }, context));
+        if (args.credentialDataSupplier) {
+            builder.withCredentialDataSupplier(args.credentialDataSupplier);
+        }
+        builder.withInMemoryCNonceState();
+        builder.withInMemoryCredentialOfferState();
+        builder.withInMemoryCredentialOfferURIState();
+        return builder;
+    });
+}
+function createVciIssuer(_a, context_1) {
+    return __awaiter(this, arguments, void 0, function* ({ issuerOpts, issuerMetadata, authorizationServerMetadata, credentialDataSupplier, }, context) {
+        return (yield createVciIssuerBuilder({
+            issuerOpts,
+            issuerMetadata,
+            authorizationServerMetadata,
+            credentialDataSupplier,
+        }, context)).build();
+    });
+}
+function createAuthRequestUriCallback(opts) {
+    return __awaiter(this, void 0, void 0, function* () {
+        function authRequestUriCallback() {
+            return __awaiter(this, void 0, void 0, function* () {
+                const path = opts.path.replace(':definitionId', opts.presentationDefinitionId);
+                return (0, cross_fetch_1.default)(path, {
+                    method: 'POST',
+                    headers: {
+                        'Content-Type': 'application/json',
+                    },
+                }).then((response) => __awaiter(this, void 0, void 0, function* () {
+                    if (response.status >= 400) {
+                        return Promise.reject(Error(yield response.text()));
+                    }
+                    else {
+                        const responseData = yield response.json();
+                        if (!responseData.authRequestURI) {
+                            return Promise.reject(Error('Missing auth request uri in response body'));
+                        }
+                        return responseData.authRequestURI;
+                    }
+                }));
+            });
+        }
+        return authRequestUriCallback;
+    });
+}
+function createVerifyAuthResponseCallback(opts) {
+    return __awaiter(this, void 0, void 0, function* () {
+        function verifyAuthResponseCallback(correlationId) {
+            return __awaiter(this, void 0, void 0, function* () {
+                return (0, cross_fetch_1.default)(opts.path, {
+                    method: 'POST',
+                    headers: {
+                        'Content-Type': 'application/json',
+                    },
+                    body: JSON.stringify({ definitionId: opts.presentationDefinitionId, correlationId }),
+                }).then((response) => __awaiter(this, void 0, void 0, function* () {
+                    if (response.status >= 400) {
+                        return Promise.reject(Error(yield response.text()));
+                    }
+                    else {
+                        const responseData = yield response.json();
+                        if (!responseData.status) {
+                            return Promise.reject(Error('Missing status in response body'));
+                        }
+                        return responseData.status === did_auth_siop_1.AuthorizationResponseStateStatus.VERIFIED;
