@sphereon/ssi-sdk.presentation-exchange 0.33.1-next.2 → 0.33.1-next.68

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (20) hide show
  1. package/dist/index.cjs +619 -0
  2. package/dist/index.cjs.map +1 -0
  3. package/dist/index.d.cts +83 -0
  4. package/dist/index.d.ts +79 -5
  5. package/dist/index.js +597 -25
  6. package/dist/index.js.map +1 -1
  7. package/package.json +27 -17
  8. package/dist/agent/PresentationExchange.d.ts +0 -16
  9. package/dist/agent/PresentationExchange.d.ts.map +0 -1
  10. package/dist/agent/PresentationExchange.js +0 -120
  11. package/dist/agent/PresentationExchange.js.map +0 -1
  12. package/dist/functions.d.ts +0 -13
  13. package/dist/functions.d.ts.map +0 -1
  14. package/dist/functions.js +0 -148
  15. package/dist/functions.js.map +0 -1
  16. package/dist/index.d.ts.map +0 -1
  17. package/dist/types/IPresentationExchange.d.ts +0 -55
  18. package/dist/types/IPresentationExchange.d.ts.map +0 -1
  19. package/dist/types/IPresentationExchange.js +0 -3
  20. package/dist/types/IPresentationExchange.js.map +0 -1
package/dist/index.cjs ADDED
@@ -0,0 +1,619 @@
1
+ "use strict";
2
+ var __defProp = Object.defineProperty;
3
+ var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
4
+ var __getOwnPropNames = Object.getOwnPropertyNames;
5
+ var __hasOwnProp = Object.prototype.hasOwnProperty;
6
+ var __name = (target, value) => __defProp(target, "name", { value, configurable: true });
7
+ var __commonJS = (cb, mod) => function __require() {
8
+ return mod || (0, cb[__getOwnPropNames(cb)[0]])((mod = { exports: {} }).exports, mod), mod.exports;
9
+ };
10
+ var __export = (target, all) => {
11
+ for (var name in all)
12
+ __defProp(target, name, { get: all[name], enumerable: true });
13
+ };
14
+ var __copyProps = (to, from, except, desc) => {
15
+ if (from && typeof from === "object" || typeof from === "function") {
16
+ for (let key of __getOwnPropNames(from))
17
+ if (!__hasOwnProp.call(to, key) && key !== except)
18
+ __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
19
+ }
20
+ return to;
21
+ };
22
+ var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
23
+
24
+ // plugin.schema.json
25
+ var require_plugin_schema = __commonJS({
26
+ "plugin.schema.json"(exports, module2) {
27
+ module2.exports = {
28
+ IDidAuthSiopOpAuthenticator: {
29
+ components: {
30
+ schemas: {
31
+ IGetSiopSessionArgs: {
32
+ type: "object",
33
+ properties: {
34
+ sessionId: {
35
+ type: "string"
36
+ },
37
+ additionalProperties: false
38
+ },
39
+ required: ["sessionId"],
40
+ description: "Arguments needed for {@link DidAuthSiopOpAuthenticator.getSessionForSiop } "
41
+ },
42
+ IRegisterSiopSessionArgs: {
43
+ type: "object",
44
+ properties: {
45
+ identifier: {
46
+ type: "object",
47
+ properties: {
48
+ did: {
49
+ type: "string"
50
+ },
51
+ alias: {
52
+ type: "string"
53
+ },
54
+ provider: {
55
+ type: "string"
56
+ },
57
+ controllerKeyId: {
58
+ type: "string"
59
+ },
60
+ keys: {
61
+ type: "array",
62
+ items: {
63
+ type: "object",
64
+ properties: {
65
+ additionalProperties: true
66
+ }
67
+ }
68
+ },
69
+ services: {
70
+ type: "array",
71
+ items: {
72
+ type: "object",
73
+ properties: {
74
+ additionalProperties: true
75
+ }
76
+ }
77
+ }
78
+ },
79
+ additionalProperties: false,
80
+ required: ["did", "provider", "keys", "services"]
81
+ },
82
+ sessionId: {
83
+ type: "string"
84
+ },
85
+ expiresIn: {
86
+ type: "number"
87
+ },
88
+ additionalProperties: false
89
+ },
90
+ required: ["identifier"],
91
+ description: "Arguments needed for {@link DidAuthSiopOpAuthenticator.registerSessionForSiop } "
