@sphereon/ssi-sdk.presentation-exchange 0.34.1-next.91 → 0.36.1-feat.SSISDK.83.3

package/dist/index.cjs.map

@@ -1 +1 @@
-{"version":3,"sources":["../plugin.schema.json","../src/index.ts","../src/agent/PresentationExchange.ts","../src/functions.ts"],"sourcesContent":["{\n  \"IDidAuthSiopOpAuthenticator\": {\n    \"components\": {\n      \"schemas\": {\n        \"IGetSiopSessionArgs\": {\n          \"type\": \"object\",\n          \"properties\": {\n            \"sessionId\": {\n              \"type\": \"string\"\n            },\n            \"additionalProperties\": false\n          },\n          \"required\": [\"sessionId\"],\n          \"description\": \"Arguments needed for {@link DidAuthSiopOpAuthenticator.getSessionForSiop } \"\n        },\n        \"IRegisterSiopSessionArgs\": {\n          \"type\": \"object\",\n          \"properties\": {\n            \"identifier\": {\n              \"type\": \"object\",\n              \"properties\": {\n                \"did\": {\n                  \"type\": \"string\"\n                },\n                \"alias\": {\n                  \"type\": \"string\"\n                },\n                \"provider\": {\n                  \"type\": \"string\"\n                },\n                \"controllerKeyId\": {\n                  \"type\": \"string\"\n                },\n                \"keys\": {\n                  \"type\": \"array\",\n                  \"items\": {\n                    \"type\": \"object\",\n                    \"properties\": {\n                      \"additionalProperties\": true\n                    }\n                  }\n                },\n                \"services\": {\n                  \"type\": \"array\",\n                  \"items\": {\n                    \"type\": \"object\",\n                    \"properties\": {\n                      \"additionalProperties\": true\n                    }\n                  }\n                }\n              },\n              \"additionalProperties\": false,\n              \"required\": [\"did\", \"provider\", \"keys\", \"services\"]\n            },\n            \"sessionId\": {\n              \"type\": \"string\"\n            },\n            \"expiresIn\": {\n              \"type\": \"number\"\n            },\n            \"additionalProperties\": false\n          },\n          \"required\": [\"identifier\"],\n          \"description\": \"Arguments needed for {@link DidAuthSiopOpAuthenticator.registerSessionForSiop } \"\n        },\n        \"IRemoveSiopSessionArgs\": {\n          \"type\": \"object\",\n          \"properties\": {\n            \"sessionId\": {\n              \"type\": \"string\"\n            },\n            \"additionalProperties\": false\n          },\n          \"required\": [\"sessionId\"],\n          \"description\": \"Arguments needed for {@link DidAuthSiopOpAuthenticator.removeSessionForSiop } \"\n        },\n        \"IAuthenticateWithSiopArgs\": {\n          \"type\": \"object\",\n          \"properties\": {\n            \"sessionId\": {\n              \"type\": \"string\"\n            },\n            \"stateId\": {\n              \"type\": \"string\"\n            },\n            \"redirectUrl\": {\n              \"type\": \"string\"\n            },\n            \"additionalProperties\": false\n          },\n          \"required\": [\"sessionId\", \"stateId\", \"redirectUrl\"],\n          \"description\": \"Arguments needed for {@link DidAuthSiopOpAuthenticator.authenticateWithSiop } \"\n        },\n        \"IResponse\": {\n          \"type\": \"object\",\n          \"properties\": {\n            \"status\": {\n              \"type\": \"number\"\n            },\n            \"additionalProperties\": true\n          },\n          \"required\": [\"status\"],\n          \"description\": \"Result of {@link DidAuthSiopOpAuthenticator.authenticateWithSiop & DidAuthSiopOpAuthenticator.sendSiopAuthenticationResponse } \"\n        },\n        \"IGetSiopAuthenticationRequestFromRpArgs\": {\n          \"type\": \"object\",\n          \"properties\": {\n            \"sessionId\": {\n              \"type\": \"string\"\n            },\n            \"stateId\": {\n              \"type\": \"string\"\n            },\n            \"redirectUrl\": {\n              \"type\": \"string\"\n            },\n            \"additionalProperties\": false\n          },\n          \"required\": [\"sessionId\", \"stateId\", \"redirectUrl\"],\n          \"description\": \"Arguments needed for {@link DidAuthSiopOpAuthenticator.getSiopAuthenticationRequestFromRP } \"\n        },\n        \"ParsedAuthenticationRequestURI\": {\n          \"type\": \"object\",\n          \"properties\": {\n            \"jwt\": {\n              \"type\": \"string\"\n            },\n            \"requestPayload\": {\n              \"type\": \"object\",\n              \"properties\": {\n                \"additionalProperties\": true\n              }\n            },\n            \"registration\": {\n              \"type\": \"object\",\n              \"properties\": {\n                \"additionalProperties\": true\n              }\n            },\n            \"additionalProperties\": false\n          },\n          \"required\": [\"jwt\", \"requestPayload\", \"registration\"],\n          \"description\": \"Result of {@link DidAuthSiopOpAuthenticator.getSiopAuthenticationRequestFromRP } \"\n        },\n        \"IGetSiopAuthenticationRequestDetailsArgs\": {\n          \"type\": \"object\",\n          \"properties\": {\n            \"sessionId\": {\n              \"type\": \"string\"\n            },\n            \"verifiedAuthenticationRequest\": {\n              \"type\": \"object\",\n              \"properties\": {\n                \"additionalProperties\": true\n              }\n            },\n            \"credentialFilter\": {\n              \"type\": \"object\",\n              \"properties\": {\n                \"additionalProperties\": true\n              }\n            },\n            \"additionalProperties\": false\n          },\n          \"required\": [\"sessionId\", \"verifiedAuthenticationRequest\"],\n          \"description\": \"Arguments needed for {@link DidAuthSiopOpAuthenticator.getSiopAuthenticationRequestDetails } \"\n        },\n        \"IAuthRequestDetails\": {\n          \"type\": \"object\",\n          \"properties\": {\n            \"id\": {\n              \"type\": \"string\"\n            },\n            \"alsoKnownAs\": {\n              \"type\": \"array\",\n              \"items\": {\n                \"type\": \"string\"\n              }\n            },\n            \"vpResponseOpts\": {\n              \"type\": \"object\",\n              \"properties\": {\n                \"additionalProperties\": true\n              }\n            },\n            \"additionalProperties\": false\n          },\n          \"required\": [\"id\", \"vpResponseOpts\"],\n          \"description\": \"Result of {@link DidAuthSiopOpAuthenticator.getSiopAuthenticationRequestDetails } \"\n        },\n        \"IVerifySiopAuthenticationRequestUriArgs\": {\n          \"type\": \"object\",\n          \"properties\": {\n            \"sessionId\": {\n              \"type\": \"string\"\n            },\n            \"ParsedAuthenticationRequestURI\": {\n              \"type\": \"object\",\n              \"properties\": {\n                \"additionalProperties\": true\n              }\n            },\n            \"additionalProperties\": false\n          },\n          \"required\": [\"sessionId\", \"ParsedAuthenticationRequestURI\"],\n          \"description\": \"Arguments needed for {@link DidAuthSiopOpAuthenticator.verifySiopAuthenticationRequestURI } \"\n        },\n        \"VerifiedAuthorizationRequest\": {\n          \"type\": \"object\",\n          \"properties\": {\n            \"payload\": {\n              \"type\": \"object\",\n              \"properties\": {\n                \"additionalProperties\": true\n              }\n            },\n            \"presentationDefinitions\": {\n              \"type\": \"object\",\n              \"properties\": {\n                \"additionalProperties\": true\n              }\n            },\n            \"verifyOpts\": {\n              \"type\": \"object\",\n              \"properties\": {\n                \"additionalProperties\": true\n              }\n            },\n            \"additionalProperties\": false\n          },\n          \"required\": [\"payload\", \"verifyOpts\"],\n          \"description\": \"Result of {@link DidAuthSiopOpAuthenticator.verifySiopAuthenticationRequestURI } \"\n        },\n        \"ISendSiopAuthenticationResponseArgs\": {\n          \"type\": \"object\",\n          \"properties\": {\n            \"sessionId\": {\n              \"type\": \"string\"\n            },\n            \"verifiedAuthenticationRequest\": {\n              \"type\": \"object\",\n              \"properties\": {\n                \"additionalProperties\": true\n              }\n            },\n            \"verifiablePresentationResponse\": {\n              \"type\": \"object\",\n              \"properties\": {\n                \"additionalProperties\": true\n              }\n            },\n            \"additionalProperties\": false\n          },\n          \"required\": [\"sessionId\", \"verifiedAuthenticationRequest\"],\n          \"description\": \"Arguments needed for {@link DidAuthSiopOpAuthenticator.sendSiopAuthenticationResponse } \"\n        }\n      },\n      \"methods\": {\n        \"getSessionForSiop\": {\n          \"description\": \"Get SIOP session\",\n          \"arguments\": {\n            \"$ref\": \"#/components/schemas/IGetSiopSessionArgs\"\n          },\n          \"returnType\": \"object\"\n        },\n        \"registerSessionForSiop\": {\n          \"description\": \"Register SIOP session\",\n          \"arguments\": {\n            \"$ref\": \"#/components/schemas/IRegisterSiopSessionArgs\"\n          },\n          \"returnType\": \"object\"\n        },\n        \"removeSessionForSiop\": {\n          \"description\": \"Remove SIOP session\",\n          \"arguments\": {\n            \"$ref\": \"#/components/schemas/IRemoveSiopSessionArgs\"\n          },\n          \"returnType\": \"boolean\"\n        },\n        \"authenticateWithSiop\": {\n          \"description\": \"Authenticate using DID Auth SIOP\",\n          \"arguments\": {\n            \"$ref\": \"#/components/schemas/IAuthenticateWithSiopArgs\"\n          },\n          \"returnType\": {\n            \"$ref\": \"#/components/schemas/Response\"\n          }\n        },\n        \"getSiopAuthenticationRequestFromRP\": {\n          \"description\": \"Get authentication request from RP\",\n          \"arguments\": {\n            \"$ref\": \"#/components/schemas/IGetSiopAuthenticationRequestFromRpArgs\"\n          },\n          \"returnType\": {\n            \"$ref\": \"#/components/schemas/ParsedAuthenticationRequestURI\"\n          }\n        },\n        \"getSiopAuthenticationRequestDetails\": {\n          \"description\": \"Get authentication request details\",\n          \"arguments\": {\n            \"$ref\": \"#/components/schemas/IGetSiopAuthenticationRequestDetailsArgs\"\n          },\n          \"returnType\": {\n            \"$ref\": \"#/components/schemas/IAuthRequestDetails\"\n          }\n        },\n        \"verifySiopAuthenticationRequestURI\": {\n          \"description\": \"Verify authentication request URI\",\n          \"arguments\": {\n            \"$ref\": \"#/components/schemas/IVerifySiopAuthenticationRequestUriArgs\"\n          },\n          \"returnType\": {\n            \"$ref\": \"#/components/schemas/VerifiedAuthorizationRequest\"\n          }\n        },\n        \"sendSiopAuthenticationResponse\": {\n          \"description\": \"Send authentication response\",\n          \"arguments\": {\n            \"$ref\": \"#/components/schemas/ISendSiopAuthenticationResponseArgs\"\n          },\n          \"returnType\": {\n            \"$ref\": \"#/components/schemas/IRequiredContext\"\n          }\n        }\n      }\n    }\n  }\n}\n","/**\n * @public\n */\nconst schema = require('../plugin.schema.json')\nexport { schema }\nexport { PresentationExchange } from './agent/PresentationExchange'\nexport * from './types/IPresentationExchange'\nexport * from './functions'\n","import {\n  IDefinitionCredentialFilterArgs,\n  IDefinitionValidateArgs,\n  IPEXFilterResult,\n  IPEXFilterResultWithInputDescriptor,\n  IRequiredContext,\n  PEXOpts,\n  schema,\n  VersionDiscoveryResult,\n} from '../index'\nimport { IAgentPlugin } from '@veramo/core'\n\nimport { IPresentationExchange } from '../types/IPresentationExchange'\nimport { Checked, IPresentationDefinition, PEX } from '@sphereon/pex'\nimport { CompactJWT, CredentialMapper, IProof, JWT_PROOF_TYPE_2020, W3CVerifiableCredential } from '@sphereon/ssi-types'\nimport { InputDescriptorV1, InputDescriptorV2 } from '@sphereon/pex-models'\nimport { toDIDs } from '@sphereon/ssi-sdk-ext.did-utils'\nimport { CredentialRole, UniqueDigitalCredential, verifiableCredentialForRoleFilter } from '@sphereon/ssi-sdk.credential-store'\nimport { FindDigitalCredentialArgs } from '@sphereon/ssi-sdk.data-store'\n\nexport class PresentationExchange implements IAgentPlugin {\n  readonly schema = schema.IDidAuthSiopOpAuthenticator\n  private readonly pex = new PEX()\n\n  readonly methods: IPresentationExchange = {\n    pexValidateDefinition: this.pexValidateDefinition.bind(this),\n    pexDefinitionVersion: this.pexDefinitionVersion.bind(this),\n    pexDefinitionFilterCredentials: this.pexDefinitionFilterCredentials.bind(this),\n    pexDefinitionFilterCredentialsPerInputDescriptor: this.pexDefinitionFilterCredentialsPerInputDescriptor.bind(this),\n  }\n\n  constructor(opts?: PEXOpts) {}\n\n  private async pexValidateDefinition(args: IDefinitionValidateArgs): Promise<boolean> {\n    const { definition } = args\n    const invalids: Checked[] = []\n\n    try {\n      const result = PEX.validateDefinition(definition)\n      const validations = Array.isArray(result) ? result : [result]\n      invalids.push(...validations.filter((v) => v.status === 'error'))\n    } catch (error) {\n      invalids.push({\n        status: 'error',\n        message:\n          typeof error === 'string'\n            ? error\n            : typeof error === 'object' && 'message' in (error as object)\n              ? (error as Error).message\n              : 'unknown error',\n        tag: 'validation',\n      })\n    }\n\n    if (invalids.length > 0) {\n      throw Error(`Invalid definition. ${invalids.map((v) => v.message).toString()}`)\n    }\n    return true // Never returns false, but REST API does not allow Promise<void>\n  }\n\n  async pexDefinitionVersion(presentationDefinition: IPresentationDefinition): Promise<VersionDiscoveryResult> {\n    return PEX.definitionVersionDiscovery(presentationDefinition)\n  }\n\n  async pexDefinitionFilterCredentials(args: IDefinitionCredentialFilterArgs, context: IRequiredContext): Promise<IPEXFilterResult> {\n    const credentials = await this.pexFilterCredentials(args.credentialFilterOpts, context)\n    const holderDIDs = args.holderDIDs ? toDIDs(args.holderDIDs) : toDIDs(await context.agent.dataStoreORMGetIdentifiers())\n    const selectResults = this.pex.selectFrom(args.presentationDefinition, credentials ?? [], {\n      ...args,\n      holderDIDs,\n      limitDisclosureSignatureSuites: args.limitDisclosureSignatureSuites ?? ['BbsBlsSignature2020'],\n    })\n    return {\n      id: args.presentationDefinition.id,\n      selectResults,\n      filteredCredentials: selectResults.verifiableCredential?.map((vc) => CredentialMapper.storedCredentialToOriginalFormat(vc)) ?? [],\n    }\n  }\n\n  async pexDefinitionFilterCredentialsPerInputDescriptor(\n    args: IDefinitionCredentialFilterArgs,\n    context: IRequiredContext,\n  ): Promise<IPEXFilterResultWithInputDescriptor[]> {\n    const origDefinition = args.presentationDefinition\n    const credentials = await this.pexFilterCredentials(args.credentialFilterOpts ?? {}, context)\n    const holderDIDs = args.holderDIDs ? toDIDs(args.holderDIDs) : toDIDs(await context.agent.dataStoreORMGetIdentifiers())\n    const limitDisclosureSignatureSuites = args.limitDisclosureSignatureSuites\n\n    const promises = new Map<InputDescriptorV1 | InputDescriptorV2, Promise<IPEXFilterResult>>()\n    origDefinition.input_descriptors.forEach((inputDescriptor) => {\n      const presentationDefinition = {\n        id: inputDescriptor.id,\n        input_descriptors: [inputDescriptor],\n      }\n\n      const credentialRole = args.credentialFilterOpts.credentialRole\n\n      promises.set(\n        inputDescriptor,\n        this.pexDefinitionFilterCredentials(\n          {\n            credentialFilterOpts: { credentialRole, verifiableCredentials: credentials },\n            // @ts-ignore\n            presentationDefinition,\n            holderDIDs,\n            limitDisclosureSignatureSuites,\n          },\n          context,\n        ),\n      )\n    })\n    await Promise.all(promises.values())\n    const result: IPEXFilterResultWithInputDescriptor[] = []\n    for (const entry of promises.entries()) {\n      result.push({ ...