+                    }
+                }));
+            });
+        }
+        return verifyAuthResponseCallback;
+    });
+}
+//# sourceMappingURL=functions.js.map

package/dist/functions.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"functions.js","sourceRoot":"","sources":["../src/functions.ts"],"names":[],"mappings":";;;;;;;;;;;;;;AA2BA,oDAoEC;AAED,oDAuBC;AAED,oEA8DC;AAED,kEA6GC;AAED,wDAoDC;AAED,0CAyBC;AAED,oEAwBC;AAED,4EA2BC;AApaD,6DAA+I;AAC/I,2EAA+E;AAC/E,mGAA0H;AAC1H,yEAAiE;AAGjE,mDAA4G;AAE5G,yCAA6C;AAC7C,qCAA2E;AAE3E,2CAAsC;AAEtC,8DAA+B;AAC/B,2DAA0E;AAE1E,SAAgB,oBAAoB,CAAC,EAAE,UAAU,EAAqC,EAAE,QAA0B;IAChH,OAAO,CAAO,IAAmC,EAA4B,EAAE;;QAC7E,MAAM,QAAQ,GAAG,IAAA,wCAAgB,EAAC,QAAQ,EAAE;YAC1C,kBAAkB,EAAE,IAAI;YACxB,qBAAqB,EAAE,IAAI;YAC3B,eAAe,EAAE,IAAI;SACtB,CAAC,CAAA;QACF,UAAU,mCAAQ,UAAU,KAAE,QAAQ,EAAE,UAAU,aAAV,UAAU,uBAAV,UAAU,CAAE,QAAQ,GAAE,CAAA,CAAC,4CAA4C;QAC3G,IAAI,CAAC,CAAA,UAAU,aAAV,UAAU,uBAAV,UAAU,CAAE,QAAQ,CAAA,IAAI,OAAO,CAAA,MAAA,UAAU,aAAV,UAAU,uBAAV,UAAU,CAAE,QAAQ,0CAAE,OAAO,CAAA,KAAK,UAAU,EAAE,CAAC;YACjF,UAAU,CAAC,QAAQ,GAAG,QAAQ,CAAA;QAChC,CAAC;QACD,MAAM,MAAM,GAAG,MAAM,QAAQ,CAAC,KAAK,CAAC,qBAAqB,CAAC,EAAE,GAAG,EAAE,IAAI,CAAC,GAAG,EAAE,CAAC,CAAA;QAC5E,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE,CAAC;YAClB,MAAM,UAAU,GAAG,MAAM,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,UAAU,CAAA;YACtD,IAAI,CAAC,UAAU,EAAE,CAAC;gBAChB,OAAO,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,wDAAwD,CAAC,CAAC,CAAA;YACxF,CAAC;YACD,MAAM,OAAO,GAAG,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,CAAA;YAClC,IAAI,CAAC,OAAO,EAAE,CAAC;gBACb,OAAO,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,0BAA0B,UAAU,CAAC,MAAM,oCAAoC,CAAC,CAAC,CAAA;YAC/G,CAAC;YACD,MAAM,EAAE,GAAG,EAAE,GAAG,OAAO,CAAC,GAAG,CAAA;YAC3B,MAAM,MAAM,GAAG,IAAA,sBAAS,EAAY,IAAI,CAAC,GAAG,EAAE,EAAE,MAAM,EAAE,IAAI,EAAE,CAAC,CAAA;YAC/D,MAAM,OAAO,GAAG,IAAA,sBAAS,EAAa,IAAI,CAAC,GAAG,EAAE,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAA;YAClE,MAAM,GAAG,GAAG,MAAA,IAAI,CAAC,GAAG,mCAAI,MAAM,CAAC,GAAG,CAAA;YAClC,oFAAoF;YACpF,MAAM,GAAG,GAAG,OAAO,CAAC,GAAG,CAAA,CAAC,8BAA8B;YACtD,OAAO,0DACL,GAAG,IACA,UAAU,KACb,GAAG,EAAE,EAAE,MAAM,EAAE,OAAO,EAAE,KACrB,CAAC,GAAG,IAAI,EAAE,GAAG,EAAE,CAAC,GAChB,CAAC,GAAG,IAAI,EAAE,GAAG,EAAE,CAAC,CACD,CAAA;QACtB,CAAC;QAED,MAAM,UAAU,GAAG,CAAC,MAAM,IAAA,mBAAS,EAAC,IAAI,CAAC,GAAG,CAAC,CAAQ,CAAA;QACrD,MAAM,GAAG,GAAG,MAAA,IAAI,CAAC,GAAG,mCAAI,UAAU,CAAC,MAAM,CAAC,GAAG,CAAA;QAE7C,IAAI,CAAC,GAAG,IAAI,CAAC,GAAG,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC;YACpC,6FAA6F;YAC7F,OAAO;gBACL,GAAG,EAAE,UAAU,CAAC,MAAM,CAAC,GAAG;gBAC1B,GAAG,EAAE,UAAU;aACG,CAAA;QACtB,CAAC;QACD,MAAM,GAAG,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAA;QAE7B,MAAM,SAAS,GAAG,MAAM,IAAA,mBAAS,EAAC,IAAI,CAAC,GAAG,EAAE,UAAU,CAAC,CAAA;QACvD,IAAI,CAAC,SAAS,CAAC,QAAQ,EAAE,CAAC;YACxB,OAAO,CAAC,GAAG,CAAC,gBAAgB,IAAI,CAAC,GAAG,EAAE,CAAC,CAAA;YACvC,MAAM,KAAK,CAAC,iCAAiC,CAAC,CAAA;QAChD,CAAC;QAED,MAAM,aAAa,GAAG,MAAM,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,CAAA;QACjD,IAAI,CAAC,aAAa,IAAI,CAAC,aAAa,CAAC,WAAW,EAAE,CAAC;YACjD,MAAM,KAAK,CAAC,0BAA0B,GAAG,eAAe,aAAa,aAAb,aAAa,uBAAb,aAAa,CAAE,qBAAqB,EAAE,CAAC,CAAA;QACjG,CAAC;QAED,MAAM,GAAG,GAAG,UAAU,CAAC,MAAM,CAAC,GAAG,CAAA;QACjC,OAAO;YACL,GAAG;YACH,GAAG;YACH,GAAG;YACH,WAAW,EAAE,aAAa,CAAC,WAAW;YACtC,GAAG,EAAE,UAAU;SAChB,CAAA;IACH,CAAC,CAAA,CAAA;AACH,CAAC;AAED,SAAsB,oBAAoB,CACxC,IAiBC,EACD,OAAyB;;QAEzB,IAAI,UAAU,GAAG,IAAA,iEAA6B,EAAC,IAAI,CAAC,CAAA;QACpD,OAAO,MAAM,OAAO,CAAC,KAAK,CAAC,oBAAoB,CAAC,UAAU,CAAC,CAAA;IAC7D,CAAC;CAAA;AAED,SAAsB,4BAA4B,CAChD,IAiBC,EACD,OAAyB;;QAEzB,MAAM,MAAM,GAAG,CAAO,IAAyB,EAAE,EAAE;YACjD,IAAI,UAAU,EAAE,QAA8B,CAAA;YAE9C,MAAM,UAAU,GAAG,MAAM,IAAA,iEAA6B,EAAC,IAAI,CAAC,CAAA;YAC5D,MAAM,MAAM,GAAG,UAAU,CAAC,SAAS,CAAA;YACnC,IAAI,CAAC,MAAM,EAAE,CAAC;gBACZ,MAAM,KAAK,CAAC,6CAA6C,CAAC,CAAA;YAC5D,CAAC;YACD,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE,CAAC;gBAC7B,UAAU,GAAG,IAAI,CAAA;gBACjB,QAAQ,GAAG,SAAS,CAAA;YACtB,CAAC;iBAAM,CAAC;gBACN,UAAU,GAAG,IAAA,qBAAa,EAAC,IAAI,CAAC,CAAA;gBAChC,QAAQ,GAAG,QAAQ,CAAA;YACrB,CAAC;YACD,OAAO,OAAO,CAAC,KAAK,CAAC,cAAc,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,UAAU,EAAE,QAAQ,EAAE,CAAC,CAAA;QAC7E,CAAC,CAAA,CAAA;QAED,SAAe,yBAAyB,CAAC,GAAQ,EAAE,GAAY;;;gBAC7D,MAAM,MAAM,GACV,MAAA,MAAA,IAAI,CAAC,MAAM,0CAAE,MAAM,mCACnB,CAAC,OAAO,CAAA,MAAA,IAAI,CAAC,MAAM,0CAAE,UAAU,CAAA,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,MAAA,MAAA,MAAA,MAAA,IAAI,CAAC,OAAO,0CAAE,MAAM,0CAAE,UAAU,0CAAE,QAAQ,EAAE,mCAAI,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,GAAG,CAAC,CAAC,CAAA;gBACtI,IAAI,CAAC,MAAM,EAAE,CAAC;oBACZ,MAAM,KAAK,CAAC,wCAAwC,CAAC,CAAA;gBACvD,CAAC;gBAED,IAAI,SAAS,GAAuB,MAAA,MAAA,GAAG,aAAH,GAAG,uBAAH,GAAG,CAAE,MAAM,0CAAE,GAAG,mCAAI,GAAG,CAAA;gBAC3D,IAAI,CAAC,SAAS,EAAE,CAAC;oBACf,IACE,CAAA,MAAA,IAAI,CAAC,MAAM,0CAAE,MAAM,MAAK,KAAK;wBAC7B,CAAA,MAAA,IAAI,CAAC,MAAM,0CAAE,MAAM,MAAK,KAAK;wBAC7B,CAAC,OAAO,CAAA,MAAA,IAAI,CAAC,OAAO,0CAAE,MAAM,CAAC,UAAU,CAAA,KAAK,QAAQ,KAAI,MAAA,MAAA,MAAA,IAAI,CAAC,OAAO,0CAAE,MAAM,0CAAE,UAAU,0CAAE,UAAU,CAAC,MAAM,CAAC,CAAA,CAAC,EAC7G,CAAC;wBACD,aAAa;wBACb,SAAS,GAAG,MAAA,MAAA,MAAA,IAAI,CAAC,MAAM,0CAAE,GAAG,mCAAI,MAAA,MAAA,IAAI,CAAC,OAAO,0CAAE,MAAM,0CAAE,GAAG,mCAAI,MAAA,MAAA,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,OAAO,0CAAE,cAAc,0CAAE,GAAG,CAAA;oBACjG,CAAC;gBACH,CAAC;gBACD,OAAO,MAAM,IAAA,mBAAS,EAAC,GAAG,CAAC,OAAO,EAAE,EAAE,MAAM,EAAE,MAAM,EAAE,gDAAO,GAAG,CAAC,MAAM,GAAK,CAAC,SAAS,IAAI,EAAE,GAAG,EAAE,SAAS,EAAE,CAAC,KAAE,GAAG,EAAE,KAAK,IAAG,CAAA;YAC9H,CAAC;SAAA;QAED,OAAO,yBAAyB,CAAA;IAClC,CAAC;CAAA;AAED,SAAsB,2BAA2B,CAC/C,MAEC,EACD,OAAyB;;QAEzB,SAAe,eAAe,CAAC,IAM9B;;;gBACC,MAAM,EAAE,eAAe,EAAE,MAAM,EAAE,WAAW,EAAE,GAAG,IAAI,CAAA;gBACrD,MAAM,UAAU,GAAG,IAAI,CAAC,UAAyB,CAAA,CAAC,cAAc;gBAChE,IAAI,WAAwB,CAAA;gBAE5B,MAAM,UAAU,GAAG,MAAM,OAAO,CAAC,KAAK,CAAC,oBAAoB,CAAC,MAAM,CAAC,CAAA;gBACnE,WAAW,GAAG,CAAA,MAAM,aAAN,MAAM,uBAAN,MAAM,CAAE,QAAQ,CAAC,IAAI,CAAC,EAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,KAAK,CAAA;gBACpD,MAAM,MAAM,GAAG,MAAA,UAAU,CAAC,MAAM,mCAAI,UAAU,CAAC,SAAS,CAAA;gBAExD,IAAI,4BAAgB,CAAC,eAAe,CAAC,UAAU,CAAC,EAAE,CAAC;oBACjD,IAAI,CAAC,UAAU,CAAC,MAAM,EAAE,CAAC;wBACvB,UAAU,CAAC,MAAM,GAAG,EAAE,EAAE,EAAE,MAAM,EAAE,CAAA;oBACpC,CAAC;yBAAM,IAAI,OAAO,UAAU,CAAC,MAAM,KAAK,QAAQ,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE,EAAE,CAAC;wBAC1E,UAAU,CAAC,MAAM,CAAC,EAAE,GAAG,MAAM,CAAA;oBAC/B,CAAC;oBACD,MAAM,cAAc,GAAG,KAAK,CAAC,OAAO,CAAC,UAAU,CAAC,iBAAiB,CAAC,CAAA;oBAClE,IAAI,kBAAkB,GAAG,KAAK,CAAC,OAAO,CAAC,UAAU,CAAC,iBAAiB,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,iBAAiB,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,iBAAiB,CAAC,CAAA;oBACpI,kBAAkB,GAAG,kBAAkB,CAAC,GAAG,CAAC,CAAC,OAAO,EAAE,EAAE;wBACtD,IAAI,CAAC,OAAO,CAAC,EAAE,EAAE,CAAC;4BAChB,OAAO,CAAC,EAAE,GAAG,eAAe,CAAC,GAAG,CAAA;wBAClC,CAAC;wBACD,OAAO,OAAO,CAAA;oBAChB,CAAC,CAAC,CAAA;oBACF,UAAU,CAAC,iBAAiB,GAAG,cAAc,CAAC,CAAC,CAAC,kBAAkB,CAAC,CAAC,CAAC,kBAAkB,CAAC,CAAC,CAAC,CAAA;oBAE1F,mHAAmH;oBACnH,IAAI,IAAA,uCAAgB,EAAoB,OAAO,EAAE,yBAAyB,CAAC,EAAE,CAAC;wBAC5E,+FAA+F;wBAC/F,MAAM,kBAAkB,GAAG,MAAM,OAAO,CAAC,KAAK,CAAC,uBAAuB,CAAC,EAAE,UAAU,EAAE,WAAW,EAAE,CAAC,CAAA;wBACnG,IAAI,UAAU,CAAC,gBAAgB,IAAI,CAAC,UAAU,CAAC,gBAAgB,CAAC,oBAAoB,EAAE,CAAC;4BACrF,UAAU,CAAC,gBAAgB,GAAG,kBAAkB,CAAC,gBAAgB,CAAA;4BACjE,mCAAmC;wBACrC,CAAC;oBACH,CAAC;oBAED,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,KAAK,CAAC,0BAA0B,iBAC3D,UAAU,EAAE,UAA+B,EAC3C,WAAW,EACX,oBAAoB,EAAE,KAAK,EAC3B,mBAAmB,EAAE,IAAI,EACzB,MAAM,EAAE,OAAO,UAAU,CAAC,MAAM,KAAK,QAAQ,CAAC,CAAC,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC,UAAU,CAAC,MAAM,IACrF,CAAC,UAAU,CAAC,GAAG,IAAI,EAAE,MAAM,EAAE,EAAE,GAAG,EAAE,UAAU,CAAC,GAAG,EAAE,EAAE,CAAC,EAC1D,CAAA;oBACF,OAAO,CAAC,WAAW,KAAK,KAAK,IAAI,KAAK,IAAI,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,MAAM,CAA4B,CAAA;gBAChH,CAAC;qBAAM,IAAI,4BAAgB,CAAC,+BAA+B,CAAC,UAAU,CAAC,EAAE,CAAC;oBACxE,MAAM,YAAY,GAAG,UAA4B,CAAA;oBACjD,IAAI,YAAY,CAAC,GAAG,KAAK,SAAS,EAAE,CAAC;wBACnC,YAAY,CAAC,GAAG,GAAG,MAAM,CAAA;oBAC3B,CAAC;oBACD,IAAI,YAAY,CAAC,GAAG,KAAK,SAAS,EAAE,CAAC;wBACnC,YAAY,CAAC,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,GAAG,IAAI,CAAC,CAAA;oBAC5D,CAAC;oBAED,IAAI,eAAe,CAAA;oBACnB,IAAI,iBAAiB,IAAI,UAAU,EAAE,CAAC;wBACpC,eAAe,GAAG,UAAU,CAAC,iBAAiB,CAAC,CAAA;wBAC/C,OAAO,UAAU,CAAC,iBAAiB,CAAC,CAAA;oBACtC,CAAC;yBAAM,CAAC;wBACN,eAAe,GAAG;4BAChB,GAAG,EAAE,UAAU,CAAC,KAAK,CAAC;yBACvB,CAAA;oBACH,CAAC;oBAED,IAAI,IAAA,uCAAgB,EAAoB,OAAO,EAAE,8BAA8B,CAAC,EAAE,CAAC;wBACjF,IAAI,CAAC,YAAY,CAAC,MAAM,IAAI,YAAY,CAAC,MAAM,CAAC,WAAW,CAAC,IAAI,CAAC,WAAW,IAAI,WAAW,CAAC,MAAM,GAAG,CAAC,CAAC,EAAE,CAAC;4BACxG,+FAA+F;4BAC/F,MAAM,sBAAsB,GAAG,MAAM,OAAO,CAAC,KAAK,CAAC,4BAA4B,CAAC,EAAE,UAAU,EAAE,YAAY,EAAE,WAAW,EAAE,CAAC,CAAA;4BAC1H,IAAI,MAAA,MAAA,YAAY,CAAC,MAAM,0CAAE,WAAW,0CAAE,GAAG,EAAE,CAAC;gCAC1C,IAAI,CAAC,sBAAsB,CAAC,MAAM,IAAI,CAAC,sBAAsB,CAAC,MAAM,CAAC,WAAW,EAAE,CAAC;oCACjF,sIAAsI;oCACtI,OAAO,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,2DAA2D,CAAC,CAAC,CAAA;gCAC3F,CAAC;gCAED,yHAAyH;gCACzH,IAAI,WAAW,IAAI,WAAW,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;oCAC1C,MAAM,UAAU,GAAG,WAAW,CAAC,CAAC,CAAC,CAAA;oCACjC,UAAU,CAAC,YAAY,GAAG,sBAAsB,CAAC,MAAM,CAAC,WAAW,CAAC,GAAG,CAAA;oCACvE,UAAU,CAAC,eAAe,GAAG,sBAAsB,CAAC,MAAM,CAAC,WAAW,CAAC,GAAG,CAAA;gCAC5E,CAAC;gCACD,YAAY,CAAC,MAAM,CAAC,WAAW,CAAC,GAAG,GAAG,sBAAsB,CAAC,MAAM,CAAC,WAAW,CAAC,GAAG,CAAA;4BACrF,CAAC;wBACH,CAAC;oBACH,CAAC;oBAED,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,KAAK,CAAC,aAAa,CAAC;wBAC/C,iBAAiB,EAAE,YAAY;wBAC/B,eAAe,EAAE,eAAe;wBAChC,UAAU;qBACX,CAAC,CAAA;oBACF,OAAO,MAAM,CAAC,UAAU,CAAA;gBAC1B,CAAC,CAAC;;mBAEC;gBACH,OAAO,OAAO,CAAC,MAAM,CAAC