92
+ },
93
+ IRemoveSiopSessionArgs: {
94
+ type: "object",
95
+ properties: {
96
+ sessionId: {
97
+ type: "string"
98
+ },
99
+ additionalProperties: false
100
+ },
101
+ required: ["sessionId"],
102
+ description: "Arguments needed for {@link DidAuthSiopOpAuthenticator.removeSessionForSiop } "
103
+ },
104
+ IAuthenticateWithSiopArgs: {
105
+ type: "object",
106
+ properties: {
107
+ sessionId: {
108
+ type: "string"
109
+ },
110
+ stateId: {
111
+ type: "string"
112
+ },
113
+ redirectUrl: {
114
+ type: "string"
115
+ },
116
+ additionalProperties: false
117
+ },
118
+ required: ["sessionId", "stateId", "redirectUrl"],
119
+ description: "Arguments needed for {@link DidAuthSiopOpAuthenticator.authenticateWithSiop } "
120
+ },
121
+ IResponse: {
122
+ type: "object",
123
+ properties: {
124
+ status: {
125
+ type: "number"
126
+ },
127
+ additionalProperties: true
128
+ },
129
+ required: ["status"],
130
+ description: "Result of {@link DidAuthSiopOpAuthenticator.authenticateWithSiop & DidAuthSiopOpAuthenticator.sendSiopAuthenticationResponse } "
131
+ },
132
+ IGetSiopAuthenticationRequestFromRpArgs: {
133
+ type: "object",
134
+ properties: {
135
+ sessionId: {
136
+ type: "string"
137
+ },
138
+ stateId: {
139
+ type: "string"
140
+ },
141
+ redirectUrl: {
142
+ type: "string"
143
+ },
144
+ additionalProperties: false
145
+ },
146
+ required: ["sessionId", "stateId", "redirectUrl"],
147
+ description: "Arguments needed for {@link DidAuthSiopOpAuthenticator.getSiopAuthenticationRequestFromRP } "
148
+ },
149
+ ParsedAuthenticationRequestURI: {
150
+ type: "object",
151
+ properties: {
152
+ jwt: {
153
+ type: "string"
154
+ },
155
+ requestPayload: {
156
+ type: "object",
157
+ properties: {
158
+ additionalProperties: true
159
+ }
160
+ },
161
+ registration: {
162
+ type: "object",
163
+ properties: {
164
+ additionalProperties: true
165
+ }
166
+ },
167
+ additionalProperties: false
168
+ },
169
+ required: ["jwt", "requestPayload", "registration"],
170
+ description: "Result of {@link DidAuthSiopOpAuthenticator.getSiopAuthenticationRequestFromRP } "
171
+ },
172
+ IGetSiopAuthenticationRequestDetailsArgs: {
173
+ type: "object",
174
+ properties: {
175
+ sessionId: {
176
+ type: "string"
177
+ },
178
+ verifiedAuthenticationRequest: {
179
+ type: "object",
180
+ properties: {
181
+ additionalProperties: true
182
+ }
183
+ },
184
+ credentialFilter: {
185
+ type: "object",
186
+ properties: {
187
+ additionalProperties: true
188
+ }
189
+ },
190
+ additionalProperties: false
191
+ },
192
+ required: ["sessionId", "verifiedAuthenticationRequest"],
193
+ description: "Arguments needed for {@link DidAuthSiopOpAuthenticator.getSiopAuthenticationRequestDetails } "
194
+ },
195
+ IAuthRequestDetails: {
196
+ type: "object",
197
+ properties: {
198
+ id: {
199
+ type: "string"
200
+ },
201
+ alsoKnownAs: {
202
+ type: "array",
203
+ items: {
204
+ type: "string"
205
+ }
206
+ },
207
+ vpResponseOpts: {
208
+ type: "object",
209
+ properties: {
210
+ additionalProperties: true
211
+ }
212
+ },
213
+ additionalProperties: false
214
+ },
215
+ required: ["id", "vpResponseOpts"],
216
+ description: "Result of {@link DidAuthSiopOpAuthenticator.getSiopAuthenticationRequestDetails } "
217
+ },
218
+ IVerifySiopAuthenticationRequestUriArgs: {
219
+ type: "object",
220
+ properties: {
221
+ sessionId: {
222
+ type: "string"
223
+ },
224
+ ParsedAuthenticationRequestURI: {
225
+ type: "object",
226
+ properties: {
227
+ additionalProperties: true
228
+ }
229
+ },
230
+ additionalProperties: false