(await entry[1]), inputDescriptor: entry[0] })\n    }\n    return result\n  }\n\n  private async pexFilterCredentials(\n    filterOpts: {\n      credentialRole: CredentialRole\n      verifiableCredentials?: W3CVerifiableCredential[]\n      filter?: FindDigitalCredentialArgs\n    },\n    context: IRequiredContext,\n  ): Promise<W3CVerifiableCredential[]> {\n    if (filterOpts.verifiableCredentials && filterOpts.verifiableCredentials.length > 0) {\n      return filterOpts.verifiableCredentials as W3CVerifiableCredential[]\n    }\n\n    const filter = verifiableCredentialForRoleFilter(filterOpts.credentialRole, filterOpts.filter)\n    const uniqueCredentials = await context.agent.crsGetUniqueCredentials({ filter })\n\n    return uniqueCredentials.map((uniqueVC: UniqueDigitalCredential) => {\n      const vc = uniqueVC.uniformVerifiableCredential!\n      const proof = Array.isArray(vc.proof) ? vc.proof : [vc.proof]\n      const jwtProof = proof.find((p: IProof) => p?.type === JWT_PROOF_TYPE_2020)\n      return jwtProof ? (jwtProof.jwt as CompactJWT) : vc\n    })\n  }\n}\n","import { IPresentationDefinition } from '@sphereon/pex'\nimport { Format } from '@sphereon/pex-models'\nimport {\n  isManagedIdentifierDidOpts,\n  isManagedIdentifierDidResult,\n  isManagedIdentifierX5cResult,\n  ManagedIdentifierOptsOrResult,\n} from '@sphereon/ssi-sdk-ext.identifier-resolution'\nimport {\n  CredentialMapper,\n  Optional,\n  OriginalVerifiablePresentation,\n  SdJwtDecodedVerifiableCredential,\n  W3CVerifiablePresentation,\n} from '@sphereon/ssi-types'\nimport { PresentationPayload, ProofFormat } from '@veramo/core'\nimport { IPEXPresentationSignCallback, IRequiredContext } from './types/IPresentationExchange'\n\nexport async function createPEXPresentationSignCallback(\n  args: {\n    idOpts: ManagedIdentifierOptsOrResult\n    fetchRemoteContexts?: boolean\n    skipDidResolution?: boolean\n    format?: Format | ProofFormat\n    domain?: string\n    challenge?: string\n  },\n  context: IRequiredContext,\n): Promise<IPEXPresentationSignCallback> {\n  function determineProofFormat(determineArgs: {\n    format?: Format | 'jwt' | 'lds' | 'EthereumEip712Signature2021'\n    presentationDefinition: IPresentationDefinition\n    presentation: Optional<PresentationPayload, 'holder'> | SdJwtDecodedVerifiableCredential\n  }): string {\n    const { format, presentationDefinition, presentation } = determineArgs\n\n    var formatOptions = format ?? presentationDefinition.format ?? args.format\n    // TODO Refactor so it takes into account the Input Descriptors and we can lookup from there. Now we only do that if there is 1 descriptor\n    if (!formatOptions && presentationDefinition.input_descriptors.length == 1 && 'format' in presentationDefinition.input_descriptors[0]) {\n      formatOptions = presentationDefinition.input_descriptors[0].format\n    }\n    // All format arguments are optional. So if no format has been given we go for the most supported 'jwt'\n    if (!formatOptions) {\n      if (CredentialMapper.isSdJwtDecodedCredentialPayload(presentation.decodedPayload)) {\n        return 'dc+sd-jwt'\n      } else if (CredentialMapper.isMsoMdocDecodedPresentation(presentation.decodedPayload as OriginalVerifiablePresentation)) {\n        return 'mso_mdoc'\n      } else if (CredentialMapper.isW3cPresentation(presentation.decodedPayload)) {\n        if (typeof presentation.signedPayload === 'string') {\n          return 'jwt'\n        }\n        return 'lds'\n      }\n      return 'jwt'\n    } else if (typeof formatOptions === 'string') {\n      // if formatOptions is a singular string we can return that as the format\n      return formatOptions\n    }\n\n    // here we transform all format options to either lds or jwt. but we also want to support sd-jwt, so we need to specifically check for this one. which is ['dc+sd-jwt']\n    const formats = new Set(\n      Object.keys(formatOptions).map((form) => (form.includes('ldp') ? 'lds' : form.includes('dc+sd-jwt') ? 'dc+sd-jwt' : 'jwt')),\n    )\n\n    // if we only have 1 format type we can return that\n    if (formats.size === 1) {\n      return formats.values().next().value!!\n    }\n    formats.keys().next()\n    // if we can go for sd-jwt, we go for sd-jwt\n    if (formats.has('dc+sd-jwt')) {\n      return 'dc+sd-jwt'\n    }\n    // if it is not sd-jwt we would like to go for jwt\n    else if (formats.has('jwt')) {\n      return 'jwt'\n    }\n\n    // else we go for lds\n    return 'lds'\n  }\n\n  return async ({\n    presentation,\n    domain,\n    presentationDefinition,\n    format,\n    challenge,\n  }: {\n    presentation: Optional<PresentationPayload, 'holder'> | SdJwtDecodedVerifiableCredential\n    presentationDefinition: IPresentationDefinition\n    format?: Format | ProofFormat\n    domain?: string\n    challenge?: string\n  }): Promise<W3CVerifiablePresentation> => {\n    const proofFormat = determineProofFormat({ format, presentationDefinition, presentation })\n    const { idOpts } = args\n    const CLOCK_SKEW = 120\n    if (args.skipDidResolution && isManagedIdentifierDidOpts(idOpts)) {\n      idOpts.offlineWhenNoDIDRegistered = true\n    }\n\n    if ('compactSdJwtVc' in presentation) {\n      if (proofFormat !== 'dc+sd-jwt') {\n        return Promise.reject(Error(`presentation payload does not match proof format ${proofFormat}`))\n      }\n\n      const presentationResult = await context.agent.createSdJwtPresentation({\n        ...(idOpts?.method === 'oid4vci-issuer' && { holder: idOpts?.issuer as string }),\n        presentation: presentation.compactSdJwtVc,\n        kb: {\n          payload: {\n            ...presentation.kbJwt?.payload,\n            iat: presentation.kbJwt?.payload?.iat ?? Math.floor(Date.now() / 1000 - CLOCK_SKEW),\n            nonce: challenge ?? presentation.kbJwt?.payload?.nonce,\n            aud: presentation.kbJwt?.payload?.aud ?? domain ?? args.domain,\n          },\n        },\n      })\n\n      return CredentialMapper.storedPresentationToOriginalFormat(presentationResult.presentation as OriginalVerifiablePresentation)\n    } else {\n      const resolution = await context.agent.identifierManagedGet(idOpts)\n\n      if (proofFormat === 'dc+sd-jwt') {\n        return Promise.reject(Error(`presentation payload does not match proof format ${proofFormat}`))\n      }\n      let header\n      if (!presentation.holder) {\n        presentation.holder = resolution.issuer\n      }\n      if (proofFormat === 'jwt') {\n        header = {\n          ...((isManagedIdentifierDidResult(resolution) || isManagedIdentifierX5cResult(resolution)) && resolution.kid && { kid: resolution.kid }),\n          ...(isManagedIdentifierX5cResult(resolution) && { jwk: resolution.jwk }),\n        }\n        if (presentation.verifier || !presentation.aud) {\n          presentation.aud = Array.isArray(presentation.verifier) ? presentation.verifier : (presentation.verifier ?? domain ?? args.domain)\n          delete presentation.verifier\n        }\n\n        if (!presentation.nbf) {\n          if (presentation.issuanceDate) {\n            const converted = Date.parse(presentation.issuanceDate)\n            if (!isNaN(converted)) {\n              presentation.nbf = Math.floor(converted / 1000) // no skew here, as an explicit value was given\n            }\n          } else {\n            presentation.nbf = Math.floor(Date.now() / 1000 - CLOCK_SKEW)\n          }\n        }\n\n        if (!presentation.iat) {\n          presentation.iat = presentation.nbf\n        }\n\n        if (!presentation.exp) {\n          if (presentation.expirationDate) {\n            const converted = Date.parse(presentation.expirationDate)\n            if (!isNaN(converted)) {\n              presentation.exp = Math.floor(converted / 1000) // no skew here as an explicit value w as given\n            }\n          } else {\n            presentation.exp = presentation.nbf + 600 + CLOCK_SKEW\n          }\n        }\n\n        if (!presentation.vp) {\n          presentation.vp = {}\n        }\n        /*if (!presentation.sub) {\n          presentation.sub = id.did\n        }*/\n        if (!presentation.vp.holder) {\n          presentation.vp.holder = presentation.holder\n        }\n      }\n\n      // we ignore the alg / proof_format for now, as we already have the kid anyway at this point\n\n      // todo: look for jwt_vc_json and remove types and @context\n\n      const vp = await context.agent.createVerifiablePresentation({\n        presentation: presentation as PresentationPayload,\n        removeOriginalFields: false,\n        keyRef: resolution.kmsKeyRef,\n        // domain: domain ?? args.domain, // handled above, and did-jwt-vc creates an array even for 1 entry\n        challenge: challenge ?? args.challenge,\n        fetchRemoteContexts: args.fetchRemoteContexts !== false,\n        proofFormat: proofFormat as ProofFormat,\n        header,\n      })\n\n      // makes sure we extract an actual JWT from the internal representation in case it is a JWT\n      return CredentialMapper.storedPresentationToOriginalFormat(vp as OriginalVerifiablePresentation)\n    }\n  }\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;AAAA;AAAA,gCAAAA,SAAA;AAAA,IAAAA,QAAA;AAAA,MACE,6BAA+B;AAAA,QAC7B,YAAc;AAAA,UACZ,SAAW;AAAA,YACT,qBAAuB;AAAA,cACrB,MAAQ;AAAA,cACR,YAAc;AAAA,gBACZ,WAAa;AAAA,kBACX,MAAQ;AAAA,gBACV;AAAA,gBACA,sBAAwB;AAAA,cAC1B;AAAA,cACA,UAAY,CAAC,WAAW;AAAA,cACxB,aAAe;AAAA,YACjB;AAAA,YACA,0BAA4B;AAAA,cAC1B,MAAQ;AAAA,cACR,YAAc;AAAA,gBACZ,YAAc;AAAA,kBACZ,MAAQ;AAAA,kBACR,YAAc;AAAA,oBACZ,KAAO;AAAA,sBACL,MAAQ;AAAA,oBACV;AAAA,oBACA,OAAS;AAAA,sBACP,MAAQ;AAAA,oBACV;AAAA,oBACA,UAAY;AAAA,sBACV,MAAQ;AAAA,oBACV;AAAA,oBACA,iBAAmB;AAAA,sBACjB,MAAQ;AAAA,oBACV;AAAA,oBACA,MAAQ;AAAA,sBACN,MAAQ;AAAA,sBACR,OAAS;AAAA,wBACP,MAAQ;AAAA,wBACR,YAAc;AAAA,0BACZ,sBAAwB;AAAA,wBAC1B;AAAA,sBACF;AAAA,oBACF;AAAA,oBACA,UAAY;AAAA,sBACV,MAAQ;AAAA,sBACR,OAAS;AAAA,wBACP,MAAQ;AAAA,wBACR,YAAc;AAAA,0BACZ,sBAAwB;AAAA,wBAC1B;AAAA,sBACF;AAAA,oBACF;AAAA,kBACF;AAAA,kBACA,sBAAwB;AAAA,kBACxB,UAAY,CAAC,OAAO,YAAY,QAAQ,UAAU;AAAA,gBACpD;AAAA,gBACA,WAAa;AAAA,kBACX,MAAQ;AAAA,gBACV;AAAA,gBACA,WAAa;AAAA,kBACX,MAAQ;AAAA,gBACV;AAAA,gBACA,sBAAwB;AAAA,cAC1B;AAAA,cACA,UAAY,CAAC,YAAY;AAAA,cACzB,aAAe;AAAA,YACjB;AAAA,YACA,wBAA0B;AAAA,cACxB,MAAQ;AAAA,cACR,YAAc;AAAA,gBACZ,WAAa;AAAA,kBACX,MAAQ;AAAA,gBACV;AAAA,gBACA,sBAAwB;AAAA,cAC1B;AAAA,cACA,UAAY,CAAC,WAAW;AAAA,cACxB,aAAe;AAAA,YACjB;AAAA,YACA,2BAA6B;AAAA,cAC3B,MAAQ;AAAA,cACR,YAAc;AAAA,gBACZ,WAAa;AAAA,kBACX,MAAQ;AAAA,gBACV;AAAA,gBACA,SAAW;AAAA,kBACT,MAAQ;AAAA,gBACV;AAAA,gBACA,aAAe;AAAA,kBACb,MAAQ;AAAA,gBACV;AAAA,gBACA,sBAAwB;AAAA,cAC1B;AAAA,cACA,UAAY,CAAC,aAAa,WAAW,aAAa;AAAA,cAClD,aAAe;AAAA,YACjB;AAAA,YACA,WAAa;AAAA,cACX,MAAQ;AAAA,cACR,YAAc;AAAA,gBACZ,QAAU;AAAA,kBACR,MAAQ;AAAA,gBACV;AAAA,gBACA,sBAAwB;AAAA,cAC1B;AAAA,cACA,UAAY,CAAC,QAAQ;AAAA,cACrB,aAAe;AAAA,YACjB;AAAA,YACA,yCAA2C;AAAA,cACzC,MAAQ;AAAA,cACR,YAAc;AAAA,gBACZ,WAAa;AAAA,kBACX,MAAQ;AAAA,gBACV;AAAA,gBACA,SAAW;AAAA,kBACT,MAAQ;AAAA,gBACV;AAAA,gBACA,aAAe;AAAA,kBACb,MAAQ;AAAA,gBACV;AAAA,gBACA,sBAAwB;AAAA,cAC1B;AAAA,cACA,UAAY,CAAC,aAAa,WAAW,aAAa;AAAA,cAClD,aAAe;AAAA,YACjB;AAAA,YACA,gCAAkC;AAAA,cAChC,MAAQ;AAAA,cACR,YAAc;AAAA,gBACZ,KAAO;AAAA,kBACL,MAAQ;AAAA,gBACV;AAAA,gBACA,gBAAkB;AAAA,kBAChB,MAAQ;AAAA,kBACR,YAAc;AAAA,oBACZ,sBAAwB;AAAA,kBAC1B;AAAA,gBACF;AAAA,gBACA,cAAgB;AAAA,kBACd,MAAQ;AAAA,kBACR,YAAc;AAAA,oBACZ,sBAAwB;AAAA,kBAC1B;AAAA,gBACF;AAAA,gBACA,sBAAwB;AAAA,cAC1B;AAAA,cACA,UAAY,CAAC,OAAO,kBAAkB,cAAc;AAAA,cACpD,aAAe;AAAA,YACjB;AAAA,YACA,0CAA4C;AAAA,cAC1C,MAAQ;AAAA,cACR,YAAc;AAAA,gBACZ,WAAa;AAAA,kBACX,MAAQ;AAAA,gBACV;AAAA,gBACA,+BAAiC;AAAA,kBAC/B,MAAQ;AAAA,kBACR,YAAc;AAAA,oBACZ,sBAAwB;AAAA,kBAC1B;AAAA,gBACF;AAAA,gBACA,kBAAoB;AAAA,kBAClB,MAAQ;AAAA,kBACR,YAAc;AAAA,oBACZ,sBAAwB;AAAA,kBAC1B;AAAA,gBACF;AAAA,gBACA,sBAAwB;AAAA,cAC1B;AAAA,cACA,UAAY,CAAC,aAAa,+BAA+B;AAAA,cACzD,aAAe;AAAA,YACjB;AAAA,YACA,qBAAuB;AAAA,cACrB,MAAQ;AAAA,cACR,YAAc;AAAA,gBACZ,IAAM;AAAA,kBACJ,MAAQ;AAAA,gBACV;AAAA,gBACA,aAAe;AAAA,kBACb,MAAQ;AAAA,kBACR,OAAS;AAAA,oBACP,MAAQ;AAAA,kBACV;AAAA,gBACF;AAAA,gBACA,gBAAkB;AAAA,kBAChB,MAAQ;AAAA,kBACR,YAAc;AAAA,oBACZ,sBAAwB;AAAA,kBAC1B;AAAA,gBACF;AAAA,gBACA,sBAAwB;AAAA,cAC1B;AAAA,cACA,UAAY,CAAC,MAAM,gBAAgB;AAAA,cACnC,aAAe;AAAA,YACjB;AAAA,YACA,yCAA2C;AAAA,cACzC,MAAQ;AAAA,cACR,YAAc;AAAA,gBACZ,WAAa;AAAA,kBACX,MAAQ;AAAA,gBACV;AAAA,gBACA,gCAAkC;AAAA,kBAChC,MAAQ;AAAA,kBACR,YAAc;AAAA,oBACZ,sBAAwB;AAAA,kBAC1B;AAAA,gBACF;AAAA,gBACA,sBAAwB;AAAA,cAC1B;AAAA,cACA,UAAY,CAAC,aAAa,gCAAgC;AAAA,cAC1D,aAAe;AAAA,YACjB;AAAA,YACA,8BAAgC;AAAA,cAC9B,MAAQ;AAAA,cACR,YAAc;AAAA,gBACZ,SAAW;AAAA,kBACT,MAAQ;AAAA,kBACR,YAAc;AAAA,oBACZ,sBAAwB;AAAA,kBAC1B;AAAA,gBACF;AAAA,gBACA,yBAA2B;AAAA,kBACzB,MAAQ;AAAA,kBACR,YAAc;AAAA,oBACZ,sBAAwB;AAAA,kBAC1B;AAAA,gBACF;AAAA,gBACA,YAAc;AAAA,kBACZ,MAAQ;AAAA,kBACR,YAAc;AAAA,oBACZ,sBAAwB;AAAA,kBAC1B;AAAA,gBACF;AAAA,gBACA,sBAAwB;AAAA,cAC1B;AAAA,cACA,UAAY,CAAC,WAAW,YAAY;AAAA,cACpC,aAAe;AAAA,YACjB;AAAA,YACA,qCAAuC;AAAA,cACrC,MAAQ;AAAA,cACR,YAAc;AAAA,gBACZ,WAAa;AAAA,kBACX,MAAQ;AAAA,gBACV;AAAA,gBACA,+BAAiC;AAAA,kBAC/B,MAAQ;AAAA,kBACR,YAAc;AAAA,oBACZ,sBAAwB;AAAA,kBAC1B;AAAA,gBACF;AAAA,gBACA,gCAAkC;AAAA,kBAChC,MAAQ;AAAA,kBACR,YAAc;AAAA,oBACZ,sBAAwB;AAAA,kBAC1B;AAAA,gBACF;AAAA,gBACA,sBAAwB;AAAA,cAC1B;AAAA,cACA,UAAY,CAAC,aAAa,+BAA+B;AAAA,cACzD,aAAe;AAAA,YACjB;AAAA,UACF;AAAA,UACA,SAAW;AAAA,YACT,mBAAqB;AAAA,cACnB,aAAe;AAAA,cACf,WAAa;AAAA,gBACX,MAAQ;AAAA,cACV;AAAA,cACA,YAAc;AAAA,YAChB;AAAA,YACA,wBAA0B;AAAA,cACxB,aAAe;AAAA,cACf,WAAa;AAAA,gBACX,MAAQ;AAAA,cACV;AAAA,cACA,YAAc;AAAA,YAChB;AAAA,YACA,sBAAwB;AAAA,cACtB,aAAe;AAAA,cACf,WAAa;AAAA,gBACX,MAAQ;AAAA,cACV;AAAA,cACA,YAAc;AAAA,YAChB;AAAA,YACA,sBAAwB;AAAA,cACtB,aAAe;AAAA,cACf,WAAa;AAAA,gBACX,MAAQ;AAAA,cACV;AAAA,cACA,YAAc;AAAA,gBACZ,MAAQ;AAAA,cACV;AAAA,YACF;AAAA,YACA,oCAAsC;AAAA,cACpC,aAAe;AAAA,cACf,WAAa;AAAA,gBACX,MAAQ;AAAA,cACV;AAAA,cACA,YAAc;AAAA,gBACZ,MAAQ;AAAA,cACV;AAAA,YACF;AAAA,YACA,qCAAuC;AAAA,cACrC,aAAe;AAAA,cACf,WAAa;AAAA,gBACX,MAAQ;AAAA,cACV;AAAA,cACA,YAAc;AAAA,gBACZ,MAAQ;AAAA,cACV;AAAA,YACF;AAAA,YACA,oCAAsC;AAAA,cACpC,aAAe;AAAA,cACf,WAAa;AAAA,gBACX,MAAQ;AAAA,cACV;AAAA,cACA,YAAc;AAAA,gBACZ,MAAQ;AAAA,cACV;AAAA,YACF;AAAA,YACA,gCAAkC;AAAA,cAChC,aAAe;AAAA,cACf,WAAa;AAAA,gBACX,MAAQ;AAAA,cACV;AAAA,cACA,YAAc;AAAA,gBACZ,MAAQ;AAAA,cACV;AAAA,YACF;AAAA,UACF;AAAA,QACF;AAAA,MACF;AAAA,IACF;AAAA;AAAA;;;ACxUA;;;;;;;;;ACaA,iBAAsD;AACtD,uBAAmG;AAEnG,yBAAuB;AACvB,qBAA2F;AAGpF,IAAMC,uBAAN,MAAMA;EApBb,OAoBaA;;;EACFC,SAASA,OAAOC;EACRC,MAAM,IAAIC,eAAAA;EAElBC,UAAiC;IACxCC,uBAAuB,KAAKA,sBAAsBC,KAAK,IAAI;IAC3DC,sBAAsB,KAAKA,qBAAqBD,KAAK,IAAI;IACzDE,gCAAgC,KAAKA,+BAA+BF,KAAK,IAAI;IAC7EG,kDAAkD,KAAKA,iDAAiDH,KAAK,IAAI;EACnH;EAEA,YAAYI,MAAgB;EAAC;EAE7B,MAAcL,sBAAsBM,MAAiD;AACnF,UAAM,EAAEC,WAAU,IAAKD;AACvB,UAAME,WAAsB,CAAA;AAE5B,QAAI;AACF,YAAMC,SAASX,eAAIY,mBAAmBH,UAAAA;AACtC,YAAMI,cAAcC,MAAMC,QAAQJ,MAAAA,IAAUA,SAAS;QAACA;;AACtDD,eAASM,KAAI,GAAIH,YAAYI,OAAO,CAACC,MAAMA,EAAEC,WAAW,OAAA,CAAA;IAC1D,SAASC,OAAO;AACdV,eAASM,KAAK;QACZG,QAAQ;QACRE,SACE,OAAOD,UAAU,WACbA,QACA,OAAOA,UAAU,YAAY,aAAcA,QACxCA,MAAgBC,UACjB;QACRC,KAAK;MACP,CAAA;IACF;AAEA,QAAIZ,SAASa,SAAS,GAAG;AACvB,YAAMC,MAAM,uBAAuBd,SAASe,IAAI,CAACP,MAAMA,EAAEG,OAAO,EAAEK,SAAQ,CAAA,EAAI;IAChF;AACA,WAAO;EACT;EAEA,MAAMtB,qBAAqBuB,wBAAkF;AAC3G,WAAO3B,eAAI4B,2BAA2BD,sBAAAA;EACxC;EAEA,MAAMtB,+BAA+BG,MAAuCqB,SAAsD;AAChI,UAAMC,cAAc,MAAM,KAAKC,qBAAqBvB,KAAKwB,sBAAsBH,OAAAA;AAC/E,UAAMI,aAAazB,KAAKyB,iBAAaC,2BAAO1B,KAAKyB,UAAU,QAAIC,2BAAO,MAAML,QAAQM,MAAMC,2BAA0B,CAAA;AACpH,UAAMC,gBAAgB,KAAKtC,IAAIuC,WAAW9B,KAAKmB,wBAAwBG,eAAe,CAAA,GAAI;MACxF,GAAGtB;MACHyB;MACAM,gCAAgC/B,KAAK+B,kCAAkC;QAAC;;IAC1E,CAAA;AACA,WAAO;MACLC,IAAIhC,KAAKmB,uBAAuBa;MAChCH;MACAI,qBAAqBJ,cAAcK,sBAAsBjB,IAAI,CAACkB,OAAOC,kCAAiBC,iCAAiCF,EAAAA,CAAAA,KAAQ,CAAA;IACjI;EACF;EAEA,MAAMrC,iDACJE,MACAqB,SACgD;AAChD,UAAMiB,iBAAiBtC,KAAKmB;AAC5B,UAAMG,cAAc,MAAM,KAAKC,qBAAqBvB,KAAKwB,wBAAwB,CAAC,GAAGH,OAAAA;AACrF,UAAMI,aAAazB,KAAKyB,iBAAaC,2BAAO1B,KAAKyB,UAAU,QAAIC,2BAAO,MAAML,QAAQM,MAAMC,2BAA0B,CAAA;AACpH,UAAMG,iCAAiC/B,KAAK+B;AAE5C,UAAMQ,WAAW,oBAAIC,IAAAA;AACrBF,mBAAeG,kBAAkBC,QAAQ,CAACC,oBAAAA;AACxC,YAAMxB,yBAAyB;QAC7Ba,IAAIW,gBAAgBX;QACpBS,mBAAmB;UAACE;;MACtB;AAEA,YAAMC,iBAAiB5C,KAAKwB,qBAAqBoB;AAEjDL,eAASM,IACPF,iBACA,KAAK9C,+BACH;QACE2B,sBAAsB;UAAEoB;UAAgBE,uBAAuBxB;QAAY;;QAE3EH;QACAM;QACAM;MACF,GACAV,OAAAA,CAAAA;IAGN,CAAA;AACA,UAAM0B,QAAQC,IAAIT,SAASU,OAAM,CAAA;AACjC,UAAM9C,SAAgD,CAAA;AACtD,eAAW+C,SAASX,SAASY,QAAO,GAAI;AACtChD,aAAOK,KAAK;QAAE,GAAI,MAAM0C,MAAM,CAAA;QAAKP,iBAAiBO,MAAM,CAAA;MAAG,CAAA;IAC/D;AACA,WAAO/C;EACT;EAEA,MAAcoB,qBACZ6B,YAKA/B,SACoC;AACpC,QAAI+B,WAAWN,yBAAyBM,WAAWN,sBAAsB/B,SAAS,GAAG;AACnF,aAAOqC,WAAWN;IACpB;AAEA,UAAMrC,aAAS4C,kDAAkCD,WAAWR,gBAAgBQ,WAAW3C,MAAM;AAC7F,UAAM6C,oBAAoB,MAAMjC,QAAQM,MAAM4B,wBAAwB;MAAE9C;IAAO,CAAA;AAE/E,WAAO6C,kBAAkBrC,IAAI,CAACuC,aAAAA;AAC5B,YAAMrB,KAAKqB,SAASC;AACpB,YAAMC,QAAQpD,MAAMC,QAAQ4B,GAAGuB,KAAK,IAAIvB,GAAGuB,QAAQ;QAACvB,GAAGuB;;AACvD,YAAMC,WAAWD,MAAME,KAAK,CAACC,MAAcA,GAAGC,SAASC,oCAAAA;AACvD,aAAOJ,WAAYA,SAASK,MAAqB7B;IACnD,CAAA;EACF;AACF;;;AC3IA,IAAA8B,sBAKO;AACP,IAAAC,oBAMO;AAIP,eAAsBC,kCACpBC,MAQAC,SAAyB;AAEzB,WAASC,qBAAqBC,eAI7B;AACC,UAAM,EAAEC,QAAQC,wBAAwBC,aAAY,IAAKH;AAEzD,QAAII,gBAAgBH,UAAUC,uBAAuBD,UAAUJ,KAAKI;AAEpE,QAAI,CAACG,iBAAiBF,uBAAuBG,kBAAkBC,UAAU,KAAK,YAAYJ,uBAAuBG,kBAAkB,CAAA,GAAI;AACrID,sBAAgBF,uBAAuBG,kBAAkB,CAAA,EAAGJ;IAC9D;AAEA,QAAI,CAACG,eAAe;AAClB,UAAIG,mCAAiBC,gCAAgCL,aAAaM,cAAc,GAAG;AACjF,eAAO;MACT,WAAWF,mCAAiBG,6BAA6BP,aAAaM,cAAc,GAAqC;AACvH,eAAO;MACT,WAAWF,mCAAiBI,kBAAkBR,aAAaM,cAAc,GAAG;AAC1E,YAAI,OAAON,aAAaS,kBAAkB,UAAU;AAClD,iBAAO;QACT;AACA,eAAO;MACT;AACA,aAAO;IACT,WAAW,OAAOR,kBAAkB,UAAU;AAE5C,aAAOA;IACT;AAGA,UAAMS,UAAU,IAAIC,IAClBC,OAAOC,KAAKZ,aAAAA,EAAea,IAAI,CAACC,SAAUA,KAAKC,SAAS,KAAA,IAAS,QAAQD,KAAKC,SAAS,WAAA,IAAe,cAAc,KAAA,CAAA;AAItH,QAAIN,QAAQO,SAAS,GAAG;AACtB,aAAOP,QAAQQ,OAAM,EAAGC,KAAI,EAAGC;IACjC;AACAV,YAAQG,KAAI,EAAGM,KAAI;AAEnB,QAAIT,QAAQW,IAAI,WAAA,GAAc;AAC5B,aAAO;IACT,WAESX,QAAQW,IAAI,KAAA,GAAQ;AAC3B,aAAO;IACT;AAGA,WAAO;EACT;AAnDSzB;AAqDT,SAAO,OAAO,EACZI,cACAsB,QACAvB,wBACAD,QACAyB,UAAS,MAOV;AACC,UAAMC,cAAc5B,qBAAqB;MAAEE;MAAQC;MAAwBC;IAAa,CAAA;AACxF,UAAM,EAAEyB,OAAM,IAAK/B;AACnB,UAAMgC,aAAa;AACnB,QAAIhC,KAAKiC,yBAAqBC,gDAA2BH,MAAAA,GAAS;AAChEA,aAAOI,6BAA6B;IACtC;AAEA,QAAI,oBAAoB7B,cAAc;AACpC,UAAIwB,gBAAgB,aAAa;AAC/B,eAAOM,QAAQC,OAAOC,MAAM,oDAAoDR,WAAAA,EAAa,CAAA;MAC/F;AAEA,YAAMS,qBAAqB,MAAMtC,QAAQuC,MAAMC,wBAAwB;QACrE,GAAIV,QAAQW,WAAW,oBAAoB;UAAEC,QAAQZ,QAAQa;QAAiB;QAC9EtC,cAAcA,aAAauC;QAC3BC,IAAI;UACFC,SAAS;YACP,GAAGzC,aAAa0C,OAAOD;YACvBE,KAAK3C,aAAa0C,OAAOD,SAASE,OAAOC,KAAKC,MAAMC,KAAKC,IAAG,IAAK,MAAOrB,UAAAA;YACxEsB,OAAOzB,aAAavB,aAAa0C,OAAOD,SAASO;YACjDC,KAAKjD,aAAa0C,OAAOD,SAASQ,OAAO3B,UAAU5B,KAAK4B;UAC1D;QACF;MACF,CAAA;AAEA,aAAOlB,mCAAiB8C,mCAAmCjB,mBAAmBjC,YAAY;IAC5F,OAAO;AACL,YAAMmD,aAAa,MAAMxD,QAAQuC,MAAMkB,qBAAqB3B,MAAAA;AAE5D,UAAID,gBAAgB,aAAa;AAC/B,eAAOM,QAAQC,OAAOC,MAAM,oDAAoDR,WAAAA,EAAa,CAAA;MAC/F;AACA,UAAI6B;AACJ,UAAI,CAACrD,aAAaqC,QAAQ;AACxBrC,qBAAaqC,SAASc,WAAWb;MACnC;AACA,UAAId,gBAAgB,OAAO;AACzB6B,iBAAS;UACP,QAAKC,kDAA6BH,UAAAA,SAAeI,kDAA6BJ,UAAAA,MAAgBA,WAAWK,OAAO;YAAEA,KAAKL,WAAWK;UAAI;UACtI,OAAID,kDAA6BJ,UAAAA,KAAe;YAAEM,KAAKN,WAAWM;UAAI;QACxE;AACA,YAAIzD,aAAa0D,YAAY,CAAC1D,aAAaiD,KAAK;AAC9CjD,uBAAaiD,MAAMU,MAAMC,QAAQ5D,aAAa0D,QAAQ,IAAI1D,aAAa0D,WAAY1D,aAAa0D,YAAYpC,UAAU5B,KAAK4B;AAC3H,iBAAOtB,aAAa0D;QACtB;AAEA,YAAI,CAAC1D,aAAa6D,KAAK;AACrB,cAAI7D,aAAa8D,cAAc;AAC7B,kBAAMC,YAAYjB,KAAKkB,MAAMhE,aAAa8D,YAAY;AACtD,gBAAI,CAACG,MAAMF,SAAAA,GAAY;AACrB/D,2BAAa6D,MAAMjB,KAAKC,MAAMkB,YAAY,GAAA;YAC5C;UACF,OAAO;AACL/D,yBAAa6D,MAAMjB,KAAKC,MAAMC,KAAKC,IAAG,IAAK,MAAOrB,UAAAA;UACpD;QACF;AAEA,YAAI,CAAC1B,aAAa2C,KAAK;AACrB3C,uBAAa2C,MAAM3C,aAAa6D;QAClC;AAEA,YAAI,CAAC7D,aAAakE,KAAK;AACrB,cAAIlE,aAAamE,gBAAgB;AAC/B,kBAAMJ,YAAYjB,KAAKkB,MAAMhE,aAAamE,cAAc;AACxD,gBAAI,CAACF,MAAMF,SAAAA,GAAY;AACrB/D,2BAAakE,MAAMtB,KAAKC,MAAMkB,YAAY,GAAA;YAC5C;UACF,OAAO;AACL/D,yBAAakE,MAAMlE,aAAa6D,MAAM,MAAMnC;UAC9C;QACF;AAEA,YAAI,CAAC1B,aAAaoE,IAAI;AACpBpE,uBAAaoE,KAAK,CAAC;QACrB;AAIA,YAAI,CAACpE,aAAaoE,GAAG/B,QAAQ;AAC3BrC,uBAAaoE,GAAG/B,SAASrC,aAAaqC;QACxC;MACF;AAMA,YAAM+B,KAAK,MAAMzE,QAAQuC,MAAMmC,6BAA6B;QAC1DrE;QACAsE,sBAAsB;QACtBC,QAAQpB,WAAWqB;;QAEnBjD,WAAWA,aAAa7B,KAAK6B;QAC7BkD,qBAAqB/E,KAAK+E,wBAAwB;QAClDjD;QACA6B;MACF,CAAA;AAGA,aAAOjD,mCAAiB8C,mCAAmCkB,EAAAA;IAC7D;EACF;AACF;AAnLsB3E;;;AFftB,IAAMiF,SAASC;","names":["module","PresentationExchange","schema","IDidAuthSiopOpAuthenticator","pex","PEX","methods","pexValidateDefinition","bind","pexDefinitionVersion","pexDefinitionFilterCredentials","pexDefinitionFilterCredentialsPerInputDescriptor","opts","args","definition","invalids","result","validateDefinition","validations","Array","isArray","push","filter","v","status","error","message","tag","length","Error","map","toString","presentationDefinition","definitionVersionDiscovery","context","credentials","pexFilterCredentials","credentialFilterOpts","holderDIDs","toDIDs","agent","dataStoreORMGetIdentifiers","selectResults","selectFrom","limitDisclosureSignatureSuites","id","filteredCredentials","verifiableCredential","vc","CredentialMapper","storedCredentialToOriginalFormat","origDefinition","promises","Map","input_descriptors","forEach","inputDescriptor","credentialRole","set","verifiableCredentials","Promise","all","values","entry","entries","filterOpts","verifiableCredentialForRoleFilter","uniqueCredentials","crsGetUniqueCredentials","uniqueVC","uniformVerifiableCredential","proof","jwtProof","find","p","type","JWT_PROOF_TYPE_2020","jwt","import_ssi_sdk_ext","import_ssi_types","createPEXPresentationSignCallback","args","context","determineProofFormat","determineArgs","format","presentationDefinition","presentation","formatOptions","input_descriptors","length","CredentialMapper","isSdJwtDecodedCredentialPayload","decodedPayload","isMsoMdocDecodedPresentation","isW3cPresentation","signedPayload","formats","Set","Object","keys","map","form","includes","size","values","next","value","has","domain","challenge","proofFormat","idOpts","CLOCK_SKEW","skipDidResolution","isManagedIdentifierDidOpts","offlineWhenNoDIDRegistered","Promise","reject","Error","presentationResult","agent","createSdJwtPresentation","method","holder","issuer","compactSdJwtVc","kb","payload","kbJwt","iat","Math","floor","Date","now","nonce","aud","storedPresentationToOriginalFormat","resolution","identifierManagedGet","header","isManagedIdentifierDidResult","isManagedIdentifierX5cResult","kid","jwk","verifier","Array","isArray","nbf","issuanceDate","converted","parse","isNaN","exp","expirationDate","vp","createVerifiablePresentation","removeOriginalFields","keyRef","kmsKeyRef","fetchRemoteContexts","schema","require"]}
+{"version":3,"sources":["../plugin.schema.json","../src/index.ts","../src/agent/PresentationExchange.ts","../src/functions.ts"],"sourcesContent":["{\n  \"IDidAuthSiopOpAuthenticator\": {\n    \"components\": {\n      \"schemas\": {\n        \"IGetSiopSessionArgs\": {\n          \"type\": \"object\",\n          \"properties\": {\n            \"sessionId\": {\n              \"type\": \"string\"\n            },\n            \"additionalProperties\": false\n          },\n          \"required\": [\"sessionId\"],\n          \"description\": \"Arguments needed for {@link DidAuthSiopOpAuthenticator.getSessionForSiop } \"\n        },\n        \"IRegisterSiopSessionArgs\": {\n          \"type\": \"object\",\n          \"properties\": {\n            \"identifier\": {\n              \"type\": \"object\",\n              \"properties\": {\n                \"did\": {\n                  \"type\": \"string\"\n                },\n                \"alias\": {\n                  \"type\": \"string\"\n                },\n                \"provider\": {\n                  \"type\": \"string\"\n                },\n                \"controllerKeyId\": {\n                  \"type\": \"string\"\n                },\n                \"keys\": {\n                  \"type\": \"array\",\n                  \"items\": {\n                    \"type\": \"object\",\n                    \"properties\": {\n                      \"additionalProperties\": true\n                    }\n                  }\n                },\n                \"services\": {\n                  \"type\": \"array\",\n                  \"items\": {\n                    \"type\": \"object\",\n                    \"properties\": {\n                      \"additionalProperties\": true\n                    }\n                  }\n                }\n              },\n              \"additionalProperties\": false,\n              \"required\": [\"did\", \"provider\", \"keys\", \"services\"]\n            },\n            \"sessionId\": {\n              \"type\": \"string\"\n            },\n            \"expiresIn\": {\n              \"type\": \"number\"\n            },\n            \"additionalProperties\": false\n          },\n          \"required\": [\"identifier\"],\n          \"description\": \"Arguments needed for {@link DidAuthSiopOpAuthenticator.registerSessionForSiop } \"\n        },\n        \"IRemoveSiopSessionArgs\": {\n          \"type\": \"object\",\n          \"properties\": {\n            \"sessionId\": {\n              \"type\": \"string\"\n            },\n            \"additionalProperties\": false\n          },\n          \"required\": [\"sessionId\"],\n          \"description\": \"Arguments needed for {@link DidAuthSiopOpAuthenticator.removeSessionForSiop } \"\n        },\n        \"IAuthenticateWithSiopArgs\": {\n          \"type\": \"object\",\n          \"properties\": {\n            \"sessionId\": {\n              \"type\": \"string\"\n            },\n            \"stateId\": {\n              \"type\": \"string\"\n            },\n            \"redirectUrl\": {\n              \"type\": \"string\"\n            },\n            \"additionalProperties\": false\n          },\n          \"required\": [\"sessionId\", \"stateId\", \"redirectUrl\"],\n          \"description\": \"Arguments needed for {@link DidAuthSiopOpAuthenticator.authenticateWithSiop } \"\n        },\n        \"IResponse\": {\n          \"type\": \"object\",\n          \"properties\": {\n            \"status\": {\n              \"type\": \"number\"\n            },\n            \"additionalProperties\": true\n          },\n          \"required\": [\"status\"],\n          \"description\": \"Result of {@link DidAuthSiopOpAuthenticator.authenticateWithSiop & DidAuthSiopOpAuthenticator.sendSiopAuthenticationResponse } \"\n        },\n        \"IGetSiopAuthenticationRequestFromRpArgs\": {\n          \"type\": \"object\",\n          \"properties\": {\n            \"sessionId\": {\n              \"type\": \"string\"\n            },\n            \"stateId\": {\n              \"type\": \"string\"\n            },\n            \"redirectUrl\": {\n              \"type\": \"string\"\n            },\n            \"additionalProperties\": false\n          },\n          \"required\": [\"sessionId\", \"stateId\", \"redirectUrl\"],\n          \"description\": \"Arguments needed for {@link DidAuthSiopOpAuthenticator.getSiopAuthenticationRequestFromRP } \"\n        },\n        \"ParsedAuthenticationRequestURI\": {\n          \"type\": \"object\",\n          \"properties\": {\n            \"jwt\": {\n              \"type\": \"string\"\n            },\n            \"requestPayload\": {\n              \"type\": \"object\",\n              \"properties\": {\n                \"additionalProperties\": true\n              }\n            },\n            \"registration\": {\n              \"type\": \"object\",\n              \"properties\": {\n                \"additionalProperties\": true\n              }\n            },\n            \"additionalProperties\": false\n          },\n          \"required\": [\"jwt\", \"requestPayload\", \"registration\"],\n          \"description\": \"Result of {@link DidAuthSiopOpAuthenticator.getSiopAuthenticationRequestFromRP } \"\n        },\n        \"IGetSiopAuthenticationRequestDetailsArgs\": {\n          \"type\": \"object\",\n          \"properties\": {\n            \"sessionId\": {\n              \"type\": \"string\"\n            },\n            \"verifiedAuthenticationRequest\": {\n              \"type\": \"object\",\n              \"properties\": {\n                \"additionalProperties\": true\n              }\n            },\n            \"credentialFilter\": {\n              \"type\": \"object\",\n              \"properties\": {\n                \"additionalProperties\": true\n              }\n            },\n            \"additionalProperties\": false\n          },\n          \"required\": [\"sessionId\", \"verifiedAuthenticationRequest\"],\n          \"description\": \"Arguments needed for {@link DidAuthSiopOpAuthenticator.getSiopAuthenticationRequestDetails } \"\n        },\n        \"IAuthRequestDetails\": {\n          \"type\": \"object\",\n          \"properties\": {\n            \"id\": {\n              \"type\": \"string\"\n            },\n            \"alsoKnownAs\": {\n              \"type\": \"array\",\n              \"items\": {\n                \"type\": \"string\"\n              }\n            },\n            \"vpResponseOpts\": {\n              \"type\": \"object\",\n              \"properties\": {\n                \"additionalProperties\": true\n              }\n            },\n            \"additionalProperties\": false\n          },\n          \"required\": [\"id\", \"vpResponseOpts\"],\n          \"description\": \"Result of {@link DidAuthSiopOpAuthenticator.getSiopAuthenticationRequestDetails } \"\n        },\n        \"IVerifySiopAuthenticationRequestUriArgs\": {\n          \"type\": \"object\",\n          \"properties\": {\n            \"sessionId\": {\n              \"type\": \"string\"\n            },\n            \"ParsedAuthenticationRequestURI\": {\n              \"type\": \"object\",\n              \"properties\": {\n                \"additionalProperties\": true\n              }\n            },\n            \"additionalProperties\": false\n          },\n          \"required\": [\"sessionId\", \"ParsedAuthenticationRequestURI\"],\n          \"description\": \"Arguments needed for {@link DidAuthSiopOpAuthenticator.verifySiopAuthenticationRequestURI } \"\n        },\n        \"VerifiedAuthorizationRequest\": {\n          \"type\": \"object\",\n          \"properties\": {\n            \"payload\": {\n              \"type\": \"object\",\n              \"properties\": {\n                \"additionalProperties\": true\n              }\n            },\n            \"presentationDefinitions\": {\n              \"type\": \"object\",\n              \"properties\": {\n                \"additionalProperties\": true\n              }\n            },\n            \"verifyOpts\": {\n              \"type\": \"object\",\n              \"properties\": {\n                \"additionalProperties\": true\n              }\n            },\n            \"additionalProperties\": false\n          },\n          \"required\": [\"payload\", \"verifyOpts\"],\n          \"description\": \"Result of {@link DidAuthSiopOpAuthenticator.verifySiopAuthenticationRequestURI } \"\n        },\n        \"ISendSiopAuthenticationResponseArgs\": {\n          \"type\": \"object\",\n          \"properties\": {\n            \"sessionId\": {\n              \"type\": \"string\"\n            },\n            \"verifiedAuthenticationRequest\": {\n              \"type\": \"object\",\n              \"properties\": {\n                \"additionalProperties\": true\n              }\n            },\n            \"verifiablePresentationResponse\": {\n              \"type\": \"object\",\n              \"properties\": {\n                \"additionalProperties\": true\n              }\n            },\n            \"additionalProperties\": false\n          },\n          \"required\": [\"sessionId\", \"verifiedAuthenticationRequest\"],\n          \"description\": \"Arguments needed for {@link DidAuthSiopOpAuthenticator.sendSiopAuthenticationResponse } \"\n        }\n      },\n      \"methods\": {\n        \"getSessionForSiop\": {\n          \"description\": \"Get SIOP session\",\n          \"arguments\": {\n            \"$ref\": \"#/components/schemas/IGetSiopSessionArgs\"\n          },\n          \"returnType\": \"object\"\n        },\n        \"registerSessionForSiop\": {\n          \"description\": \"Register SIOP session\",\n          \"arguments\": {\n            \"$ref\": \"#/components/schemas/IRegisterSiopSessionArgs\"\n          },\n          \"returnType\": \"object\"\n        },\n        \"removeSessionForSiop\": {\n          \"description\": \"Remove SIOP session\",\n          \"arguments\": {\n            \"$ref\": \"#/components/schemas/IRemoveSiopSessionArgs\"\n          },\n          \"returnType\": \"boolean\"\n        },\n        \"authenticateWithSiop\": {\n          \"description\": \"Authenticate using DID Auth SIOP\",\n          \"arguments\": {\n            \"$ref\": \"#/components/schemas/IAuthenticateWithSiopArgs\"\n          },\n          \"returnType\": {\n            \"$ref\": \"#/components/schemas/Response\"\n          }\n        },\n        \"getSiopAuthenticationRequestFromRP\": {\n          \"description\": \"Get authentication request from RP\",\n          \"arguments\": {\n            \"$ref\": \"#/components/schemas/IGetSiopAuthenticationRequestFromRpArgs\"\n          },\n          \"returnType\": {\n            \"$ref\": \"#/components/schemas/ParsedAuthenticationRequestURI\"\n          }\n        },\n        \"getSiopAuthenticationRequestDetails\": {\n          \"description\": \"Get authentication request details\",\n          \"arguments\": {\n            \"$ref\": \"#/components/schemas/IGetSiopAuthenticationRequestDetailsArgs\"\n          },\n          \"returnType\": {\n            \"$ref\": \"#/components/schemas/IAuthRequestDetails\"\n          }\n        },\n        \"verifySiopAuthenticationRequestURI\": {\n          \"description\": \"Verify authentication request URI\",\n          \"arguments\": {\n            \"$ref\": \"#/components/schemas/IVerifySiopAuthenticationRequestUriArgs\"\n          },\n          \"returnType\": {\n            \"$ref\": \"#/components/schemas/VerifiedAuthorizationRequest\"\n          }\n        },\n        \"sendSiopAuthenticationResponse\": {\n          \"description\": \"Send authentication response\",\n          \"arguments\": {\n            \"$ref\": \"#/components/schemas/ISendSiopAuthenticationResponseArgs\"\n          },\n          \"returnType\": {\n            \"$ref\": \"#/components/schemas/IRequiredContext\"\n          }\n        }\n      }\n    }\n  }\n}\n","/**\n * @public\n */\nconst schema = require('../plugin.schema.json')\nexport { schema }\nexport { PresentationExchange } from './agent/PresentationExchange'\nexport * from './types/IPresentationExchange'\nexport * from './functions'\n","import {\n  IDefinitionCredentialFilterArgs,\n  IDefinitionValidateArgs,\n  IPEXFilterResult,\n  IPEXFilterResultWithInputDescriptor,\n  IRequiredContext,\n  PEXOpts,\n  schema,\n  VersionDiscoveryResult,\n} from '../index'\nimport { IAgentPlugin } from '@veramo/core'\n\nimport { IPresentationExchange } from '../types/IPresentationExchange'\nimport { Checked, IPresentationDefinition, PEX } from '@sphereon/pex'\nimport { CompactJWT, CredentialMapper, IProof, JWT_PROOF_TYPE_2020, W3CVerifiableCredential } from '@sphereon/ssi-types'\nimport { InputDescriptorV1, InputDescriptorV2 } from '@sphereon/pex-models'\nimport { toDIDs } from '@sphereon/ssi-sdk-ext.did-utils'\nimport { CredentialRole, UniqueDigitalCredential, verifiableCredentialForRoleFilter } from '@sphereon/ssi-sdk.credential-store'\nimport { FindDigitalCredentialArgs } from '@sphereon/ssi-sdk.data-store-types'\n\nexport class PresentationExchange implements IAgentPlugin {\n  readonly schema = schema.IDidAuthSiopOpAuthenticator\n  private readonly pex = new PEX()\n\n  readonly methods: IPresentationExchange = {\n    pexValidateDefinition: this.pexValidateDefinition.bind(this),\n    pexDefinitionVersion: this.pexDefinitionVersion.bind(this),\n    pexDefinitionFilterCredentials: this.pexDefinitionFilterCredentials.bind(this),\n    pexDefinitionFilterCredentialsPerInputDescriptor: this.pexDefinitionFilterCredentialsPerInputDescriptor.bind(this),\n  }\n\n  constructor(opts?: PEXOpts) {}\n\n  private async pexValidateDefinition(args: IDefinitionValidateArgs): Promise<boolean> {\n    const { definition } = args\n    const invalids: Checked[] = []\n\n    try {\n      const result = PEX.validateDefinition(definition)\n      const validations = Array.isArray(result) ? result : [result]\n      invalids.push(...validations.filter((v) => v.status === 'error'))\n    } catch (error) {\n      invalids.push({\n        status: 'error',\n        message:\n          typeof error === 'string'\n            ? error\n            : typeof error === 'object' && 'message' in (error as object)\n              ? (error as Error).message\n              : 'unknown error',\n        tag: 'validation',\n      })\n    }\n\n    if (invalids.length > 0) {\n      throw Error(`Invalid definition. ${invalids.map((v) => v.message).toString()}`)\n    }\n    return true // Never returns false, but REST API does not allow Promise<void>\n  }\n\n  async pexDefinitionVersion(presentationDefinition: IPresentationDefinition): Promise<VersionDiscoveryResult> {\n    return PEX.definitionVersionDiscovery(presentationDefinition)\n  }\n\n  async pexDefinitionFilterCredentials(args: IDefinitionCredentialFilterArgs, context: IRequiredContext): Promise<IPEXFilterResult> {\n    const credentials = await this.pexFilterCredentials(args.credentialFilterOpts, context)\n    const holderDIDs = args.holderDIDs ? toDIDs(args.holderDIDs) : toDIDs(await context.agent.dataStoreORMGetIdentifiers())\n    const selectResults = this.pex.selectFrom(args.presentationDefinition, credentials ?? [], {\n      ...args,\n      holderDIDs,\n      limitDisclosureSignatureSuites: args.limitDisclosureSignatureSuites ?? ['BbsBlsSignature2020'],\n    })\n    return {\n      id: args.presentationDefinition.id,\n      selectResults,\n      filteredCredentials: selectResults.verifiableCredential?.map((vc) => CredentialMapper.storedCredentialToOriginalFormat(vc)) ?? [],\n    }\n  }\n\n  async pexDefinitionFilterCredentialsPerInputDescriptor(\n    args: IDefinitionCredentialFilterArgs,\n    context: IRequiredContext,\n  ): Promise<IPEXFilterResultWithInputDescriptor[]> {\n    const origDefinition = args.presentationDefinition\n    const credentials = await this.pexFilterCredentials(args.credentialFilterOpts ?? {}, context)\n    const holderDIDs = args.holderDIDs ? toDIDs(args.holderDIDs) : toDIDs(await context.agent.dataStoreORMGetIdentifiers())\n    const limitDisclosureSignatureSuites = args.limitDisclosureSignatureSuites\n\n    const promises = new Map<InputDescriptorV1 | InputDescriptorV2, Promise<IPEXFilterResult>>()\n    origDefinition.input_descriptors.forEach((inputDescriptor) => {\n      const presentationDefinition = {\n        id: inputDescriptor.id,\n        input_descriptors: [inputDescriptor],\n      }\n\n      const credentialRole = args.credentialFilterOpts.credentialRole\n\n      promises.set(\n        inputDescriptor,\n        this.pexDefinitionFilterCredentials(\n          {\n            credentialFilterOpts: { credentialRole, verifiableCredentials: credentials },\n            // @ts-ignore\n            presentationDefinition,\n            holderDIDs,\n            limitDisclosureSignatureSuites,\n          },\n          context,\n        ),\n      )\n    })\n    await Promise.all(promises.values())\n    const result: IPEXFilterResultWithInputDescriptor[] = []\n    for (const entry of promises.entries()) {\n      result.push({ ...(await entry[1]), inputDescriptor: entry[0] })\n    }\n    return result\n  }\n\n  private async pexFilterCredentials(\n    filterOpts: {\n      credentialRole: CredentialRole\n      verifiableCredentials?: W3CVerifiableCredential[]\n      filter?: FindDigitalCredentialArgs\n    },\n    context: IRequiredContext,\n  ): Promise<W3CVerifiableCredential[]> {\n    if (filterOpts.verifiableCredentials && filterOpts.verifiableCredentials.length > 0) {\n      return filterOpts.verifiableCredentials as W3CVerifiableCredential[]\n    }\n\n    const filter = verifiableCredentialForRoleFilter(filterOpts.credentialRole, filterOpts.filter)\n    const uniqueCredentials = await context.agent.crsGetUniqueCredentials({ filter })\n\n    return uniqueCredentials.map((uniqueVC: UniqueDigitalCredential) => {\n      const vc = uniqueVC.uniformVerifiableCredential!\n      const proof = Array.isArray(vc.proof) ? vc.proof : [vc.proof]\n      const jwtProof = proof.find((p: IProof) => p?.type === JWT_PROOF_TYPE_2020)\n      return jwtProof ? (jwtProof.jwt as CompactJWT) : vc\n    })\n  }\n}\n","import { IPresentationDefinition } from '@sphereon/pex'\nimport { Format } from '@sphereon/pex-models'\nimport {\n  isManagedIdentifierDidOpts,\n  isManagedIdentifierDidResult,\n  isManagedIdentifierX5cResult,\n  ManagedIdentifierOptsOrResult,\n} from '@sphereon/ssi-sdk-ext.identifier-resolution'\nimport {\n  CredentialMapper,\n  Optional,\n  OriginalVerifiablePresentation,\n  SdJwtDecodedVerifiableCredential,\n  W3CVerifiablePresentation,\n} from '@sphereon/ssi-types'\nimport { PresentationPayload, ProofFormat } from '@veramo/core'\nimport { IPEXPresentationSignCallback, IRequiredContext } from './types/IPresentationExchange'\n\nexport async function createPEXPresentationSignCallback(\n  args: {\n    idOpts: ManagedIdentifierOptsOrResult\n    fetchRemoteContexts?: boolean\n    skipDidResolution?: boolean\n    format?: Format | ProofFormat\n    domain?: string\n    challenge?: string\n  },\n  context: IRequiredContext,\n): Promise<IPEXPresentationSignCallback> {\n  function determineProofFormat(determineArgs: {\n    format?: Format | 'jwt' | 'lds' | 'EthereumEip712Signature2021'\n    presentationDefinition: IPresentationDefinition\n    presentation: Optional<PresentationPayload, 'holder'> | SdJwtDecodedVerifiableCredential\n  }): string {\n    const { format, presentationDefinition, presentation } = determineArgs\n\n    var formatOptions = format ?? presentationDefinition.format ?? args.format\n    // TODO Refactor so it takes into account the Input Descriptors and we can lookup from there. Now we only do that if there is 1 descriptor\n    if (!formatOptions && presentationDefinition.input_descriptors.length == 1 && 'format' in presentationDefinition.input_descriptors[0]) {\n      formatOptions = presentationDefinition.input_descriptors[0].format\n    }\n    // All format arguments are optional. So if no format has been given we go for the most supported 'jwt'\n    if (!formatOptions) {\n      if (CredentialMapper.isSdJwtDecodedCredentialPayload(presentation.decodedPayload)) {\n        return 'dc+sd-jwt'\n      } else if (CredentialMapper.isMsoMdocDecodedPresentation(presentation.decodedPayload as OriginalVerifiablePresentation)) {\n        return 'mso_mdoc'\n      } else if (CredentialMapper.isW3cPresentation(presentation.decodedPayload)) {\n        if (typeof presentation.signedPayload === 'string') {\n          return 'jwt'\n        }\n        return 'lds'\n      }\n      return 'jwt'\n    } else if (typeof formatOptions === 'string') {\n      // if formatOptions is a singular string we can return that as the format\n      return formatOptions\n    }\n\n    // here we transform all format options to either lds or jwt. but we also want to support sd-jwt, so we need to specifically check for this one. which is ['dc+sd-jwt']\n    const formats = new Set(\n      Object.keys(formatOptions).map((form) => (form.includes('ldp') ? 