,yEAAyE,CAAC,CAAA;YAClG,CAAC;SAAA;QAED,OAAO,eAAe,CAAA;IACxB,CAAC;CAAA;AAED,SAAsB,sBAAsB,CAC1C,IAMC,EACD,OAAyB;;;QAEzB,MAAM,EAAE,UAAU,EAAE,cAAc,EAAE,2BAA2B,EAAE,GAAG,IAAI,CAAA;QAExE,MAAM,OAAO,GAAG,IAAI,gCAAe,EAAE,CAAA;QACrC,aAAa;QACb,MAAM,QAAQ,GACZ,MAAA,MAAA,MAAA,IAAI,CAAC,QAAQ,mCACb,MAAA,MAAA,MAAA,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,UAAU,0CAAE,OAAO,0CAAE,WAAW,0CAAE,QAAQ,mCAChD,MAAA,MAAA,MAAA,MAAA,IAAI,CAAC,UAAU,0CAAE,OAAO,0CAAE,WAAW,0CAAE,aAAa,0CAAE,QAAQ,mCAC9D,IAAA,wCAAgB,EAAC,OAAO,CAAC,CAAA;QAC3B,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,MAAM,KAAK,CAAC,4CAA4C,CAAC,CAAA;QAC3D,CAAC;QACD,MAAM,MAAM,GAAG,IAAA,iEAA6B,EAAC,EAAE,OAAO,EAAE,UAAU,CAAC,OAAO,EAAE,MAAM,EAAE,UAAU,CAAC,MAAM,EAAE,CAAC,CAAA;QACxG,MAAM,aAAa,iDACd,MAAA,MAAA,UAAU,aAAV,UAAU,uBAAV,UAAU,CAAE,OAAO,0CAAE,WAAW,0CAAE,aAAa,GAC/C,MAAA,MAAA,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,UAAU,0CAAE,WAAW,0CAAE,aAAa,KAC/C,QAAQ,EACR,QAAQ,EAAE,cAAc,CAAC,iBAA2B,GACrD,CAAA;QACD,OAAO,CAAC,kBAAkB,CAAC,cAAc,CAAC,CAAA;QAC1C,OAAO,CAAC,yBAAyB,CAAC,2BAA2B,CAAC,CAAA;QAC9D,0GAA0G;QAC1G,OAAO,CAAC,4BAA4B,CAAC,MAAM,2BAA2B,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,CAAA;QAExF,IAAI,UAAU,CAAC,YAAY,EAAE,CAAC;YAC5B,OAAO,CAAC,oBAAoB,CAAC,UAAU,CAAC,YAAY,CAAC,CAAA;YACrD,aAAa;YACb,gFAAgF;YAChF,wBAAwB;YACxB,6LAA6L;QAC/L,CAAC;QACD,sCAAsC;QACtC,OAAO,CAAC,qBAAqB,CAAC,oBAAoB,CAAC,EAAE,UAAU,EAAE,aAAa,EAAE,EAAE,OAAO,CAAC,CAAC,CAAA;QAE3F,IAAI,IAAI,CAAC,sBAAsB,EAAE,CAAC;YAChC,OAAO,CAAC,0BAA0B,CAAC,IAAI,CAAC,sBAAsB,CAAC,CAAA;QACjE,CAAC;QACD,OAAO,CAAC,uBAAuB,EAAE,CAAA;QACjC,OAAO,CAAC,gCAAgC,EAAE,CAAA;QAC1C,OAAO,CAAC,mCAAmC,EAAE,CAAA;QAE7C,OAAO,OAAO,CAAA;IAChB,CAAC;CAAA;AAED,SAAsB,eAAe;yDACnC,EACE,UAAU,EACV,cAAc,EACd,2BAA2B,EAC3B,sBAAsB,GAMvB,EACD,OAAyB;QAEzB,OAAO,CACL,MAAM,sBAAsB,CAC1B;YACE,UAAU;YACV,cAAc;YACd,2BAA2B;YAC3B,sBAAsB;SACvB,EACD,OAAO,CACR,CACF,CAAC,KAAK,EAAE,CAAA;IACX,CAAC;CAAA;AAED,SAAsB,4BAA4B,CAAC,IAAwD;;QACzG,SAAe,sBAAsB;;gBACnC,MAAM,IAAI,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,eAAe,EAAE,IAAI,CAAC,wBAAwB,CAAC,CAAA;gBAC9E,OAAO,IAAA,qBAAK,EAAC,IAAI,EAAE;oBACjB,MAAM,EAAE,MAAM;oBACd,OAAO,EAAE;wBACP,cAAc,EAAE,kBAAkB;qBACnC;iBACF,CAAC,CAAC,IAAI,CAAC,CAAO,QAAQ,EAAmB,EAAE;oBAC1C,IAAI,QAAQ,CAAC,MAAM,IAAI,GAAG,EAAE,CAAC;wBAC3B,OAAO,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC,CAAC,CAAA;oBACrD,CAAC;yBAAM,CAAC;wBACN,MAAM,YAAY,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAA;wBAE1C,IAAI,CAAC,YAAY,CAAC,cAAc,EAAE,CAAC;4BACjC,OAAO,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,2CAA2C,CAAC,CAAC,CAAA;wBAC3E,CAAC;wBAED,OAAO,YAAY,CAAC,cAAc,CAAA;oBACpC,CAAC;gBACH,CAAC,CAAA,CAAC,CAAA;YACJ,CAAC;SAAA;QAED,OAAO,sBAAsB,CAAA;IAC/B,CAAC;CAAA;AAED,SAAsB,gCAAgC,CAAC,IAGtD;;QACC,SAAe,0BAA0B,CAAC,aAAqB;;gBAC7D,OAAO,IAAA,qBAAK,EAAC,IAAI,CAAC,IAAI,EAAE;oBACtB,MAAM,EAAE,MAAM;oBACd,OAAO,EAAE;wBACP,cAAc,EAAE,kBAAkB;qBACnC;oBACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,YAAY,EAAE,IAAI,CAAC,wBAAwB,EAAE,aAAa,EAAE,CAAC;iBACrF,CAAC,CAAC,IAAI,CAAC,CAAO,QAAQ,EAAoB,EAAE;oBAC3C,IAAI,QAAQ,CAAC,MAAM,IAAI,GAAG,EAAE,CAAC;wBAC3B,OAAO,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC,CAAC,CAAA;oBACrD,CAAC;yBAAM,CAAC;wBACN,MAAM,YAAY,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAA;wBAE1C,IAAI,CAAC,YAAY,CAAC,MAAM,EAAE,CAAC;4BACzB,OAAO,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,iCAAiC,CAAC,CAAC,CAAA;wBACjE,CAAC;wBAED,OAAO,YAAY,CAAC,MAAM,KAAK,gDAAgC,CAAC,QAAQ,CAAA;oBAC1E,CAAC;gBACH,CAAC,CAAA,CAAC,CAAA;YACJ,CAAC;SAAA;QAED,OAAO,0BAA0B,CAAA;IACnC,CAAC;CAAA"}