231
+ },
232
+ required: ["sessionId", "ParsedAuthenticationRequestURI"],
233
+ description: "Arguments needed for {@link DidAuthSiopOpAuthenticator.verifySiopAuthenticationRequestURI } "
234
+ },
235
+ VerifiedAuthorizationRequest: {
236
+ type: "object",
237
+ properties: {
238
+ payload: {
239
+ type: "object",
240
+ properties: {
241
+ additionalProperties: true
242
+ }
243
+ },
244
+ presentationDefinitions: {
245
+ type: "object",
246
+ properties: {
247
+ additionalProperties: true
248
+ }
249
+ },
250
+ verifyOpts: {
251
+ type: "object",
252
+ properties: {
253
+ additionalProperties: true
254
+ }
255
+ },
256
+ additionalProperties: false
257
+ },
258
+ required: ["payload", "verifyOpts"],
259
+ description: "Result of {@link DidAuthSiopOpAuthenticator.verifySiopAuthenticationRequestURI } "
260
+ },
261
+ ISendSiopAuthenticationResponseArgs: {
262
+ type: "object",
263
+ properties: {
264
+ sessionId: {
265
+ type: "string"
266
+ },
267
+ verifiedAuthenticationRequest: {
268
+ type: "object",
269
+ properties: {
270
+ additionalProperties: true
271
+ }
272
+ },
273
+ verifiablePresentationResponse: {
274
+ type: "object",
275
+ properties: {
276
+ additionalProperties: true
277
+ }
278
+ },
279
+ additionalProperties: false
280
+ },
281
+ required: ["sessionId", "verifiedAuthenticationRequest"],
282
+ description: "Arguments needed for {@link DidAuthSiopOpAuthenticator.sendSiopAuthenticationResponse } "
283
+ }
284
+ },
285
+ methods: {
286
+ getSessionForSiop: {
287
+ description: "Get SIOP session",
288
+ arguments: {
289
+ $ref: "#/components/schemas/IGetSiopSessionArgs"
290
+ },
291
+ returnType: "object"
292
+ },
293
+ registerSessionForSiop: {
294
+ description: "Register SIOP session",
295
+ arguments: {
296
+ $ref: "#/components/schemas/IRegisterSiopSessionArgs"
297
+ },
298
+ returnType: "object"
299
+ },
300
+ removeSessionForSiop: {
301
+ description: "Remove SIOP session",
302
+ arguments: {
303
+ $ref: "#/components/schemas/IRemoveSiopSessionArgs"
304
+ },
305
+ returnType: "boolean"
306
+ },
307
+ authenticateWithSiop: {
308
+ description: "Authenticate using DID Auth SIOP",
309
+ arguments: {
310
+ $ref: "#/components/schemas/IAuthenticateWithSiopArgs"
311
+ },
312
+ returnType: {
313
+ $ref: "#/components/schemas/Response"
314
+ }
315
+ },
316
+ getSiopAuthenticationRequestFromRP: {
317
+ description: "Get authentication request from RP",
318
+ arguments: {
319
+ $ref: "#/components/schemas/IGetSiopAuthenticationRequestFromRpArgs"
320
+ },
321
+ returnType: {
322
+ $ref: "#/components/schemas/ParsedAuthenticationRequestURI"
323
+ }
324
+ },
325
+ getSiopAuthenticationRequestDetails: {
326
+ description: "Get authentication request details",
327
+ arguments: {
328
+ $ref: "#/components/schemas/IGetSiopAuthenticationRequestDetailsArgs"
329
+ },
330
+ returnType: {
331
+ $ref: "#/components/schemas/IAuthRequestDetails"
332
+ }
333
+ },
334
+ verifySiopAuthenticationRequestURI: {
335
+ description: "Verify authentication request URI",
336
+ arguments: {
337
+ $ref: "#/components/schemas/IVerifySiopAuthenticationRequestUriArgs"
338
+ },
339
+ returnType: {
340
+ $ref: "#/components/schemas/VerifiedAuthorizationRequest"
341
+ }
342
+ },
343
+ sendSiopAuthenticationResponse: {
344
+ description: "Send authentication response",
345
+ arguments: {
346
+ $ref: "#/components/schemas/ISendSiopAuthenticationResponseArgs"
347
+ },
348
+ returnType: {
349
+ $ref: "#/components/schemas/IRequiredContext"
350
+ }
351
+ }
352
+ }
353
+ }
354
+ }
355
+ };
356
+ }
357
+ });
358
+
359
+ // src/index.ts