'lds' : form.includes('dc+sd-jwt') ? 'dc+sd-jwt' : 'jwt')),\n    )\n\n    // if we only have 1 format type we can return that\n    if (formats.size === 1) {\n      return formats.values().next().value!!\n    }\n    formats.keys().next()\n    // if we can go for sd-jwt, we go for sd-jwt\n    if (formats.has('dc+sd-jwt')) {\n      return 'dc+sd-jwt'\n    }\n    // if it is not sd-jwt we would like to go for jwt\n    else if (formats.has('jwt')) {\n      return 'jwt'\n    }\n\n    // else we go for lds\n    return 'lds'\n  }\n\n  return async ({\n    presentation,\n    domain,\n    presentationDefinition,\n    format,\n    challenge,\n  }: {\n    presentation: Optional<PresentationPayload, 'holder'> | SdJwtDecodedVerifiableCredential\n    presentationDefinition: IPresentationDefinition\n    format?: Format | ProofFormat\n    domain?: string\n    challenge?: string\n  }): Promise<W3CVerifiablePresentation> => {\n    const proofFormat = determineProofFormat({ format, presentationDefinition, presentation })\n    const { idOpts } = args\n    const CLOCK_SKEW = 120\n    if (args.skipDidResolution && isManagedIdentifierDidOpts(idOpts)) {\n      idOpts.offlineWhenNoDIDRegistered = true\n    }\n\n    if ('compactSdJwtVc' in presentation) {\n      if (proofFormat !== 'dc+sd-jwt') {\n        return Promise.reject(Error(`presentation payload does not match proof format ${proofFormat}`))\n      }\n\n      const presentationResult = await context.agent.createSdJwtPresentation({\n        ...(idOpts?.method === 'oid4vci-issuer' && { holder: idOpts?.issuer as string }),\n        presentation: presentation.compactSdJwtVc,\n        kb: {\n          payload: {\n            ...presentation.kbJwt?.payload,\n            iat: presentation.kbJwt?.payload?.iat ?? Math.floor(Date.now() / 1000 - CLOCK_SKEW),\n            nonce: challenge ?? presentation.kbJwt?.payload?.nonce,\n            aud: presentation.kbJwt?.payload?.aud ?? domain ?? args.domain,\n          },\n        },\n      })\n\n      return CredentialMapper.storedPresentationToOriginalFormat(presentationResult.presentation as OriginalVerifiablePresentation)\n    } else {\n      const resolution = await context.agent.identifierManagedGet(idOpts)\n\n      if (proofFormat === 'dc+sd-jwt') {\n        return Promise.reject(Error(`presentation payload does not match proof format ${proofFormat}`))\n      }\n      let header\n      if (!presentation.holder) {\n        presentation.holder = resolution.issuer\n      }\n      if (proofFormat === 'jwt') {\n        header = {\n          ...((isManagedIdentifierDidResult(resolution) || isManagedIdentifierX5cResult(resolution)) && resolution.kid && { kid: resolution.kid }),\n          ...(isManagedIdentifierX5cResult(resolution) && { jwk: resolution.jwk }),\n        }\n        if (presentation.verifier || !presentation.aud) {\n          presentation.aud = Array.isArray(presentation.verifier) ? presentation.verifier : (presentation.verifier ?? domain ?? args.domain)\n          delete presentation.verifier\n        }\n\n        if (!presentation.nbf) {\n          if (presentation.issuanceDate) {\n            const converted = Date.parse(presentation.issuanceDate)\n            if (!isNaN(converted)) {\n              presentation.nbf = Math.floor(converted / 1000) // no skew here, as an explicit value was given\n            }\n          } else {\n            presentation.nbf = Math.floor(Date.now() / 1000 - CLOCK_SKEW)\n          }\n        }\n\n        if (!presentation.iat) {\n          presentation.iat = presentation.nbf\n        }\n\n        if (!presentation.exp) {\n          if (presentation.expirationDate) {\n            const converted = Date.parse(presentation.expirationDate)\n            if (!isNaN(converted)) {\n              presentation.exp = Math.floor(converted / 1000) // no skew here as an explicit value w as given\n            }\n          } else {\n            presentation.exp = presentation.nbf + 600 + CLOCK_SKEW\n          }\n        }\n\n        if (!presentation.vp) {\n          presentation.vp = {}\n        }\n        /*if (!presentation.sub) {\n          presentation.sub = id.did\n        }*/\n        if (!presentation.vp.holder) {\n          presentation.vp.holder = presentation.holder\n        }\n      }\n\n      // we ignore the alg / proof_format for now, as we already have the kid anyway at this point\n\n      // todo: look for jwt_vc_json and remove types and @context\n\n      const vp = await context.agent.createVerifiablePresentation({\n        presentation: presentation as PresentationPayload,\n        removeOriginalFields: false,\n        keyRef: resolution.kmsKeyRef,\n        // domain: domain ?? args.domain, // handled above, and did-jwt-vc creates an array even for 1 entry\n        challenge: challenge ?? args.challenge,\n        fetchRemoteContexts: args.fetchRemoteContexts !== false,\n        proofFormat: proofFormat as ProofFormat,\n        header,\n      })\n\n      // makes sure we extract an actual JWT from the internal representation in case it is a JWT\n      return CredentialMapper.storedPresentationToOriginalFormat(vp as OriginalVerifiablePresentation)\n    }\n  }\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;AAAA;AAAA,gCAAAA,SAAA;AAAA,IAAAA,QAAA;AAAA,MACE,6BAA+B;AAAA,QAC7B,YAAc;AAAA,UACZ,SAAW;AAAA,YACT,qBAAuB;AAAA,cACrB,MAAQ;AAAA,cACR,YAAc;AAAA,gBACZ,WAAa;AAAA,kBACX,MAAQ;AAAA,gBACV;AAAA,gBACA,sBAAwB;AAAA,cAC1B;AAAA,cACA,UAAY,CAAC,WAAW;AAAA,cACxB,aAAe;AAAA,YACjB;AAAA,YACA,0BAA4B;AAAA,cAC1B,MAAQ;AAAA,cACR,YAAc;AAAA,gBACZ,YAAc;AAAA,kBACZ,MAAQ;AAAA,kBACR,YAAc;AAAA,oBACZ,KAAO;AAAA,sBACL,MAAQ;AAAA,oBACV;AAAA,oBACA,OAAS;AAAA,sBACP,MAAQ;AAAA,oBACV;AAAA,oBACA,UAAY;AAAA,sBACV,MAAQ;AAAA,oBACV;AAAA,oBACA,iBAAmB;AAAA,sBACjB,MAAQ;AAAA,oBACV;AAAA,oBACA,MAAQ;AAAA,sBACN,MAAQ;AAAA,sBACR,OAAS;AAAA,wBACP,MAAQ;AAAA,wBACR,YAAc;AAAA,0BACZ,sBAAwB;AAAA,wBAC1B;AAAA,sBACF;AAAA,oBACF;AAAA,oBACA,UAAY;AAAA,sBACV,MAAQ;AAAA,sBACR,OAAS;AAAA,wBACP,MAAQ;AAAA,wBACR,YAAc;AAAA,0BACZ,sBAAwB;AAAA,wBAC1B;AAAA,sBACF;AAAA,oBACF;AAAA,kBACF;AAAA,kBACA,sBAAwB;AAAA,kBACxB,UAAY,CAAC,OAAO,YAAY,QAAQ,UAAU;AAAA,gBACpD;AAAA,gBACA,WAAa;AAAA,kBACX,MAAQ;AAAA,gBACV;AAAA,gBACA,WAAa;AAAA,kBACX,MAAQ;AAAA,gBACV;AAAA,gBACA,sBAAwB;AAAA,cAC1B;AAAA,cACA,UAAY,CAAC,YAAY;AAAA,cACzB,aAAe;AAAA,YACjB;AAAA,YACA,wBAA0B;AAAA,cACxB,MAAQ;AAAA,cACR,YAAc;AAAA,gBACZ,WAAa;AAAA,kBACX,MAAQ;AAAA,gBACV;AAAA,gBACA,sBAAwB;AAAA,cAC1B;AAAA,cACA,UAAY,CAAC,WAAW;AAAA,cACxB,aAAe;AAAA,YACjB;AAAA,YACA,2BAA6B;AAAA,cAC3B,MAAQ;AAAA,cACR,YAAc;AAAA,gBACZ,WAAa;AAAA,kBACX,MAAQ;AAAA,gBACV;AAAA,gBACA,SAAW;AAAA,kBACT,MAAQ;AAAA,gBACV;AAAA,gBACA,aAAe;AAAA,kBACb,MAAQ;AAAA,gBACV;AAAA,gBACA,sBAAwB;AAAA,cAC1B;AAAA,cACA,UAAY,CAAC,aAAa,WAAW,aAAa;AAAA,cAClD,aAAe;AAAA,YACjB;AAAA,YACA,WAAa;AAAA,cACX,MAAQ;AAAA,cACR,YAAc;AAAA,gBACZ,QAAU;AAAA,kBACR,MAAQ;AAAA,gBACV;AAAA,gBACA,sBAAwB;AAAA,cAC1B;AAAA,cACA,UAAY,CAAC,QAAQ;AAAA,cACrB,aAAe;AAAA,YACjB;AAAA,YACA,yCAA2C;AAAA,cACzC,MAAQ;AAAA,cACR,YAAc;AAAA,gBACZ,WAAa;AAAA,kBACX,MAAQ;AAAA,gBACV;AAAA,gBACA,SAAW;AAAA,kBACT,MAAQ;AAAA,gBACV;AAAA,gBACA,aAAe;AAAA,kBACb,MAAQ;AAAA,gBACV;AAAA,gBACA,sBAAwB;AAAA,cAC1B;AAAA,cACA,UAAY,CAAC,aAAa,WAAW,aAAa;AAAA,cAClD,aAAe;AAAA,YACjB;AAAA,YACA,gCAAkC;AAAA,cAChC,MAAQ;AAAA,cACR,YAAc;AAAA,gBACZ,KAAO;AAAA,kBACL,MAAQ;AAAA,gBACV;AAAA,gBACA,gBAAkB;AAAA,kBAChB,MAAQ;AAAA,kBACR,YAAc;AAAA,oBACZ,sBAAwB;AAAA,kBAC1B;AAAA,gBACF;AAAA,gBACA,cAAgB;AAAA,kBACd,MAAQ;AAAA,kBACR,YAAc;AAAA,oBACZ,sBAAwB;AAAA,kBAC1B;AAAA,gBACF;AAAA,gBACA,sBAAwB;AAAA,cAC1B;AAAA,cACA,UAAY,CAAC,OAAO,kBAAkB,cAAc;AAAA,cACpD,aAAe;AAAA,YACjB;AAAA,YACA,0CAA4C;AAAA,cAC1C,MAAQ;AAAA,cACR,YAAc;AAAA,gBACZ,WAAa;AAAA,kBACX,MAAQ;AAAA,gBACV;AAAA,gBACA,+BAAiC;AAAA,kBAC/B,MAAQ;AAAA,kBACR,YAAc;AAAA,oBACZ,sBAAwB;AAAA,kBAC1B;AAAA,gBACF;AAAA,gBACA,kBAAoB;AAAA,kBAClB,MAAQ;AAAA,kBACR,YAAc;AAAA,oBACZ,sBAAwB;AAAA,kBAC1B;AAAA,gBACF;AAAA,gBACA,sBAAwB;AAAA,cAC1B;AAAA,cACA,UAAY,CAAC,aAAa,+BAA+B;AAAA,cACzD,aAAe;AAAA,YACjB;AAAA,YACA,qBAAuB;AAAA,cACrB,MAAQ;AAAA,cACR,YAAc;AAAA,gBACZ,IAAM;AAAA,kBACJ,MAAQ;AAAA,gBACV;AAAA,gBACA,aAAe;AAAA,kBACb,MAAQ;AAAA,kBACR,OAAS;AAAA,oBACP,MAAQ;AAAA,kBACV;AAAA,gBACF;AAAA,gBACA,gBAAkB;AAAA,kBAChB,MAAQ;AAAA,kBACR,YAAc;AAAA,oBACZ,sBAAwB;AAAA,kBAC1B;AAAA,gBACF;AAAA,gBACA,sBAAwB;AAAA,cAC1B;AAAA,cACA,UAAY,CAAC,MAAM,gBAAgB;AAAA,cACnC,aAAe;AAAA,YACjB;AAAA,YACA,yCAA2C;AAAA,cACzC,MAAQ;AAAA,cACR,YAAc;AAAA,gBACZ,WAAa;AAAA,kBACX,MAAQ;AAAA,gBACV;AAAA,gBACA,gCAAkC;AAAA,kBAChC,MAAQ;AAAA,kBACR,YAAc;AAAA,oBACZ,sBAAwB;AAAA,kBAC1B;AAAA,gBACF;AAAA,gBACA,sBAAwB;AAAA,cAC1B;AAAA,cACA,UAAY,CAAC,aAAa,gCAAgC;AAAA,cAC1D,aAAe;AAAA,YACjB;AAAA,YACA,8BAAgC;AAAA,cAC9B,MAAQ;AAAA,cACR,YAAc;AAAA,gBACZ,SAAW;AAAA,kBACT,MAAQ;AAAA,kBACR,YAAc;AAAA,oBACZ,sBAAwB;AAAA,kBAC1B;AAAA,gBACF;AAAA,gBACA,yBAA2B;AAAA,kBACzB,MAAQ;AAAA,kBACR,YAAc;AAAA,oBACZ,sBAAwB;AAAA,kBAC1B;AAAA,gBACF;AAAA,gBACA,YAAc;AAAA,kBACZ,MAAQ;AAAA,kBACR,YAAc;AAAA,oBACZ,sBAAwB;AAAA,kBAC1B;AAAA,gBACF;AAAA,gBACA,sBAAwB;AAAA,cAC1B;AAAA,cACA,UAAY,CAAC,WAAW,YAAY;AAAA,cACpC,aAAe;AAAA,YACjB;AAAA,YACA,qCAAuC;AAAA,cACrC,MAAQ;AAAA,cACR,YAAc;AAAA,gBACZ,WAAa;AAAA,kBACX,MAAQ;AAAA,gBACV;AAAA,gBACA,+BAAiC;AAAA,kBAC/B,MAAQ;AAAA,kBACR,YAAc;AAAA,oBACZ,sBAAwB;AAAA,kBAC1B;AAAA,gBACF;AAAA,gBACA,gCAAkC;AAAA,kBAChC,MAAQ;AAAA,kBACR,YAAc;AAAA,oBACZ,sBAAwB;AAAA,kBAC1B;AAAA,gBACF;AAAA,gBACA,sBAAwB;AAAA,cAC1B;AAAA,cACA,UAAY,CAAC,aAAa,+BAA+B;AAAA,cACzD,aAAe;AAAA,YACjB;AAAA,UACF;AAAA,UACA,SAAW;AAAA,YACT,mBAAqB;AAAA,cACnB,aAAe;AAAA,cACf,WAAa;AAAA,gBACX,MAAQ;AAAA,cACV;AAAA,cACA,YAAc;AAAA,YAChB;AAAA,YACA,wBAA0B;AAAA,cACxB,aAAe;AAAA,cACf,WAAa;AAAA,gBACX,MAAQ;AAAA,cACV;AAAA,cACA,YAAc;AAAA,YAChB;AAAA,YACA,sBAAwB;AAAA,cACtB,aAAe;AAAA,cACf,WAAa;AAAA,gBACX,MAAQ;AAAA,cACV;AAAA,cACA,YAAc;AAAA,YAChB;AAAA,YACA,sBAAwB;AAAA,cACtB,aAAe;AAAA,cACf,WAAa;AAAA,gBACX,MAAQ;AAAA,cACV;AAAA,cACA,YAAc;AAAA,gBACZ,MAAQ;AAAA,cACV;AAAA,YACF;AAAA,YACA,oCAAsC;AAAA,cACpC,aAAe;AAAA,cACf,WAAa;AAAA,gBACX,MAAQ;AAAA,cACV;AAAA,cACA,YAAc;AAAA,gBACZ,MAAQ;AAAA,cACV;AAAA,YACF;AAAA,YACA,qCAAuC;AAAA,cACrC,aAAe;AAAA,cACf,WAAa;AAAA,gBACX,MAAQ;AAAA,cACV;AAAA,cACA,YAAc;AAAA,gBACZ,MAAQ;AAAA,cACV;AAAA,YACF;AAAA,YACA,oCAAsC;AAAA,cACpC,aAAe;AAAA,cACf,WAAa;AAAA,gBACX,MAAQ;AAAA,cACV;AAAA,cACA,YAAc;AAAA,gBACZ,MAAQ;AAAA,cACV;AAAA,YACF;AAAA,YACA,gCAAkC;AAAA,cAChC,aAAe;AAAA,cACf,WAAa;AAAA,gBACX,MAAQ;AAAA,cACV;AAAA,cACA,YAAc;AAAA,gBACZ,MAAQ;AAAA,cACV;AAAA,YACF;AAAA,UACF;AAAA,QACF;AAAA,MACF;AAAA,IACF;AAAA;AAAA;;;ACxUA;;;;;;;;;ACaA,iBAAsD;AACtD,uBAAmG;AAEnG,yBAAuB;AACvB,qBAA2F;AAGpF,IAAMC,uBAAN,MAAMA;EApBb,OAoBaA;;;EACFC,SAASA,OAAOC;EACRC,MAAM,IAAIC,eAAAA;EAElBC,UAAiC;IACxCC,uBAAuB,KAAKA,sBAAsBC,KAAK,IAAI;IAC3DC,sBAAsB,KAAKA,qBAAqBD,KAAK,IAAI;IACzDE,gCAAgC,KAAKA,+BAA+BF,KAAK,IAAI;IAC7EG,kDAAkD,KAAKA,iDAAiDH,KAAK,IAAI;EACnH;EAEA,YAAYI,MAAgB;EAAC;EAE7B,MAAcL,sBAAsBM,MAAiD;AACnF,UAAM,EAAEC,WAAU,IAAKD;AACvB,UAAME,WAAsB,CAAA;AAE5B,QAAI;AACF,YAAMC,SAASX,eAAIY,mBAAmBH,UAAAA;AACtC,YAAMI,cAAcC,MAAMC,QAAQJ,MAAAA,IAAUA,SAAS;QAACA;;AACtDD,eAASM,KAAI,GAAIH,YAAYI,OAAO,CAACC,MAAMA,EAAEC,WAAW,OAAA,CAAA;IAC1D,SAASC,OAAO;AACdV,eAASM,KAAK;QACZG,QAAQ;QACRE,SACE,OAAOD,UAAU,WACbA,QACA,OAAOA,UAAU,YAAY,aAAcA,QACxCA,MAAgBC,UACjB;QACRC,KAAK;MACP,CAAA;IACF;AAEA,QAAIZ,SAASa,SAAS,GAAG;AACvB,YAAMC,MAAM,uBAAuBd,SAASe,IAAI,CAACP,MAAMA,EAAEG,OAAO,EAAEK,SAAQ,CAAA,EAAI;IAChF;AACA,WAAO;EACT;EAEA,MAAMtB,qBAAqBuB,wBAAkF;AAC3G,WAAO3B,eAAI4B,2BAA2BD,sBAAAA;EACxC;EAEA,MAAMtB,+BAA+BG,MAAuCqB,SAAsD;AAChI,UAAMC,cAAc,MAAM,KAAKC,qBAAqBvB,KAAKwB,sBAAsBH,OAAAA;AAC/E,UAAMI,aAAazB,KAAKyB,iBAAaC,2BAAO1B,KAAKyB,UAAU,QAAIC,2BAAO,MAAML,QAAQM,MAAMC,2BAA0B,CAAA;AACpH,UAAMC,gBAAgB,KAAKtC,IAAIuC,WAAW9B,KAAKmB,wBAAwBG,eAAe,CAAA,GAAI;MACxF,GAAGtB;MACHyB;MACAM,gCAAgC/B,KAAK+B,kCAAkC;QAAC;;IAC1E,CAAA;AACA,WAAO;MACLC,IAAIhC,KAAKmB,uBAAuBa;MAChCH;MACAI,qBAAqBJ,cAAcK,sBAAsBjB,IAAI,CAACkB,OAAOC,kCAAiBC,iCAAiCF,EAAAA,CAAAA,KAAQ,CAAA;IACjI;EACF;EAEA,MAAMrC,iDACJE,MACAqB,SACgD;AAChD,UAAMiB,iBAAiBtC,KAAKmB;AAC5B,UAAMG,cAAc,MAAM,KAAKC,qBAAqBvB,KAAKwB,wBAAwB,CAAC,GAAGH,OAAAA;AACrF,UAAMI,aAAazB,KAAKyB,iBAAaC,2BAAO1B,KAAKyB,UAAU,QAAIC,2BAAO,MAAML,QAAQM,MAAMC,2BAA0B,CAAA;AACpH,UAAMG,iCAAiC/B,KAAK+B;AAE5C,UAAMQ,WAAW,oBAAIC,IAAAA;AACrBF,mBAAeG,kBAAkBC,QAAQ,CAACC,oBAAAA;AACxC,YAAMxB,yBAAyB;QAC7Ba,IAAIW,gBAAgBX;QACpBS,mBAAmB;UAACE;;MACtB;AAEA,YAAMC,iBAAiB5C,KAAKwB,qBAAqBoB;AAEjDL,eAASM,IACPF,iBACA,KAAK9C,+BACH;QACE2B,sBAAsB;UAAEoB;UAAgBE,uBAAuBxB;QAAY;;QAE3EH;QACAM;QACAM;MACF,GACAV,OAAAA,CAAAA;IAGN,CAAA;AACA,UAAM0B,QAAQC,IAAIT,SAASU,OAAM,CAAA;AACjC,UAAM9C,SAAgD,CAAA;AACtD,eAAW+C,SAASX,SAASY,QAAO,GAAI;AACtChD,aAAOK,KAAK;QAAE,GAAI,MAAM0C,MAAM,CAAA;QAAKP,iBAAiBO,MAAM,CAAA;MAAG,CAAA;IAC/D;AACA,WAAO/C;EACT;EAEA,MAAcoB,qBACZ6B,YAKA/B,SACoC;AACpC,QAAI+B,WAAWN,yBAAyBM,WAAWN,sBAAsB/B,SAAS,GAAG;AACnF,aAAOqC,WAAWN;IACpB;AAEA,UAAMrC,aAAS4C,kDAAkCD,WAAWR,gBAAgBQ,WAAW3C,MAAM;AAC7F,UAAM6C,oBAAoB,MAAMjC,QAAQM,MAAM4B,wBAAwB;MAAE9C;IAAO,CAAA;AAE/E,WAAO6C,kBAAkBrC,IAAI,CAACuC,aAAAA;AAC5B,YAAMrB,KAAKqB,SAASC;AACpB,YAAMC,QAAQpD,MAAMC,QAAQ4B,GAAGuB,KAAK,IAAIvB,GAAGuB,QAAQ;QAACvB,GAAGuB;;AACvD,YAAMC,WAAWD,MAAME,KAAK,CAACC,MAAcA,GAAGC,SAASC,oCAAAA;AACvD,aAAOJ,WAAYA,SAASK,MAAqB7B;IACnD,CAAA;EACF;AACF;;;AC3IA,IAAA8B,sBAKO;AACP,IAAAC,oBAMO;AAIP,eAAsBC,kCACpBC,MAQAC,SAAyB;AAEzB,WAASC,qBAAqBC,eAI7B;AACC,UAAM,EAAEC,QAAQC,wBAAwBC,aAAY,IAAKH;AAEzD,QAAII,gBAAgBH,UAAUC,uBAAuBD,UAAUJ,KAAKI;AAEpE,QAAI,CAACG,iBAAiBF,uBAAuBG,kBAAkBC,UAAU,KAAK,YAAYJ,uBAAuBG,kBAAkB,CAAA,GAAI;AACrID,sBAAgBF,uBAAuBG,kBAAkB,CAAA,EAAGJ;IAC9D;AAEA,QAAI,CAACG,eAAe;AAClB,UAAIG,mCAAiBC,gCAAgCL,aAAaM,cAAc,GAAG;AACjF,eAAO;MACT,WAAWF,mCAAiBG,6BAA6BP,aAAaM,cAAc,GAAqC;AACvH,eAAO;MACT,WAAWF,mCAAiBI,kBAAkBR,aAAaM,cAAc,GAAG;AAC1E,YAAI,OAAON,aAAaS,kBAAkB,UAAU;AAClD,iBAAO;QACT;AACA,eAAO;MACT;AACA,aAAO;IACT,WAAW,OAAOR,kBAAkB,UAAU;AAE5C,aAAOA;IACT;AAGA,UAAMS,UAAU,IAAIC,IAClBC,OAAOC,KAAKZ,aAAAA,EAAea,IAAI,CAACC,SAAUA,KAAKC,SAAS,KAAA,IAAS,QAAQD,KAAKC,SAAS,WAAA,IAAe,cAAc,KAAA,CAAA;AAItH,QAAIN,QAAQO,SAAS,GAAG;AACtB,aAAOP,QAAQQ,OAAM,EAAGC,KAAI,EAAGC;IACjC;AACAV,YAAQG,KAAI,EAAGM,KAAI;AAEnB,QAAIT,QAAQW,IAAI,WAAA,GAAc;AAC5B,aAAO;IACT,WAESX,QAAQW,IAAI,KAAA,GAAQ;AAC3B,aAAO;IACT;AAGA,WAAO;EACT;AAnDSzB;AAqDT,SAAO,OAAO,EACZI,cACAsB,QACAvB,wBACAD,QACAyB,UAAS,MAOV;AACC,UAAMC,cAAc5B,qBAAqB;MAAEE;MAAQC;MAAwBC;IAAa,CAAA;AACxF,UAAM,EAAEyB,OAAM,IAAK/B;AACnB,UAAMgC,aAAa;AACnB,QAAIhC,KAAKiC,yBAAqBC,gDAA2BH,MAAAA,GAAS;AAChEA,aAAOI,6BAA6B;IACtC;AAEA,QAAI,oBAAoB7B,cAAc;AACpC,UAAIwB,gBAAgB,aAAa;AAC/B,eAAOM,QAAQC,OAAOC,MAAM,oDAAoDR,WAAAA,