package/dist/index.d.ts

@@ -1,210 +1,10 @@
-import { IPluginMethodMap, IAgentContext, IDIDManager, IResolver, IKeyManager, ICredentialIssuer, IAgentPlugin } from '@veramo/core';
-import { CredentialDataSupplier, VcIssuer, CredentialSignerCallback, VcIssuerBuilder } from '@sphereon/oid4vci-issuer';
-import { Grant, CredentialConfigurationSupported, JsonLdIssuerCredentialDefinition, CredentialDataSupplierInput, QRCodeOpts, StatusListOpts, CredentialOfferMode, CredentialOfferSession, CredentialRequest, CredentialResponse, AccessTokenRequest, AccessTokenResponse, ClientMetadata, CredentialIssuerMetadataOpts, IssuerMetadata, AuthorizationServerMetadata, JwtVerifyResult, Jwt } from '@sphereon/oid4vci-common';
-import { ResolveOpts, IDIDOptions } from '@sphereon/ssi-sdk-ext.did-utils';
-import * as _sphereon_ssi_sdk_ext_identifier_resolution from '@sphereon/ssi-sdk-ext.identifier-resolution';
-import { IIdentifierResolution, ManagedIdentifierOptsOrResult } from '@sphereon/ssi-sdk-ext.identifier-resolution';
-import { IOID4VCIStore } from '@sphereon/ssi-sdk.oid4vci-issuer-store';
-import { ICredential } from '@sphereon/ssi-types';
-import { IJwtService } from '@sphereon/ssi-sdk-ext.jwt-service';
-import { JWTVerifyOptions } from 'did-jwt';
-import { Resolvable } from 'did-resolver';
-
-type IssuerCredentialDefinition = JsonLdIssuerCredentialDefinition;
-interface IOID4VCIIssuer extends IPluginMethodMap {
-    oid4vciCreateOfferURI(createArgs: ICreateOfferArgs, context: IRequiredContext): Promise<ICreateCredentialOfferURIResult>;
-    oid4vciIssueCredential(issueArgs: IIssueCredentialArgs, context: IRequiredContext): Promise<CredentialResponse>;
-    oid4vciCreateAccessTokenResponse(accessTokenArgs: IAssertValidAccessTokenArgs, context: IRequiredContext): Promise<AccessTokenResponse>;
-    oid4vciGetInstance(args: IIssuerInstanceArgs, context: IRequiredContext): Promise<IssuerInstance>;
-}
-interface IOID4VCIIssuerOpts {
-    defaultStoreId?: string;
-    defaultNamespace?: string;
-    resolveOpts?: ResolveOpts;
-    returnSessions?: boolean;
-}
-interface ICreateOfferArgs extends IIssuerInstanceArgs {
-    grants?: Grant;
-    credentials?: Record<string, CredentialConfigurationSupported>;
-    credentialDefinition?: IssuerCredentialDefinition;
-    credentialOfferUri?: string;
-    credentialDataSupplierInput?: CredentialDataSupplierInput;
-    redirectUri?: string;
-    correlationId?: string;
-    sessionLifeTimeInSec?: number;
-    qrCodeOpts?: QRCodeOpts;
-    client_id?: string;
-    statusListOpts?: Array<StatusListOpts>;
-    offerMode?: CredentialOfferMode;
-    baseUri?: string;
-    scheme?: string;
-    pinLength?: number;
-}
-interface IIssueCredentialArgs extends IIssuerInstanceArgs {
-    credentialRequest: CredentialRequest;
-    credential?: ICredential;
-    credentialDataSupplier?: CredentialDataSupplier;