360
+ var index_exports = {};
361
+ __export(index_exports, {
362
+ PresentationExchange: () => PresentationExchange,
363
+ createPEXPresentationSignCallback: () => createPEXPresentationSignCallback,
364
+ schema: () => schema
365
+ });
366
+ module.exports = __toCommonJS(index_exports);
367
+
368
+ // src/agent/PresentationExchange.ts
369
+ var import_pex = require("@sphereon/pex");
370
+ var import_ssi_types = require("@sphereon/ssi-types");
371
+ var import_ssi_sdk_ext = require("@sphereon/ssi-sdk-ext.did-utils");
372
+ var import_ssi_sdk = require("@sphereon/ssi-sdk.credential-store");
373
+ var PresentationExchange = class {
374
+ static {
375
+ __name(this, "PresentationExchange");
376
+ }
377
+ schema = schema.IDidAuthSiopOpAuthenticator;
378
+ pex = new import_pex.PEX();
379
+ methods = {
380
+ pexValidateDefinition: this.pexValidateDefinition.bind(this),
381
+ pexDefinitionVersion: this.pexDefinitionVersion.bind(this),
382
+ pexDefinitionFilterCredentials: this.pexDefinitionFilterCredentials.bind(this),
383
+ pexDefinitionFilterCredentialsPerInputDescriptor: this.pexDefinitionFilterCredentialsPerInputDescriptor.bind(this)
384
+ };
385
+ constructor(opts) {
386
+ }
387
+ async pexValidateDefinition(args) {
388
+ const { definition } = args;
389
+ const invalids = [];
390
+ try {
391
+ const result = import_pex.PEX.validateDefinition(definition);
392
+ const validations = Array.isArray(result) ? result : [
393
+ result
394
+ ];
395
+ invalids.push(...validations.filter((v) => v.status === "error"));
396
+ } catch (error) {
397
+ invalids.push({
398
+ status: "error",
399
+ message: typeof error === "string" ? error : typeof error === "object" && "message" in error ? error.message : "unknown error",
400
+ tag: "validation"
401
+ });
402
+ }
403
+ if (invalids.length > 0) {
404
+ throw Error(`Invalid definition. ${invalids.map((v) => v.message).toString()}`);
405
+ }
406
+ return true;
407
+ }
408
+ async pexDefinitionVersion(presentationDefinition) {
409
+ return import_pex.PEX.definitionVersionDiscovery(presentationDefinition);
410
+ }
411
+ async pexDefinitionFilterCredentials(args, context) {
412
+ const credentials = await this.pexFilterCredentials(args.credentialFilterOpts, context);
413
+ const holderDIDs = args.holderDIDs ? (0, import_ssi_sdk_ext.toDIDs)(args.holderDIDs) : (0, import_ssi_sdk_ext.toDIDs)(await context.agent.dataStoreORMGetIdentifiers());
414
+ const selectResults = this.pex.selectFrom(args.presentationDefinition, credentials ?? [], {
415
+ ...args,
416
+ holderDIDs,
417
+ limitDisclosureSignatureSuites: args.limitDisclosureSignatureSuites ?? [
418
+ "BbsBlsSignature2020"
419
+ ]
420
+ });
421
+ return {
422
+ id: args.presentationDefinition.id,
423
+ selectResults,
424
+ filteredCredentials: selectResults.verifiableCredential?.map((vc) => import_ssi_types.CredentialMapper.storedCredentialToOriginalFormat(vc)) ?? []
425
+ };
426
+ }
427
+ async pexDefinitionFilterCredentialsPerInputDescriptor(args, context) {
428
+ const origDefinition = args.presentationDefinition;
429
+ const credentials = await this.pexFilterCredentials(args.credentialFilterOpts ?? {}, context);
430
+ const holderDIDs = args.holderDIDs ? (0, import_ssi_sdk_ext.toDIDs)(args.holderDIDs) : (0, import_ssi_sdk_ext.toDIDs)(await context.agent.dataStoreORMGetIdentifiers());
431
+ const limitDisclosureSignatureSuites = args.limitDisclosureSignatureSuites;
432
+ const promises = /* @__PURE__ */ new Map();
433
+ origDefinition.input_descriptors.forEach((inputDescriptor) => {
434
+ const presentationDefinition = {
435