EAAa,CAAA;MAC/F;AAEA,YAAMS,qBAAqB,MAAMtC,QAAQuC,MAAMC,wBAAwB;QACrE,GAAIV,QAAQW,WAAW,oBAAoB;UAAEC,QAAQZ,QAAQa;QAAiB;QAC9EtC,cAAcA,aAAauC;QAC3BC,IAAI;UACFC,SAAS;YACP,GAAGzC,aAAa0C,OAAOD;YACvBE,KAAK3C,aAAa0C,OAAOD,SAASE,OAAOC,KAAKC,MAAMC,KAAKC,IAAG,IAAK,MAAOrB,UAAAA;YACxEsB,OAAOzB,aAAavB,aAAa0C,OAAOD,SAASO;YACjDC,KAAKjD,aAAa0C,OAAOD,SAASQ,OAAO3B,UAAU5B,KAAK4B;UAC1D;QACF;MACF,CAAA;AAEA,aAAOlB,mCAAiB8C,mCAAmCjB,mBAAmBjC,YAAY;IAC5F,OAAO;AACL,YAAMmD,aAAa,MAAMxD,QAAQuC,MAAMkB,qBAAqB3B,MAAAA;AAE5D,UAAID,gBAAgB,aAAa;AAC/B,eAAOM,QAAQC,OAAOC,MAAM,oDAAoDR,WAAAA,EAAa,CAAA;MAC/F;AACA,UAAI6B;AACJ,UAAI,CAACrD,aAAaqC,QAAQ;AACxBrC,qBAAaqC,SAASc,WAAWb;MACnC;AACA,UAAId,gBAAgB,OAAO;AACzB6B,iBAAS;UACP,QAAKC,kDAA6BH,UAAAA,SAAeI,kDAA6BJ,UAAAA,MAAgBA,WAAWK,OAAO;YAAEA,KAAKL,WAAWK;UAAI;UACtI,OAAID,kDAA6BJ,UAAAA,KAAe;YAAEM,KAAKN,WAAWM;UAAI;QACxE;AACA,YAAIzD,aAAa0D,YAAY,CAAC1D,aAAaiD,KAAK;AAC9CjD,uBAAaiD,MAAMU,MAAMC,QAAQ5D,aAAa0D,QAAQ,IAAI1D,aAAa0D,WAAY1D,aAAa0D,YAAYpC,UAAU5B,KAAK4B;AAC3H,iBAAOtB,aAAa0D;QACtB;AAEA,YAAI,CAAC1D,aAAa6D,KAAK;AACrB,cAAI7D,aAAa8D,cAAc;AAC7B,kBAAMC,YAAYjB,KAAKkB,MAAMhE,aAAa8D,YAAY;AACtD,gBAAI,CAACG,MAAMF,SAAAA,GAAY;AACrB/D,2BAAa6D,MAAMjB,KAAKC,MAAMkB,YAAY,GAAA;YAC5C;UACF,OAAO;AACL/D,yBAAa6D,MAAMjB,KAAKC,MAAMC,KAAKC,IAAG,IAAK,MAAOrB,UAAAA;UACpD;QACF;AAEA,YAAI,CAAC1B,aAAa2C,KAAK;AACrB3C,uBAAa2C,MAAM3C,aAAa6D;QAClC;AAEA,YAAI,CAAC7D,aAAakE,KAAK;AACrB,cAAIlE,aAAamE,gBAAgB;AAC/B,kBAAMJ,YAAYjB,KAAKkB,MAAMhE,aAAamE,cAAc;AACxD,gBAAI,CAACF,MAAMF,SAAAA,GAAY;AACrB/D,2BAAakE,MAAMtB,KAAKC,MAAMkB,YAAY,GAAA;YAC5C;UACF,OAAO;AACL/D,yBAAakE,MAAMlE,aAAa6D,MAAM,MAAMnC;UAC9C;QACF;AAEA,YAAI,CAAC1B,aAAaoE,IAAI;AACpBpE,uBAAaoE,KAAK,CAAC;QACrB;AAIA,YAAI,CAACpE,aAAaoE,GAAG/B,QAAQ;AAC3BrC,uBAAaoE,GAAG/B,SAASrC,aAAaqC;QACxC;MACF;AAMA,YAAM+B,KAAK,MAAMzE,QAAQuC,MAAMmC,6BAA6B;QAC1DrE;QACAsE,sBAAsB;QACtBC,QAAQpB,WAAWqB;;QAEnBjD,WAAWA,aAAa7B,KAAK6B;QAC7BkD,qBAAqB/E,KAAK+E,wBAAwB;QAClDjD;QACA6B;MACF,CAAA;AAGA,aAAOjD,mCAAiB8C,mCAAmCkB,EAAAA;IAC7D;EACF;AACF;AAnLsB3E;;;AFftB,IAAMiF,SAASC;","names":["module","PresentationExchange","schema","IDidAuthSiopOpAuthenticator","pex","PEX","methods","pexValidateDefinition","bind","pexDefinitionVersion","pexDefinitionFilterCredentials","pexDefinitionFilterCredentialsPerInputDescriptor","opts","args","definition","invalids","result","validateDefinition","validations","Array","isArray","push","filter","v","status","error","message","tag","length","Error","map","toString","presentationDefinition","definitionVersionDiscovery","context","credentials","pexFilterCredentials","credentialFilterOpts","holderDIDs","toDIDs","agent","dataStoreORMGetIdentifiers","selectResults","selectFrom","limitDisclosureSignatureSuites","id","filteredCredentials","verifiableCredential","vc","CredentialMapper","storedCredentialToOriginalFormat","origDefinition","promises","Map","input_descriptors","forEach","inputDescriptor","credentialRole","set","verifiableCredentials","Promise","all","values","entry","entries","filterOpts","verifiableCredentialForRoleFilter","uniqueCredentials","crsGetUniqueCredentials","uniqueVC","uniformVerifiableCredential","proof","jwtProof","find","p","type","JWT_PROOF_TYPE_2020","jwt","import_ssi_sdk_ext","import_ssi_types","createPEXPresentationSignCallback","args","context","determineProofFormat","determineArgs","format","presentationDefinition","presentation","formatOptions","input_descriptors","length","CredentialMapper","isSdJwtDecodedCredentialPayload","decodedPayload","isMsoMdocDecodedPresentation","isW3cPresentation","signedPayload","formats","Set","Object","keys","map","form","includes","size","values","next","value","has","domain","challenge","proofFormat","idOpts","CLOCK_SKEW","skipDidResolution","isManagedIdentifierDidOpts","offlineWhenNoDIDRegistered","Promise","reject","Error","presentationResult","agent","createSdJwtPresentation","method","holder","issuer","compactSdJwtVc","kb","payload","kbJwt","iat","Math","floor","Date","now","nonce","aud","storedPresentationToOriginalFormat","resolution","identifierManagedGet","header","isManagedIdentifierDidResult","isManagedIdentifierX5cResult","kid","jwk","verifier","Array","isArray","nbf","issuanceDate","converted","parse","isNaN","exp","expirationDate","vp","createVerifiablePresentation","removeOriginalFields","keyRef","kmsKeyRef","fetchRemoteContexts","schema","require"]}

package/dist/index.d.cts

@@ -1,9 +1,9 @@
 import { IPluginMethodMap, IIdentifier, IAgentContext, IDataStoreORM, IResolver, IDIDManager, ICredentialPlugin, PresentationPayload, IAgentPlugin, ProofFormat } from '@veramo/core';
 import { IIdentifierResolution, ManagedIdentifierOptsOrResult } from '@sphereon/ssi-sdk-ext.identifier-resolution';
-import { W3CVerifiableCredential, IPresentation, Optional, SdJwtDecodedVerifiableCredential, W3CVerifiablePresentation } from '@sphereon/ssi-types';
+import { CredentialRole, W3CVerifiableCredential, IPresentation, Optional, SdJwtDecodedVerifiableCredential, W3CVerifiablePresentation } from '@sphereon/ssi-types';
 import { IPresentationDefinition, PEVersion, SelectResults } from '@sphereon/pex';
 import { Format, InputDescriptorV1, InputDescriptorV2 } from '@sphereon/pex-models';
-import { CredentialRole, FindDigitalCredentialArgs } from '@sphereon/ssi-sdk.data-store';
+import { FindDigitalCredentialArgs } from '@sphereon/ssi-sdk.data-store-types';
 import { ISDJwtPlugin } from '@sphereon/ssi-sdk.sd-jwt';
 
 interface IPresentationExchange extends IPluginMethodMap {

package/dist/index.d.ts

@@ -1,9 +1,9 @@
 import { IPluginMethodMap, IIdentifier, IAgentContext, IDataStoreORM, IResolver, IDIDManager, ICredentialPlugin, PresentationPayload, IAgentPlugin, ProofFormat } from '@veramo/core';
 import { IIdentifierResolution, ManagedIdentifierOptsOrResult } from '@sphereon/ssi-sdk-ext.identifier-resolution';
-import { W3CVerifiableCredential, IPresentation, Optional, SdJwtDecodedVerifiableCredential, W3CVerifiablePresentation } from '@sphereon/ssi-types';
+import { CredentialRole, W3CVerifiableCredential, IPresentation, Optional, SdJwtDecodedVerifiableCredential, W3CVerifiablePresentation } from '@sphereon/ssi-types';
 import { IPresentationDefinition, PEVersion, SelectResults } from '@sphereon/pex';
 import { Format, InputDescriptorV1, InputDescriptorV2 } from '@sphereon/pex-models';
-import { CredentialRole, FindDigitalCredentialArgs } from '@sphereon/ssi-sdk.data-store';
+import { FindDigitalCredentialArgs } from '@sphereon/ssi-sdk.data-store-types';
 import { ISDJwtPlugin } from '@sphereon/ssi-sdk.sd-jwt';
 
 interface IPresentationExchange extends IPluginMethodMap {

package/dist/index.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../plugin.schema.json","../src/agent/PresentationExchange.ts","../src/functions.ts","../src/index.ts"],"sourcesContent":["{\n  \"IDidAuthSiopOpAuthenticator\": {\n    \"components\": {\n      \"schemas\": {\n        \"IGetSiopSessionArgs\": {\n          \"type\": \"object\",\n          \"properties\": {\n            \"sessionId\": {\n              \"type\": \"string\"\n            },\n            \"additionalProperties\": false\n          },\n          \"required\": [\"sessionId\"],\n          \"description\": \"Arguments needed for {@link DidAuthSiopOpAuthenticator.getSessionForSiop } \"\n        },\n        \"IRegisterSiopSessionArgs\": {\n          \"type\": \"object\",\n          \"properties\": {\n            \"identifier\": {\n              \"type\": \"object\",\n              \"properties\": {\n                \"did\": {\n                  \"type\": \"string\"\n                },\n                \"alias\": {\n                  \"type\": \"string\"\n                },\n                \"provider\": {\n                  \"type\": \"string\"\n                },\n                \"controllerKeyId\": {\n                  \"type\": \"string\"\n                },\n                \"keys\": {\n                  \"type\": \"array\",\n                  \"items\": {\n                    \"type\": \"object\",\n                    \"properties\": {\n                      \"additionalProperties\": true\n                    }\n                  }\n                },\n                \"services\": {\n                  \"type\": \"array\",\n                  \"items\": {\n                    \"type\": \"object\",\n                    \"properties\": {\n                      \"additionalProperties\": true\n                    }\n                  }\n                }\n              },\n              \"additionalProperties\": false,\n              \"required\": [\"did\", \"provider\", \"keys\", \"services\"]\n            },\n            \"sessionId\": {\n              \"type\": \"string\"\n            },\n            \"expiresIn\": {\n              \"type\": \"number\"\n            },\n            \"additionalProperties\": false\n          },\n          \"required\": [\"identifier\"],\n          \"description\": \"Arguments needed for {@link DidAuthSiopOpAuthenticator.registerSessionForSiop } \"\n        },\n        \"IRemoveSiopSessionArgs\": {\n          \"type\": \"object\",\n          \"properties\": {\n            \"sessionId\": {\n              \"type\": \"string\"\n            },\n            \"additionalProperties\": false\n          },\n          \"required\": [\"sessionId\"],\n          \"description\": \"Arguments needed for {@link DidAuthSiopOpAuthenticator.removeSessionForSiop } \"\n        },\n        \"IAuthenticateWithSiopArgs\": {\n          \"type\": \"object\",\n          \"properties\": {\n            \"sessionId\": {\n              \"type\": \"string\"\n            },\n            \"stateId\": {\n              \"type\": \"string\"\n            },\n            \"redirectUrl\": {\n              \"type\": \"string\"\n            },\n            \"additionalProperties\": false\n          },\n          \"required\": [\"sessionId\", \"stateId\", \"redirectUrl\"],\n          \"description\": \"Arguments needed for {@link DidAuthSiopOpAuthenticator.authenticateWithSiop } \"\n        },\n        \"IResponse\": {\n          \"type\": \"object\",\n          \"properties\": {\n            \"status\": {\n              \"type\": \"number\"\n            },\n            \"additionalProperties\": true\n          },\n          \"required\": [\"status\"],\n          \"description\": \"Result of {@link DidAuthSiopOpAuthenticator.authenticateWithSiop & DidAuthSiopOpAuthenticator.sendSiopAuthenticationResponse } \"\n        },\n        \"IGetSiopAuthenticationRequestFromRpArgs\": {\n          \"type\": \"object\",\n          \"properties\": {\n            \"sessionId\": {\n              \"type\": \"string\"\n            },\n            \"stateId\": {\n              \"type\": \"string\"\n            },\n            \"redirectUrl\": {\n              \"type\": \"string\"\n            },\n            \"additionalProperties\": false\n          },\n          \"required\": [\"sessionId\", \"stateId\", \"redirectUrl\"],\n          \"description\": \"Arguments needed for {@link DidAuthSiopOpAuthenticator.getSiopAuthenticationRequestFromRP } \"\n        },\n        \"ParsedAuthenticationRequestURI\": {\n          \"type\": \"object\",\n          \"properties\": {\n            \"jwt\": {\n              \"type\": \"string\"\n            },\n            \"requestPayload\": {\n              \"type\": \"object\",\n              \"properties\": {\n                \"additionalProperties\": true\n              }\n            },\n            \"registration\": {\n              \"type\": \"object\",\n              \"properties\": {\n                \"additionalProperties\": true\n              }\n            },\n            \"additionalProperties\": false\n          },\n          \"required\": [\"jwt\", \"requestPayload\", \"registration\"],\n          \"description\": \"Result of {@link DidAuthSiopOpAuthenticator.getSiopAuthenticationRequestFromRP } \"\n        },\n        \"IGetSiopAuthenticationRequestDetailsArgs\": {\n          \"type\": \"object\",\n          \"properties\": {\n            \"sessionId\": {\n              \"type\": \"string\"\n            },\n            \"verifiedAuthenticationRequest\": {\n              \"type\": \"object\",\n              \"properties\": {\n                \"additionalProperties\": true\n              }\n            },\n            \"credentialFilter\": {\n              \"type\": \"object\",\n              \"properties\": {\n                \"additionalProperties\": true\n              }\n            },\n            \"additionalProperties\": false\n          },\n          \"required\": [\"sessionId\", \"verifiedAuthenticationRequest\"],\n          \"description\": \"Arguments needed for {@link DidAuthSiopOpAuthenticator.getSiopAuthenticationRequestDetails } \"\n        },\n        \"IAuthRequestDetails\": {\n          \"type\": \"object\",\n          \"properties\": {\n            \"id\": {\n              \"type\": \"string\"\n            },\n            \"alsoKnownAs\": {\n              \"type\": \"array\",\n              \"items\": {\n                \"type\": \"string\"\n              }\n            },\n            \"vpResponseOpts\": {\n              \"type\": \"object\",\n              \"properties\": {\n                \"additionalProperties\": true\n              }\n            },\n            \"additionalProperties\": false\n          },\n          \"required\": [\"id\", \"vpResponseOpts\"],\n          \"description\": \"Result of {@link DidAuthSiopOpAuthenticator.getSiopAuthenticationRequestDetails } \"\n        },\n        \"IVerifySiopAuthenticationRequestUriArgs\": {\n          \"type\": \"object\",\n          \"properties\": {\n            \"sessionId\": {\n              \"type\": \"string\"\n            },\n            \"ParsedAuthenticationRequestURI\": {\n              \"type\": \"object\",\n              \"properties\": {\n                \"additionalProperties\": true\n              }\n            },\n            \"additionalProperties\": false\n          },\n          \"required\": [\"sessionId\", \"ParsedAuthenticationRequestURI\"],\n          \"description\": \"Arguments needed for {@link DidAuthSiopOpAuthenticator.verifySiopAuthenticationRequestURI } \"\n        },\n        \"VerifiedAuthorizationRequest\": {\n          \"type\": \"object\",\n          \"properties\": {\n            \"payload\": {\n              \"type\": \"object\",\n              \"properties\": {\n                \"additionalProperties\": true\n              }\n            },\n            \"presentationDefinitions\": {\n              \"type\": \"object\",\n              \"properties\": {\n                \"additionalProperties\": true\n              }\n            },\n            \"verifyOpts\": {\n              \"type\": \"object\",\n              \"properties\": {\n                \"additionalProperties\": true\n              }\n            },\n            \"additionalProperties\": false\n          },\n          \"required\": [\"payload\", \"verifyOpts\"],\n          \"description\": \"Result of {@link