-    credentialDataSupplierInput?: CredentialDataSupplierInput;
-    newCNonce?: string;
-    cNonceExpiresIn?: number;
-    tokenExpiresIn?: number;
-    responseCNonce?: string;
-}
-interface IAssertValidAccessTokenArgs extends IIssuerInstanceArgs {
-    request: AccessTokenRequest;
-    expirationDuration: number;
-}
-interface IIssuerInstanceArgs {
-    credentialIssuer: string;
-    storeId?: string;
-    namespace?: string;
-}
-interface IIssuerInstanceOptions extends IMetadataOptions {
-    issuerOpts?: IIssuerOptions;
-    metadataOpts?: CredentialIssuerMetadataOpts;
-}
-interface IIssuerOptions {
-    asClientOpts?: ClientMetadata;
-    idOpts?: ManagedIdentifierOptsOrResult;
-    resolveOpts?: ResolveOpts;
-    /**
-     * @deprecated: use idOpts
-     */
-    didOpts?: IDIDOptions;
-    userPinRequired?: boolean;
-    cNonceExpiresIn?: number;
-    /**
-     * Used in the callbacks for the first party flow
-     */
-    presentationDefinitionId?: string;
-}
-interface IMetadataOptions {
-    credentialIssuer: string;
-    storeId?: string;
-    storeNamespace?: string;
-}
-type ICreateCredentialOfferURIResult = {
-    uri: string;
-    session?: CredentialOfferSession;
-    userPin?: string;
-    userPinLength?: number;
-};
-type IRequiredContext = IAgentContext<IIdentifierResolution & IDIDManager & IResolver & IKeyManager & ICredentialIssuer & IOID4VCIStore & IJwtService>;
-
-declare class IssuerInstance {
-    private _issuer;
-    private readonly _metadataOptions;
-    private readonly _issuerOptions;
-    private _issuerMetadata;
-    private readonly _authorizationServerMetadata;
-    constructor({ issuerOpts, metadataOpts, issuerMetadata, authorizationServerMetadata, }: {
-        issuerOpts: IIssuerOptions;
-        metadataOpts: IMetadataOptions;
-        issuerMetadata: IssuerMetadata;
-        authorizationServerMetadata: AuthorizationServerMetadata;
-    });
-    get(opts: {
-        context: IRequiredContext;
-        credentialDataSupplier?: CredentialDataSupplier;
-    }): Promise<VcIssuer>;
-    get issuerOptions(): IIssuerOptions;
-    get metadataOptions(): IMetadataOptions;
-    get issuerMetadata(): IssuerMetadata;
-    set issuerMetadata(value: IssuerMetadata);
-    get authorizationServerMetadata(): AuthorizationServerMetadata;
-}
-
-declare class OID4VCIIssuer implements IAgentPlugin {
-    private static readonly _DEFAULT_OPTS_KEY;
-    private readonly instances;
-    readonly schema: any;
-    readonly methods: IOID4VCIIssuer;
-    private _opts;
-    constructor(opts?: IOID4VCIIssuerOpts);
-    private oid4vciCreateOfferURI;
-    private oid4vciIssueCredential;
-    private oid4vciCreateAccessTokenResponse;
-    private getExternalAS;
-    private createIssuerInstance;
-    oid4vciGetInstance(args: IIssuerInstanceArgs, context: IRequiredContext): Promise<IssuerInstance>;
-    private getIssuerOptsFromStore;
-    private getMetadataOpts;
-    private getIssuerMetadata;
-    private getAuthorizationServerMetadataFromStore;
-    private storeId;
-    private namespace;
-}
-
-declare function getJwtVerifyCallback({ verifyOpts }: {
-    verifyOpts?: JWTVerifyOptions;
-}, _context: IRequiredContext): (args: {