+ id: inputDescriptor.id,
436
+ input_descriptors: [
437
+ inputDescriptor
438
+ ]
439
+ };
440
+ const credentialRole = args.credentialFilterOpts.credentialRole;
441
+ promises.set(inputDescriptor, this.pexDefinitionFilterCredentials({
442
+ credentialFilterOpts: {
443
+ credentialRole,
444
+ verifiableCredentials: credentials
445
+ },
446
+ // @ts-ignore
447
+ presentationDefinition,
448
+ holderDIDs,
449
+ limitDisclosureSignatureSuites
450
+ }, context));
451
+ });
452
+ await Promise.all(promises.values());
453
+ const result = [];
454
+ for (const entry of promises.entries()) {
455
+ result.push({
456
+ ...await entry[1],
457
+ inputDescriptor: entry[0]
458
+ });
459
+ }
460
+ return result;
461
+ }
462
+ async pexFilterCredentials(filterOpts, context) {
463
+ if (filterOpts.verifiableCredentials && filterOpts.verifiableCredentials.length > 0) {
464
+ return filterOpts.verifiableCredentials;
465
+ }
466
+ const filter = (0, import_ssi_sdk.verifiableCredentialForRoleFilter)(filterOpts.credentialRole, filterOpts.filter);
467
+ const uniqueCredentials = await context.agent.crsGetUniqueCredentials({
468
+ filter
469
+ });
470
+ return uniqueCredentials.map((uniqueVC) => {
471
+ const vc = uniqueVC.uniformVerifiableCredential;
472
+ const proof = Array.isArray(vc.proof) ? vc.proof : [
473
+ vc.proof
474
+ ];
475
+ const jwtProof = proof.find((p) => p?.type === import_ssi_types.JWT_PROOF_TYPE_2020);
476
+ return jwtProof ? jwtProof.jwt : vc;
477
+ });
478
+ }
479
+ };
480
+
481
+ // src/functions.ts
482
+ var import_ssi_sdk_ext2 = require("@sphereon/ssi-sdk-ext.identifier-resolution");
483
+ var import_ssi_types2 = require("@sphereon/ssi-types");
484
+ async function createPEXPresentationSignCallback(args, context) {
485
+ function determineProofFormat(determineArgs) {
486
+ const { format, presentationDefinition, presentation } = determineArgs;
487
+ var formatOptions = format ?? presentationDefinition.format ?? args.format;
488
+ if (!formatOptions && presentationDefinition.input_descriptors.length == 1 && "format" in presentationDefinition.input_descriptors[0]) {
489
+ formatOptions = presentationDefinition.input_descriptors[0].format;
490
+ }
491
+ if (!formatOptions) {
492
+ if (import_ssi_types2.CredentialMapper.isSdJwtDecodedCredentialPayload(presentation.decodedPayload)) {
493
+ return "vc+sd-jwt";
494
+ } else if (import_ssi_types2.CredentialMapper.isMsoMdocDecodedPresentation(presentation.decodedPayload)) {
495
+ return "mso_mdoc";
496
+ } else if (import_ssi_types2.CredentialMapper.isW3cPresentation(presentation.decodedPayload)) {
497
+ if (typeof presentation.signedPayload === "string") {
498
+ return "jwt";
499
+ }
500
+ return "lds";
501
+ }
502
+ return "jwt";
503
+ } else if (typeof formatOptions === "string") {
504
+ return formatOptions;
505
+ }
506
+ const formats = new Set(Object.keys(formatOptions).map((form) => form.includes("ldp") ? "lds" : form.includes("vc+sd-jwt") ? "vc+sd-jwt" : "jwt"));
507
+ if (formats.size === 1) {
508
+ return formats.values().next().value;
509
+ }
510
+ formats.keys().next();
511
+ if (formats.has("vc+sd-jwt")) {
512
+ return "vc+sd-jwt";
513
+ } else if (formats.has("jwt")) {
514
+ return "jwt";
515
+ }
516
+ return "lds";
517
+ }
518
+ __name(determineProofFormat, "determineProofFormat");
519
+ return async ({ presentation, domain, presentationDefinition, format, challenge }) => {
520
+ const proofFormat = determineProofFormat({
521
+ format,
522
+ presentationDefinition,
523
+ presentation
524
+ });
525
+ const { idOpts } = args;
526
+ const CLOCK_SKEW = 120;
527