DidAuthSiopOpAuthenticator.verifySiopAuthenticationRequestURI } \"\n        },\n        \"ISendSiopAuthenticationResponseArgs\": {\n          \"type\": \"object\",\n          \"properties\": {\n            \"sessionId\": {\n              \"type\": \"string\"\n            },\n            \"verifiedAuthenticationRequest\": {\n              \"type\": \"object\",\n              \"properties\": {\n                \"additionalProperties\": true\n              }\n            },\n            \"verifiablePresentationResponse\": {\n              \"type\": \"object\",\n              \"properties\": {\n                \"additionalProperties\": true\n              }\n            },\n            \"additionalProperties\": false\n          },\n          \"required\": [\"sessionId\", \"verifiedAuthenticationRequest\"],\n          \"description\": \"Arguments needed for {@link DidAuthSiopOpAuthenticator.sendSiopAuthenticationResponse } \"\n        }\n      },\n      \"methods\": {\n        \"getSessionForSiop\": {\n          \"description\": \"Get SIOP session\",\n          \"arguments\": {\n            \"$ref\": \"#/components/schemas/IGetSiopSessionArgs\"\n          },\n          \"returnType\": \"object\"\n        },\n        \"registerSessionForSiop\": {\n          \"description\": \"Register SIOP session\",\n          \"arguments\": {\n            \"$ref\": \"#/components/schemas/IRegisterSiopSessionArgs\"\n          },\n          \"returnType\": \"object\"\n        },\n        \"removeSessionForSiop\": {\n          \"description\": \"Remove SIOP session\",\n          \"arguments\": {\n            \"$ref\": \"#/components/schemas/IRemoveSiopSessionArgs\"\n          },\n          \"returnType\": \"boolean\"\n        },\n        \"authenticateWithSiop\": {\n          \"description\": \"Authenticate using DID Auth SIOP\",\n          \"arguments\": {\n            \"$ref\": \"#/components/schemas/IAuthenticateWithSiopArgs\"\n          },\n          \"returnType\": {\n            \"$ref\": \"#/components/schemas/Response\"\n          }\n        },\n        \"getSiopAuthenticationRequestFromRP\": {\n          \"description\": \"Get authentication request from RP\",\n          \"arguments\": {\n            \"$ref\": \"#/components/schemas/IGetSiopAuthenticationRequestFromRpArgs\"\n          },\n          \"returnType\": {\n            \"$ref\": \"#/components/schemas/ParsedAuthenticationRequestURI\"\n          }\n        },\n        \"getSiopAuthenticationRequestDetails\": {\n          \"description\": \"Get authentication request details\",\n          \"arguments\": {\n            \"$ref\": \"#/components/schemas/IGetSiopAuthenticationRequestDetailsArgs\"\n          },\n          \"returnType\": {\n            \"$ref\": \"#/components/schemas/IAuthRequestDetails\"\n          }\n        },\n        \"verifySiopAuthenticationRequestURI\": {\n          \"description\": \"Verify authentication request URI\",\n          \"arguments\": {\n            \"$ref\": \"#/components/schemas/IVerifySiopAuthenticationRequestUriArgs\"\n          },\n          \"returnType\": {\n            \"$ref\": \"#/components/schemas/VerifiedAuthorizationRequest\"\n          }\n        },\n        \"sendSiopAuthenticationResponse\": {\n          \"description\": \"Send authentication response\",\n          \"arguments\": {\n            \"$ref\": \"#/components/schemas/ISendSiopAuthenticationResponseArgs\"\n          },\n          \"returnType\": {\n            \"$ref\": \"#/components/schemas/IRequiredContext\"\n          }\n        }\n      }\n    }\n  }\n}\n","import {\n  IDefinitionCredentialFilterArgs,\n  IDefinitionValidateArgs,\n  IPEXFilterResult,\n  IPEXFilterResultWithInputDescriptor,\n  IRequiredContext,\n  PEXOpts,\n  schema,\n  VersionDiscoveryResult,\n} from '../index'\nimport { IAgentPlugin } from '@veramo/core'\n\nimport { IPresentationExchange } from '../types/IPresentationExchange'\nimport { Checked, IPresentationDefinition, PEX } from '@sphereon/pex'\nimport { CompactJWT, CredentialMapper, IProof, JWT_PROOF_TYPE_2020, W3CVerifiableCredential } from '@sphereon/ssi-types'\nimport { InputDescriptorV1, InputDescriptorV2 } from '@sphereon/pex-models'\nimport { toDIDs } from '@sphereon/ssi-sdk-ext.did-utils'\nimport { CredentialRole, UniqueDigitalCredential, verifiableCredentialForRoleFilter } from '@sphereon/ssi-sdk.credential-store'\nimport { FindDigitalCredentialArgs } from '@sphereon/ssi-sdk.data-store'\n\nexport class PresentationExchange implements IAgentPlugin {\n  readonly schema = schema.IDidAuthSiopOpAuthenticator\n  private readonly pex = new PEX()\n\n  readonly methods: IPresentationExchange = {\n    pexValidateDefinition: this.pexValidateDefinition.bind(this),\n    pexDefinitionVersion: this.pexDefinitionVersion.bind(this),\n    pexDefinitionFilterCredentials: this.pexDefinitionFilterCredentials.bind(this),\n    pexDefinitionFilterCredentialsPerInputDescriptor: this.pexDefinitionFilterCredentialsPerInputDescriptor.bind(this),\n  }\n\n  constructor(opts?: PEXOpts) {}\n\n  private async pexValidateDefinition(args: IDefinitionValidateArgs): Promise<boolean> {\n    const { definition } = args\n    const invalids: Checked[] = []\n\n    try {\n      const result = PEX.validateDefinition(definition)\n      const validations = Array.isArray(result) ? result : [result]\n      invalids.push(...validations.filter((v) => v.status === 'error'))\n    } catch (error) {\n      invalids.push({\n        status: 'error',\n        message:\n          typeof error === 'string'\n            ? error\n            : typeof error === 'object' && 'message' in (error as object)\n              ? (error as Error).message\n              : 'unknown error',\n        tag: 'validation',\n      })\n    }\n\n    if (invalids.length > 0) {\n      throw Error(`Invalid definition. ${invalids.map((v) => v.message).toString()}`)\n    }\n    return true // Never returns false, but REST API does not allow Promise<void>\n  }\n\n  async pexDefinitionVersion(presentationDefinition: IPresentationDefinition): Promise<VersionDiscoveryResult> {\n    return PEX.definitionVersionDiscovery(presentationDefinition)\n  }\n\n  async pexDefinitionFilterCredentials(args: IDefinitionCredentialFilterArgs, context: IRequiredContext): Promise<IPEXFilterResult> {\n    const credentials = await this.pexFilterCredentials(args.credentialFilterOpts, context)\n    const holderDIDs = args.holderDIDs ? toDIDs(args.holderDIDs) : toDIDs(await context.agent.dataStoreORMGetIdentifiers())\n    const selectResults = this.pex.selectFrom(args.presentationDefinition, credentials ?? [], {\n      ...args,\n      holderDIDs,\n      limitDisclosureSignatureSuites: args.limitDisclosureSignatureSuites ?? ['BbsBlsSignature2020'],\n    })\n    return {\n      id: args.presentationDefinition.id,\n      selectResults,\n      filteredCredentials: selectResults.verifiableCredential?.map((vc) => CredentialMapper.storedCredentialToOriginalFormat(vc)) ?? [],\n    }\n  }\n\n  async pexDefinitionFilterCredentialsPerInputDescriptor(\n    args: IDefinitionCredentialFilterArgs,\n    context: IRequiredContext,\n  ): Promise<IPEXFilterResultWithInputDescriptor[]> {\n    const origDefinition = args.presentationDefinition\n    const credentials = await this.pexFilterCredentials(args.credentialFilterOpts ?? {}, context)\n    const holderDIDs = args.holderDIDs ? toDIDs(args.holderDIDs) : toDIDs(await context.agent.dataStoreORMGetIdentifiers())\n    const limitDisclosureSignatureSuites = args.limitDisclosureSignatureSuites\n\n    const promises = new Map<InputDescriptorV1 | InputDescriptorV2, Promise<IPEXFilterResult>>()\n    origDefinition.input_descriptors.forEach((inputDescriptor) => {\n      const presentationDefinition = {\n        id: inputDescriptor.id,\n        input_descriptors: [inputDescriptor],\n      }\n\n      const credentialRole = args.credentialFilterOpts.credentialRole\n\n      promises.set(\n        inputDescriptor,\n        this.pexDefinitionFilterCredentials(\n          {\n            credentialFilterOpts: { credentialRole, verifiableCredentials: credentials },\n            // @ts-ignore\n            presentationDefinition,\n            holderDIDs,\n            limitDisclosureSignatureSuites,\n          },\n          context,\n        ),\n      )\n    })\n    await Promise.all(promises.values())\n    const result: IPEXFilterResultWithInputDescriptor[] = []\n    for (const entry of promises.entries()) {\n      result.push({ ...(await entry[1]), inputDescriptor: entry[0] })\n    }\n    return result\n  }\n\n  private async pexFilterCredentials(\n    filterOpts: {\n      credentialRole: CredentialRole\n      verifiableCredentials?: W3CVerifiableCredential[]\n      filter?: FindDigitalCredentialArgs\n    },\n    context: IRequiredContext,\n  ): Promise<W3CVerifiableCredential[]> {\n    if (filterOpts.verifiableCredentials && filterOpts.verifiableCredentials.length > 0) {\n      return filterOpts.verifiableCredentials as W3CVerifiableCredential[]\n    }\n\n    const filter = verifiableCredentialForRoleFilter(filterOpts.credentialRole, filterOpts.filter)\n    const uniqueCredentials = await context.agent.crsGetUniqueCredentials({ filter })\n\n    return uniqueCredentials.map((uniqueVC: UniqueDigitalCredential) => {\n      const vc = uniqueVC.uniformVerifiableCredential!\n      const proof = Array.isArray(vc.proof) ? vc.proof : [vc.proof]\n      const jwtProof = proof.find((p: IProof) => p?.type === JWT_PROOF_TYPE_2020)\n      return jwtProof ? (jwtProof.jwt as CompactJWT) : vc\n    })\n  }\n}\n","import { IPresentationDefinition } from '@sphereon/pex'\nimport { Format } from '@sphereon/pex-models'\nimport {\n  isManagedIdentifierDidOpts,\n  isManagedIdentifierDidResult,\n  isManagedIdentifierX5cResult,\n  ManagedIdentifierOptsOrResult,\n} from '@sphereon/ssi-sdk-ext.identifier-resolution'\nimport {\n  CredentialMapper,\n  Optional,\n  OriginalVerifiablePresentation,\n  SdJwtDecodedVerifiableCredential,\n  W3CVerifiablePresentation,\n} from '@sphereon/ssi-types'\nimport { PresentationPayload, ProofFormat } from '@veramo/core'\nimport { IPEXPresentationSignCallback, IRequiredContext } from './types/IPresentationExchange'\n\nexport async function createPEXPresentationSignCallback(\n  args: {\n    idOpts: ManagedIdentifierOptsOrResult\n    fetchRemoteContexts?: boolean\n    skipDidResolution?: boolean\n    format?: Format | ProofFormat\n    domain?: string\n    challenge?: string\n  },\n  context: IRequiredContext,\n): Promise<IPEXPresentationSignCallback> {\n  function determineProofFormat(determineArgs: {\n    format?: Format | 'jwt' | 'lds' | 'EthereumEip712Signature2021'\n    presentationDefinition: IPresentationDefinition\n    presentation: Optional<PresentationPayload, 'holder'> | SdJwtDecodedVerifiableCredential\n  }): string {\n    const { format, presentationDefinition, presentation } = determineArgs\n\n    var formatOptions = format ?? presentationDefinition.format ?? args.format\n    // TODO Refactor so it takes into account the Input Descriptors and we can lookup from there. Now we only do that if there is 1 descriptor\n    if (!formatOptions && presentationDefinition.input_descriptors.length == 1 && 'format' in presentationDefinition.input_descriptors[0]) {\n      formatOptions = presentationDefinition.input_descriptors[0].format\n    }\n    // All format arguments are optional. So if no format has been given we go for the most supported 'jwt'\n    if (!formatOptions) {\n      if (CredentialMapper.isSdJwtDecodedCredentialPayload(presentation.decodedPayload)) {\n        return 'dc+sd-jwt'\n      } else if (CredentialMapper.isMsoMdocDecodedPresentation(presentation.decodedPayload as OriginalVerifiablePresentation)) {\n        return 'mso_mdoc'\n      } else if (CredentialMapper.isW3cPresentation(presentation.decodedPayload)) {\n        if (typeof presentation.signedPayload === 'string') {\n          return 'jwt'\n        }\n        return 'lds'\n      }\n      return 'jwt'\n    } else if (typeof formatOptions === 'string') {\n      // if formatOptions is a singular string we can return that as the format\n      return formatOptions\n    }\n\n    // here we transform all format options to either lds or jwt. but we also want to support sd-jwt, so we need to specifically check for this one. which is ['dc+sd-jwt']\n    const formats = new Set(\n      Object.keys(formatOptions).map((form) => (form.includes('ldp') ? 'lds' : form.includes('dc+sd-jwt') ? 'dc+sd-jwt' : 'jwt')),\n    )\n\n    // if we only have 1 format type we can return that\n    if (formats.size === 1) {\n      return formats.values().next().value!!\n    }\n    formats.keys().next()\n    // if we can go for sd-jwt, we go for sd-jwt\n    if (formats.has('dc+sd-jwt')) {\n      return 'dc+sd-jwt'\n    }\n    // if it is not sd-jwt we would like to go for jwt\n    else if (formats.has('jwt')) {\n      return 'jwt'\n    }\n\n    // else we go for lds\n    return 'lds'\n  }\n\n  return async ({\n    presentation,\n    domain,\n    presentationDefinition,\n    format,\n    challenge,\n  }: {\n    presentation: Optional<PresentationPayload, 'holder'> | SdJwtDecodedVerifiableCredential\n    presentationDefinition: IPresentationDefinition\n    format?: Format | ProofFormat\n    domain?: string\n    challenge?: string\n  }): Promise<W3CVerifiablePresentation> => {\n    const proofFormat = determineProofFormat({ format, presentationDefinition, presentation })\n    const { idOpts } = args\n    const CLOCK_SKEW = 120\n    if (args.skipDidResolution && isManagedIdentifierDidOpts(idOpts)) {\n      idOpts.offlineWhenNoDIDRegistered = true\n    }\n\n    if ('compactSdJwtVc' in presentation) {\n      if (proofFormat !== 'dc+sd-jwt') {\n        return Promise.reject(Error(`presentation payload does not match proof format ${proofFormat}`))\n      }\n\n      const presentationResult = await context.agent.createSdJwtPresentation({\n        ...(idOpts?.method === 'oid4vci-issuer' && { holder: idOpts?.issuer as string }),\n        presentation: presentation.compactSdJwtVc,\n        kb: {\n          payload: {\n            ...presentation.kbJwt?.payload,\n            iat: presentation.kbJwt?.payload?.iat ?? Math.floor(Date.now() / 1000 - CLOCK_SKEW),\n            nonce: challenge ?? presentation.kbJwt?.payload?.nonce,\n            aud: presentation.kbJwt?.payload?.aud ?? domain ?? args.domain,\n          },\n        },\n      })\n\n      return CredentialMapper.storedPresentationToOriginalFormat(presentationResult.presentation as OriginalVerifiablePresentation)\n    } else {\n      const resolution = await context.agent.identifierManagedGet(idOpts)\n\n      if (proofFormat === 'dc+sd-jwt') {\n        return Promise.reject(Error(`presentation payload does not match proof format ${proofFormat}`))\n      }\n      let header\n      if (!presentation.holder) {\n        presentation.holder = resolution.issuer\n      }\n      if (proofFormat === 'jwt') {\n        header = {\n          ...