-    jwt: string;
-    kid?: string;
-}) => Promise<JwtVerifyResult>;
-declare function getAccessTokenKeyRef(opts: {
-    /**
-     * Uniform identifier options
-     */
-    idOpts?: ManagedIdentifierOptsOrResult;
-    /**
-     * @deprecated
-     */
-    iss?: string;
-    /**
-     * @deprecated
-     */
-    keyRef?: string;
-    /**
-     * @deprecated
-     */
-    didOpts?: IDIDOptions;
-}, context: IRequiredContext): Promise<_sphereon_ssi_sdk_ext_identifier_resolution.ManagedIdentifierResult>;
-declare function getAccessTokenSignerCallback(opts: {
-    /**
-     * Uniform identifier options
-     */
-    idOpts?: ManagedIdentifierOptsOrResult;
-    /**
-     * @deprecated
-     */
-    iss?: string;
-    /**
-     * @deprecated
-     */
-    keyRef?: string;
-    /**
-     * @deprecated
-     */
-    didOpts?: IDIDOptions;
-}, context: IRequiredContext): Promise<(jwt: Jwt, kid?: string) => Promise<string>>;
-declare function getCredentialSignerCallback(idOpts: ManagedIdentifierOptsOrResult & {
-    crypto?: Crypto;
-}, context: IRequiredContext): Promise<CredentialSignerCallback>;
-declare function createVciIssuerBuilder(args: {
-    issuerOpts: IIssuerOptions;
-    issuerMetadata: IssuerMetadata;
-    authorizationServerMetadata: AuthorizationServerMetadata;
-    resolver?: Resolvable;
-    credentialDataSupplier?: CredentialDataSupplier;
-}, context: IRequiredContext): Promise<VcIssuerBuilder>;
-declare function createVciIssuer({ issuerOpts, issuerMetadata, authorizationServerMetadata, credentialDataSupplier, }: {
-    issuerOpts: IIssuerOptions;
-    issuerMetadata: IssuerMetadata;
-    authorizationServerMetadata: AuthorizationServerMetadata;
-    credentialDataSupplier?: CredentialDataSupplier;
-}, context: IRequiredContext): Promise<VcIssuer>;
-declare function createAuthRequestUriCallback(opts: {
-    path: string;
-    presentationDefinitionId: string;
-}): Promise<() => Promise<string>>;
-declare function createVerifyAuthResponseCallback(opts: {
-    path: string;
-    presentationDefinitionId: string;
-}): Promise<(correlationId: string) => Promise<boolean>>;
-
 /**
  * @public
  */
 declare const schema: any;
-
-export { type IAssertValidAccessTokenArgs, type ICreateCredentialOfferURIResult, type ICreateOfferArgs, type IIssueCredentialArgs, type IIssuerInstanceArgs, type IIssuerInstanceOptions, type IIssuerOptions, type IMetadataOptions, type IOID4VCIIssuer, type IOID4VCIIssuerOpts, type IRequiredContext, type IssuerCredentialDefinition, IssuerInstance, OID4VCIIssuer, createAuthRequestUriCallback, createVciIssuer, createVciIssuerBuilder, createVerifyAuthResponseCallback, getAccessTokenKeyRef, getAccessTokenSignerCallback, getCredentialSignerCallback, getJwtVerifyCallback, schema };
+export { schema };
+export { OID4VCIIssuer } from './agent/OID4VCIIssuer';
+export * from './functions';
+export * from './IssuerInstance';
+export * from './types/IOID4VCIIssuer';
+//# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;GAEG;AACH,QAAA,MAAM,MAAM,KAAmC,CAAA;AAC/C,OAAO,EAAE,MAAM,EAAE,CAAA;AACjB,OAAO,EAAE,aAAa,EAAE,MAAM,uBAAuB,CAAA;AACrD,cAAc,aAAa,CAAA;AAC3B,cAAc,kBAAkB,CAAA;AAChC,cAAc,wBAAwB,CAAA"}