+ if (args.skipDidResolution && (0, import_ssi_sdk_ext2.isManagedIdentifierDidOpts)(idOpts)) {
528
+ idOpts.offlineWhenNoDIDRegistered = true;
529
+ }
530
+ if ("compactSdJwtVc" in presentation) {
531
+ if (proofFormat !== "vc+sd-jwt") {
532
+ return Promise.reject(Error(`presentation payload does not match proof format ${proofFormat}`));
533
+ }
534
+ const presentationResult = await context.agent.createSdJwtPresentation({
535
+ ...idOpts?.method === "oid4vci-issuer" && {
536
+ holder: idOpts?.issuer
537
+ },
538
+ presentation: presentation.compactSdJwtVc,
539
+ kb: {
540
+ payload: {
541
+ ...presentation.kbJwt?.payload,
542
+ iat: presentation.kbJwt?.payload?.iat ?? Math.floor(Date.now() / 1e3 - CLOCK_SKEW),
543
+ nonce: challenge ?? presentation.kbJwt?.payload?.nonce,
544
+ aud: presentation.kbJwt?.payload?.aud ?? domain ?? args.domain
545
+ }
546
+ }
547
+ });
548
+ return import_ssi_types2.CredentialMapper.storedPresentationToOriginalFormat(presentationResult.presentation);
549
+ } else {
550
+ const resolution = await context.agent.identifierManagedGet(idOpts);
551
+ if (proofFormat === "vc+sd-jwt") {
552
+ return Promise.reject(Error(`presentation payload does not match proof format ${proofFormat}`));
553
+ }
554
+ let header;
555
+ if (!presentation.holder) {
556
+ presentation.holder = resolution.issuer;
557
+ }
558
+ if (proofFormat === "jwt") {
559
+ header = {
560
+ ...((0, import_ssi_sdk_ext2.isManagedIdentifierDidResult)(resolution) || (0, import_ssi_sdk_ext2.isManagedIdentifierX5cResult)(resolution)) && resolution.kid && {
561
+ kid: resolution.kid
562
+ },
563
+ ...(0, import_ssi_sdk_ext2.isManagedIdentifierX5cResult)(resolution) && {
564
+ jwk: resolution.jwk
565
+ }
566
+ };
567
+ if (presentation.verifier || !presentation.aud) {
568
+ presentation.aud = Array.isArray(presentation.verifier) ? presentation.verifier : presentation.verifier ?? domain ?? args.domain;
569
+ delete presentation.verifier;
570
+ }
571
+ if (!presentation.nbf) {
572
+ if (presentation.issuanceDate) {
573
+ const converted = Date.parse(presentation.issuanceDate);
574
+ if (!isNaN(converted)) {
575
+ presentation.nbf = Math.floor(converted / 1e3);
576
+ }
577
+ } else {
578
+ presentation.nbf = Math.floor(Date.now() / 1e3 - CLOCK_SKEW);
579
+ }
580
+ }
581
+ if (!presentation.iat) {
582
+ presentation.iat = presentation.nbf;
583
+ }
584
+ if (!presentation.exp) {
585
+ if (presentation.expirationDate) {
586
+ const converted = Date.parse(presentation.expirationDate);
587
+ if (!isNaN(converted)) {
588
+ presentation.exp = Math.floor(converted / 1e3);
589
+ }
590
+ } else {
591
+ presentation.exp = presentation.nbf + 600 + CLOCK_SKEW;
592
+ }
593
+ }
594
+ if (!presentation.vp) {
595
+ presentation.vp = {};
596
+ }
597
+ if (!presentation.vp.holder) {
598
+ presentation.vp.holder = presentation.holder;
599
+ }
600
+ }
601
+ const vp = await context.agent.createVerifiablePresentation({
602
+ presentation,
603
+ removeOriginalFields: false,
604
+ keyRef: resolution.kmsKeyRef,
605
+ // domain: domain ?? args.domain, // handled above, and did-jwt-vc creates an array even for 1 entry
606
+ challenge: challenge ?? args.challenge,
607
+ fetchRemoteContexts: args.fetchRemoteContexts !== false,
608
+ proofFormat,
609
+ header
610
+ });
611
+ return import_ssi_types2.CredentialMapper.storedPresentationToOriginalFormat(vp);
612
+ }
613
+ };
614
+ }
615
+ __name(createPEXPresentationSignCallback, "createPEXPresentationSignCallback");
616
+
617
+ // src/index.ts
618
+ var schema = require_plugin_schema();
619
+ //# sourceMappingURL=index.cjs.map