((isManagedIdentifierDidResult(resolution) || isManagedIdentifierX5cResult(resolution)) && resolution.kid && { kid: resolution.kid }),\n          ...(isManagedIdentifierX5cResult(resolution) && { jwk: resolution.jwk }),\n        }\n        if (presentation.verifier || !presentation.aud) {\n          presentation.aud = Array.isArray(presentation.verifier) ? presentation.verifier : (presentation.verifier ?? domain ?? args.domain)\n          delete presentation.verifier\n        }\n\n        if (!presentation.nbf) {\n          if (presentation.issuanceDate) {\n            const converted = Date.parse(presentation.issuanceDate)\n            if (!isNaN(converted)) {\n              presentation.nbf = Math.floor(converted / 1000) // no skew here, as an explicit value was given\n            }\n          } else {\n            presentation.nbf = Math.floor(Date.now() / 1000 - CLOCK_SKEW)\n          }\n        }\n\n        if (!presentation.iat) {\n          presentation.iat = presentation.nbf\n        }\n\n        if (!presentation.exp) {\n          if (presentation.expirationDate) {\n            const converted = Date.parse(presentation.expirationDate)\n            if (!isNaN(converted)) {\n              presentation.exp = Math.floor(converted / 1000) // no skew here as an explicit value w as given\n            }\n          } else {\n            presentation.exp = presentation.nbf + 600 + CLOCK_SKEW\n          }\n        }\n\n        if (!presentation.vp) {\n          presentation.vp = {}\n        }\n        /*if (!presentation.sub) {\n          presentation.sub = id.did\n        }*/\n        if (!presentation.vp.holder) {\n          presentation.vp.holder = presentation.holder\n        }\n      }\n\n      // we ignore the alg / proof_format for now, as we already have the kid anyway at this point\n\n      // todo: look for jwt_vc_json and remove types and @context\n\n      const vp = await context.agent.createVerifiablePresentation({\n        presentation: presentation as PresentationPayload,\n        removeOriginalFields: false,\n        keyRef: resolution.kmsKeyRef,\n        // domain: domain ?? args.domain, // handled above, and did-jwt-vc creates an array even for 1 entry\n        challenge: challenge ?? args.challenge,\n        fetchRemoteContexts: args.fetchRemoteContexts !== false,\n        proofFormat: proofFormat as ProofFormat,\n        header,\n      })\n\n      // makes sure we extract an actual JWT from the internal representation in case it is a JWT\n      return CredentialMapper.storedPresentationToOriginalFormat(vp as OriginalVerifiablePresentation)\n    }\n  }\n}\n","/**\n * @public\n */\nconst schema = require('../plugin.schema.json')\nexport { schema }\nexport { PresentationExchange } from './agent/PresentationExchange'\nexport * from './types/IPresentationExchange'\nexport * from './functions'\n"],"mappings":";;;;;;;;AAAA;AAAA;AAAA;AAAA,MACE,6BAA+B;AAAA,QAC7B,YAAc;AAAA,UACZ,SAAW;AAAA,YACT,qBAAuB;AAAA,cACrB,MAAQ;AAAA,cACR,YAAc;AAAA,gBACZ,WAAa;AAAA,kBACX,MAAQ;AAAA,gBACV;AAAA,gBACA,sBAAwB;AAAA,cAC1B;AAAA,cACA,UAAY,CAAC,WAAW;AAAA,cACxB,aAAe;AAAA,YACjB;AAAA,YACA,0BAA4B;AAAA,cAC1B,MAAQ;AAAA,cACR,YAAc;AAAA,gBACZ,YAAc;AAAA,kBACZ,MAAQ;AAAA,kBACR,YAAc;AAAA,oBACZ,KAAO;AAAA,sBACL,MAAQ;AAAA,oBACV;AAAA,oBACA,OAAS;AAAA,sBACP,MAAQ;AAAA,oBACV;AAAA,oBACA,UAAY;AAAA,sBACV,MAAQ;AAAA,oBACV;AAAA,oBACA,iBAAmB;AAAA,sBACjB,MAAQ;AAAA,oBACV;AAAA,oBACA,MAAQ;AAAA,sBACN,MAAQ;AAAA,sBACR,OAAS;AAAA,wBACP,MAAQ;AAAA,wBACR,YAAc;AAAA,0BACZ,sBAAwB;AAAA,wBAC1B;AAAA,sBACF;AAAA,oBACF;AAAA,oBACA,UAAY;AAAA,sBACV,MAAQ;AAAA,sBACR,OAAS;AAAA,wBACP,MAAQ;AAAA,wBACR,YAAc;AAAA,0BACZ,sBAAwB;AAAA,wBAC1B;AAAA,sBACF;AAAA,oBACF;AAAA,kBACF;AAAA,kBACA,sBAAwB;AAAA,kBACxB,UAAY,CAAC,OAAO,YAAY,QAAQ,UAAU;AAAA,gBACpD;AAAA,gBACA,WAAa;AAAA,kBACX,MAAQ;AAAA,gBACV;AAAA,gBACA,WAAa;AAAA,kBACX,MAAQ;AAAA,gBACV;AAAA,gBACA,sBAAwB;AAAA,cAC1B;AAAA,cACA,UAAY,CAAC,YAAY;AAAA,cACzB,aAAe;AAAA,YACjB;AAAA,YACA,wBAA0B;AAAA,cACxB,MAAQ;AAAA,cACR,YAAc;AAAA,gBACZ,WAAa;AAAA,kBACX,MAAQ;AAAA,gBACV;AAAA,gBACA,sBAAwB;AAAA,cAC1B;AAAA,cACA,UAAY,CAAC,WAAW;AAAA,cACxB,aAAe;AAAA,YACjB;AAAA,YACA,2BAA6B;AAAA,cAC3B,MAAQ;AAAA,cACR,YAAc;AAAA,gBACZ,WAAa;AAAA,kBACX,MAAQ;AAAA,gBACV;AAAA,gBACA,SAAW;AAAA,kBACT,MAAQ;AAAA,gBACV;AAAA,gBACA,aAAe;AAAA,kBACb,MAAQ;AAAA,gBACV;AAAA,gBACA,sBAAwB;AAAA,cAC1B;AAAA,cACA,UAAY,CAAC,aAAa,WAAW,aAAa;AAAA,cAClD,aAAe;AAAA,YACjB;AAAA,YACA,WAAa;AAAA,cACX,MAAQ;AAAA,cACR,YAAc;AAAA,gBACZ,QAAU;AAAA,kBACR,MAAQ;AAAA,gBACV;AAAA,gBACA,sBAAwB;AAAA,cAC1B;AAAA,cACA,UAAY,CAAC,QAAQ;AAAA,cACrB,aAAe;AAAA,YACjB;AAAA,YACA,yCAA2C;AAAA,cACzC,MAAQ;AAAA,cACR,YAAc;AAAA,gBACZ,WAAa;AAAA,kBACX,MAAQ;AAAA,gBACV;AAAA,gBACA,SAAW;AAAA,kBACT,MAAQ;AAAA,gBACV;AAAA,gBACA,aAAe;AAAA,kBACb,MAAQ;AAAA,gBACV;AAAA,gBACA,sBAAwB;AAAA,cAC1B;AAAA,cACA,UAAY,CAAC,aAAa,WAAW,aAAa;AAAA,cAClD,aAAe;AAAA,YACjB;AAAA,YACA,gCAAkC;AAAA,cAChC,MAAQ;AAAA,cACR,YAAc;AAAA,gBACZ,KAAO;AAAA,kBACL,MAAQ;AAAA,gBACV;AAAA,gBACA,gBAAkB;AAAA,kBAChB,MAAQ;AAAA,kBACR,YAAc;AAAA,oBACZ,sBAAwB;AAAA,kBAC1B;AAAA,gBACF;AAAA,gBACA,cAAgB;AAAA,kBACd,MAAQ;AAAA,kBACR,YAAc;AAAA,oBACZ,sBAAwB;AAAA,kBAC1B;AAAA,gBACF;AAAA,gBACA,sBAAwB;AAAA,cAC1B;AAAA,cACA,UAAY,CAAC,OAAO,kBAAkB,cAAc;AAAA,cACpD,aAAe;AAAA,YACjB;AAAA,YACA,0CAA4C;AAAA,cAC1C,MAAQ;AAAA,cACR,YAAc;AAAA,gBACZ,WAAa;AAAA,kBACX,MAAQ;AAAA,gBACV;AAAA,gBACA,+BAAiC;AAAA,kBAC/B,MAAQ;AAAA,kBACR,YAAc;AAAA,oBACZ,sBAAwB;AAAA,kBAC1B;AAAA,gBACF;AAAA,gBACA,kBAAoB;AAAA,kBAClB,MAAQ;AAAA,kBACR,YAAc;AAAA,oBACZ,sBAAwB;AAAA,kBAC1B;AAAA,gBACF;AAAA,gBACA,sBAAwB;AAAA,cAC1B;AAAA,cACA,UAAY,CAAC,aAAa,+BAA+B;AAAA,cACzD,aAAe;AAAA,YACjB;AAAA,YACA,qBAAuB;AAAA,cACrB,MAAQ;AAAA,cACR,YAAc;AAAA,gBACZ,IAAM;AAAA,kBACJ,MAAQ;AAAA,gBACV;AAAA,gBACA,aAAe;AAAA,kBACb,MAAQ;AAAA,kBACR,OAAS;AAAA,oBACP,MAAQ;AAAA,kBACV;AAAA,gBACF;AAAA,gBACA,gBAAkB;AAAA,kBAChB,MAAQ;AAAA,kBACR,YAAc;AAAA,oBACZ,sBAAwB;AAAA,kBAC1B;AAAA,gBACF;AAAA,gBACA,sBAAwB;AAAA,cAC1B;AAAA,cACA,UAAY,CAAC,MAAM,gBAAgB;AAAA,cACnC,aAAe;AAAA,YACjB;AAAA,YACA,yCAA2C;AAAA,cACzC,MAAQ;AAAA,cACR,YAAc;AAAA,gBACZ,WAAa;AAAA,kBACX,MAAQ;AAAA,gBACV;AAAA,gBACA,gCAAkC;AAAA,kBAChC,MAAQ;AAAA,kBACR,YAAc;AAAA,oBACZ,sBAAwB;AAAA,kBAC1B;AAAA,gBACF;AAAA,gBACA,sBAAwB;AAAA,cAC1B;AAAA,cACA,UAAY,CAAC,aAAa,gCAAgC;AAAA,cAC1D,aAAe;AAAA,YACjB;AAAA,YACA,8BAAgC;AAAA,cAC9B,MAAQ;AAAA,cACR,YAAc;AAAA,gBACZ,SAAW;AAAA,kBACT,MAAQ;AAAA,kBACR,YAAc;AAAA,oBACZ,sBAAwB;AAAA,kBAC1B;AAAA,gBACF;AAAA,gBACA,yBAA2B;AAAA,kBACzB,MAAQ;AAAA,kBACR,YAAc;AAAA,oBACZ,sBAAwB;AAAA,kBAC1B;AAAA,gBACF;AAAA,gBACA,YAAc;AAAA,kBACZ,MAAQ;AAAA,kBACR,YAAc;AAAA,oBACZ,sBAAwB;AAAA,kBAC1B;AAAA,gBACF;AAAA,gBACA,sBAAwB;AAAA,cAC1B;AAAA,cACA,UAAY,CAAC,WAAW,YAAY;AAAA,cACpC,aAAe;AAAA,YACjB;AAAA,YACA,qCAAuC;AAAA,cACrC,MAAQ;AAAA,cACR,YAAc;AAAA,gBACZ,WAAa;AAAA,kBACX,MAAQ;AAAA,gBACV;AAAA,gBACA,+BAAiC;AAAA,kBAC/B,MAAQ;AAAA,kBACR,YAAc;AAAA,oBACZ,sBAAwB;AAAA,kBAC1B;AAAA,gBACF;AAAA,gBACA,gCAAkC;AAAA,kBAChC,MAAQ;AAAA,kBACR,YAAc;AAAA,oBACZ,sBAAwB;AAAA,kBAC1B;AAAA,gBACF;AAAA,gBACA,sBAAwB;AAAA,cAC1B;AAAA,cACA,UAAY,CAAC,aAAa,+BAA+B;AAAA,cACzD,aAAe;AAAA,YACjB;AAAA,UACF;AAAA,UACA,SAAW;AAAA,YACT,mBAAqB;AAAA,cACnB,aAAe;AAAA,cACf,WAAa;AAAA,gBACX,MAAQ;AAAA,cACV;AAAA,cACA,YAAc;AAAA,YAChB;AAAA,YACA,wBAA0B;AAAA,cACxB,aAAe;AAAA,cACf,WAAa;AAAA,gBACX,MAAQ;AAAA,cACV;AAAA,cACA,YAAc;AAAA,YAChB;AAAA,YACA,sBAAwB;AAAA,cACtB,aAAe;AAAA,cACf,WAAa;AAAA,gBACX,MAAQ;AAAA,cACV;AAAA,cACA,YAAc;AAAA,YAChB;AAAA,YACA,sBAAwB;AAAA,cACtB,aAAe;AAAA,cACf,WAAa;AAAA,gBACX,MAAQ;AAAA,cACV;AAAA,cACA,YAAc;AAAA,gBACZ,MAAQ;AAAA,cACV;AAAA,YACF;AAAA,YACA,oCAAsC;AAAA,cACpC,aAAe;AAAA,cACf,WAAa;AAAA,gBACX,MAAQ;AAAA,cACV;AAAA,cACA,YAAc;AAAA,gBACZ,MAAQ;AAAA,cACV;AAAA,YACF;AAAA,YACA,qCAAuC;AAAA,cACrC,aAAe;AAAA,cACf,WAAa;AAAA,gBACX,MAAQ;AAAA,cACV;AAAA,cACA,YAAc;AAAA,gBACZ,MAAQ;AAAA,cACV;AAAA,YACF;AAAA,YACA,oCAAsC;AAAA,cACpC,aAAe;AAAA,cACf,WAAa;AAAA,gBACX,MAAQ;AAAA,cACV;AAAA,cACA,YAAc;AAAA,gBACZ,MAAQ;AAAA,cACV;AAAA,YACF;AAAA,YACA,gCAAkC;AAAA,cAChC,aAAe;AAAA,cACf,WAAa;AAAA,gBACX,MAAQ;AAAA,cACV;AAAA,cACA,YAAc;AAAA,gBACZ,MAAQ;AAAA,cACV;AAAA,YACF;AAAA,UACF;AAAA,QACF;AAAA,MACF;AAAA,IACF;AAAA;AAAA;;;AC3TA,SAA2CA,WAAW;AACtD,SAAqBC,kBAA0BC,2BAAoD;AAEnG,SAASC,cAAc;AACvB,SAAkDC,yCAAyC;AAGpF,IAAMC,uBAAN,MAAMA;EApBb,OAoBaA;;;EACFC,SAASA,OAAOC;EACRC,MAAM,IAAIC,IAAAA;EAElBC,UAAiC;IACxCC,uBAAuB,KAAKA,sBAAsBC,KAAK,IAAI;IAC3DC,sBAAsB,KAAKA,qBAAqBD,KAAK,IAAI;IACzDE,gCAAgC,KAAKA,+BAA+BF,KAAK,IAAI;IAC7EG,kDAAkD,KAAKA,iDAAiDH,KAAK,IAAI;EACnH;EAEA,YAAYI,MAAgB;EAAC;EAE7B,MAAcL,sBAAsBM,MAAiD;AACnF,UAAM,EAAEC,WAAU,IAAKD;AACvB,UAAME,WAAsB,CAAA;AAE5B,QAAI;AACF,YAAMC,SAASX,IAAIY,mBAAmBH,UAAAA;AACtC,YAAMI,cAAcC,MAAMC,QAAQJ,MAAAA,IAAUA,SAAS;QAACA;;AACtDD,eAASM,KAAI,GAAIH,YAAYI,OAAO,CAACC,MAAMA,EAAEC,WAAW,OAAA,CAAA;IAC1D,SAASC,OAAO;AACdV,eAASM,KAAK;QACZG,QAAQ;QACRE,SACE,OAAOD,UAAU,WACbA,QACA,OAAOA,UAAU,YAAY,aAAcA,QACxCA,MAAgBC,UACjB;QACRC,KAAK;MACP,CAAA;IACF;AAEA,QAAIZ,SAASa,SAAS,GAAG;AACvB,YAAMC,MAAM,uBAAuBd,SAASe,IAAI,CAACP,MAAMA,EAAEG,OAAO,EAAEK,SAAQ,CAAA,EAAI;IAChF;AACA,WAAO;EACT;EAEA,MAAMtB,qBAAqBuB,wBAAkF;AAC3G,WAAO3B,IAAI4B,2BAA2BD,sBAAAA;EACxC;EAEA,MAAMtB,+BAA+BG,MAAuCqB,SAAsD;AAChI,UAAMC,cAAc,MAAM,KAAKC,qBAAqBvB,KAAKwB,sBAAsBH,OAAAA;AAC/E,UAAMI,aAAazB,KAAKyB,aAAaC,OAAO1B,KAAKyB,UAAU,IAAIC,OAAO,MAAML,QAAQM,MAAMC,2BAA0B,CAAA;AACpH,UAAMC,gBAAgB,KAAKtC,IAAIuC,WAAW9B,KAAKmB,wBAAwBG,eAAe,CAAA,GAAI;MACxF,GAAGtB;MACHyB;MACAM,gCAAgC/B,KAAK+B,kCAAkC;QAAC;;IAC1E,CAAA;AACA,WAAO;MACLC,IAAIhC,KAAKmB,uBAAuBa;MAChCH;MACAI,qBAAqBJ,cAAcK,sBAAsBjB,IAAI,CAACkB,OAAOC,iBAAiBC,iCAAiCF,EAAAA,CAAAA,KAAQ,CAAA;IACjI;EACF;EAEA,MAAMrC,iDACJE,MACAqB,SACgD;AAChD,UAAMiB,iBAAiBtC,KAAKmB;AAC5B,UAAMG,cAAc,MAAM,KAAKC,qBAAqBvB,KAAKwB,wBAAwB,CAAC,GAAGH,OAAAA;AACrF,UAAMI,aAAazB,KAAKyB,aAAaC,OAAO1B,KAAKyB,UAAU,IAAIC,OAAO,MAAML,QAAQM,MAAMC,2BAA0B,CAAA;AACpH,UAAMG,iCAAiC/B,KAAK+B;AAE5C,UAAMQ,WAAW,oBAAIC,IAAAA;AACrBF,mBAAeG,kBAAkBC,QAAQ,CAACC,oBAAAA;AACxC,YAAMxB,yBAAyB;QAC7Ba,IAAIW,gBAAgBX;QACpBS,mBAAmB;UAACE;;MACtB;AAEA,YAAMC,iBAAiB5C,KAAKwB,qBAAqBoB;AAEjDL,eAASM,IACPF,iBACA,KAAK9C,+BACH;QACE2B,sBAAsB;UAAEoB;UAAgBE,uBAAuBxB;QAAY;;QAE3EH;QACAM;QACAM;MACF,GACAV,OAAAA,CAAAA;IAGN,CAAA;AACA,UAAM0B,QAAQC,IAAIT,SAASU,OAAM,CAAA;AACjC,UAAM9C,SAAgD,CAAA;AACtD,eAAW+C,SAASX,SAASY,QAAO,GAAI;AACtChD,aAAOK,KAAK;QAAE,GAAI,MAAM0C,MAAM,CAAA;QAAKP,iBAAiBO,MAAM,CAAA;MAAG,CAAA;IAC/D;AACA,WAAO/C;EACT;EAEA,MAAcoB,qBACZ6B,YAKA/B,SACoC;AACpC,QAAI+B,WAAWN,yBAAyBM,WAAWN,sBAAsB/B,SAAS,GAAG;AACnF,aAAOqC,WAAWN;IACpB;AAEA,UAAMrC,SAAS4C,kCAAkCD,WAAWR,gBAAgBQ,WAAW3C,MAAM;AAC7F,UAAM6C,oBAAoB,MAAMjC,QAAQM,MAAM4B,wBAAwB;MAAE9C;IAAO,CAAA;AAE/E,WAAO6C,kBAAkBrC,IAAI,CAACuC,aAAAA;AAC5B,YAAMrB,KAAKqB,SAASC;AACpB,YAAMC,QAAQpD,MAAMC,QAAQ4B,GAAGuB,KAAK,IAAIvB,GAAGuB,QAAQ;QAACvB,GAAGuB;;AACvD,YAAMC,WAAWD,MAAME,KAAK,CAACC,MAAcA,GAAGC,SAASC,mBAAAA;AACvD,aAAOJ,WAAYA,SAASK,MAAqB7B;IACnD,CAAA;EACF;AACF;;;AC3IA,SACE8B,4BACAC,8BACAC,oCAEK;AACP,SACEC,oBAAAA,yBAKK;AAIP,eAAsBC,kCACpBC,MAQAC,SAAyB;AAEzB,WAASC,qBAAqBC,eAI7B;AACC,UAAM,EAAEC,QAAQC,wBAAwBC,aAAY,IAAKH;AAEzD,QAAII,gBAAgBH,UAAUC,uBAAuBD,UAAUJ,KAAKI;AAEpE,QAAI,CAACG,iBAAiBF,uBAAuBG,kBAAkBC,UAAU,KAAK,YAAYJ,uBAAuBG,kBAAkB,CAAA,GAAI;AACrID,sBAAgBF,uBAAuBG,kBAAkB,CAAA,EAAGJ;IAC9D;AAEA,QAAI,CAACG,eAAe;AAClB,UAAIG,kBAAiBC,gCAAgCL,aAAaM,cAAc,GAAG;AACjF,eAAO;MACT,WAAWF,kBAAiBG,6BAA6BP,aAAaM,cAAc,GAAqC;AACvH,eAAO;MACT,WAAWF,kBAAiBI,kBAAkBR,aAAaM,cAAc,GAAG;AAC1E,YAAI,OAAON,aAAaS,kBAAkB,UAAU;AAClD,iBAAO;QACT;AACA,eAAO;MACT;AACA,aAAO;IACT,WAAW,OAAOR,kBAAkB,UAAU;AAE5C,aAAOA;IACT;AAGA,UAAMS,UAAU,IAAIC,IAClBC,OAAOC,KAAKZ,aAAAA,EAAea,IAAI,CAACC,SAAUA,KAAKC,SAAS,KAAA,IAAS,QAAQD,KAAKC,SAAS,WAAA,IAAe,cAAc,KAAA,CAAA;AAItH,QAAIN,QAAQO,SAAS,GAAG;AACtB,aAAOP,QAAQQ,OAAM,EAAGC,KAAI,EAAGC;IACjC;AACAV,YAAQG,KAAI,EAAGM,KAAI;AAEnB,QAAIT,QAAQW,IAAI,WAAA,GAAc;AAC5B,aAAO;IACT,WAESX,QAAQW,IAAI,KAAA,GAAQ;AAC3B,aAAO;IACT;AAGA,WAAO;EACT;AAnDSzB;AAqDT,SAAO,OAAO,EACZI,cACAsB,QACAvB,wBACAD,QACAyB,UAAS,MAOV;AACC,UAAMC,cAAc5B,qBAAqB;MAAEE;MAAQC;MAAwBC;IAAa,CAAA;AACxF,UAAM,EAAEyB,OAAM,IAAK/B;AACnB,UAAMgC,aAAa;AACnB,QAAIhC,KAAKiC,qBAAqBC,2BAA2BH,MAAAA,GAAS;AAChEA,aAAOI,6BAA6B;IACtC;AAEA,QAAI,oBAAoB7B,cAAc;AACpC,UAAIwB,gBAAgB,aAAa;AAC/B,eAAOM,QAAQC,OAAOC,MAAM,oDAAoDR,WAAAA,EAAa,CAAA;MAC/F;AAEA,YAAMS,qBAAqB,MAAMtC,QAAQuC,MAAMC,wBAAwB;QACrE,GAAIV,QAAQW,WAAW,oBAAoB;UAAEC,QAAQZ,QAAQa;QAAiB;QAC9EtC,cAAcA,aAAauC;QAC3BC,IAAI;UACFC,SAAS;YACP,GAAGzC,aAAa0C,OAAOD;YACvBE,KAAK3C,aAAa0C,OAAOD,SAASE,OAAOC,KAAKC,MAAMC,KAAKC,IAAG,IAAK,MAAOrB,UAAAA;YACxEsB,OAAOzB,aAAavB,aAAa0C,OAAOD,SAASO;YACjDC,KAAKjD,aAAa0C,OAAOD,SAASQ,OAAO3B,UAAU5B,KAAK4B;UAC1D;QACF;MACF,CAAA;AAEA,aAAOlB,kBAAiB8C,mCAAmCjB,mBAAmBjC,YAAY;IAC5F,OAAO;AACL,YAAMmD,aAAa,MAAMxD,QAAQuC,MAAMkB,qBAAqB3B,MAAAA;AAE5D,UAAID,gBAAgB,aAAa;AAC/B,eAAOM,QAAQC,OAAOC,MAAM,oDAAoDR,WAAAA,EAAa,CAAA;MAC/F;AACA,UAAI6B;AACJ,UAAI,CAACrD,aAAaqC,QAAQ;AACxBrC,qBAAaqC,SAASc,WAAWb;MACnC;AACA,UAAId,gBAAgB,OAAO;AACzB6B,iBAAS;UACP,IAAKC,6BAA6BH,UAAAA,KAAeI,6BAA6BJ,UAAAA,MAAgBA,WAAWK,OAAO;YAAEA,KAAKL,WAAWK;UAAI;UACtI,GAAID,6BAA6BJ,UAAAA,KAAe;YAAEM,KAAKN,WAAWM;UAAI;QACxE;AACA,YAAIzD,aAAa0D,YAAY,CAAC1D,aAAaiD,KAAK;AAC9CjD,uBAAaiD,MAAMU,MAAMC,QAAQ5D,aAAa0D,QAAQ,IAAI1D,aAAa0D,WAAY1D,aAAa0D,YAAYpC,UAAU5B,KAAK4B;AAC3H,iBAAOtB,aAAa0D;QACtB;AAEA,YAAI,CAAC1D,aAAa6D,KAAK;AACrB,cAAI7D,aAAa8D,cAAc;AAC7B,kBAAMC,YAAYjB,KAAKkB,MAAMhE,aAAa8D,YAAY;AACtD,gBAAI,CAACG,MAAMF,SAAAA,GAAY;AACrB/D,2BAAa6D,MAAMjB,KAAKC,MAAMkB,YAAY,GAAA;YAC5C;UACF,OAAO;AACL/D,yBAAa6D,MAAMjB,KAAKC,MAAMC,KAAKC,IAAG,IAAK,MAAOrB,UAAAA;UACpD;QACF;AAEA,YAAI,CAAC1B,aAAa2C,KAAK;AACrB3C,uBAAa2C,MAAM3C,aAAa6D;QAClC;AAEA,YAAI,CAAC7D,aAAakE,KAAK;AACrB,cAAIlE,aAAamE,gBAAgB;AAC/B,kBAAMJ,YAAYjB,KAAKkB,MAAMhE,aAAamE,cAAc;AACxD,gBAAI,CAACF,MAAMF,SAAAA,GAAY;AACrB/D,2BAAakE,MAAMtB,KAAKC,MAAMkB,YAAY,GAAA;YAC5C;UACF,OAAO;AACL/D,yBAAakE,MAAMlE,aAAa6D,MAAM,MAAMnC;UAC9C;QACF;AAEA,YAAI,CAAC1B,aAAaoE,IAAI;AACpBpE,uBAAaoE,KAAK,CAAC;QACrB;AAIA,YAAI,CAACpE,aAAaoE,GAAG/B,QAAQ;AAC3BrC,uBAAaoE,GAAG/B,SAASrC,aAAaqC;QACxC;MACF;AAMA,YAAM+B,KAAK,MAAMzE,QAAQuC,MAAMmC,6BAA6B;QAC1DrE;QACAsE,sBAAsB;QACtBC,QAAQpB,WAAWqB;;QAEnBjD,WAAWA,aAAa7B,KAAK6B;QAC7BkD,qBAAqB/E,KAAK+E,wBAAwB;QAClDjD;QACA6B;MACF,CAAA;AAGA,aAAOjD,kBAAiB8C,mCAAmCkB,EAAAA;IAC7D;EACF;AACF;AAnLsB3E;;;ACftB,IAAMiF,SAASC;","names":["PEX","CredentialMapper","JWT_PROOF_TYPE_2020","toDIDs","verifiableCredentialForRoleFilter","PresentationExchange","schema","IDidAuthSiopOpAuthenticator","pex","PEX","methods","pexValidateDefinition","bind","pexDefinitionVersion","pexDefinitionFilterCredentials","pexDefinitionFilterCredentialsPerInputDescriptor","opts","args","definition","invalids","result","validateDefinition","validations","Array","isArray","push","filter","v","status","error","message","tag","length","Error","map","toString","presentationDefinition","definitionVersionDiscovery","context","credentials","pexFilterCredentials","credentialFilterOpts","holderDIDs","toDIDs","agent","dataStoreORMGetIdentifiers","selectResults","selectFrom","limitDisclosureSignatureSuites","id","filteredCredentials","verifiableCredential","vc","CredentialMapper","storedCredentialToOriginalFormat","origDefinition","promises","Map","input_descriptors","forEach","inputDescriptor","credentialRole","set","verifiableCredentials","Promise","all","values","entry","entries","filterOpts","verifiableCredentialForRoleFilter","uniqueCredentials","crsGetUniqueCredentials","uniqueVC","uniformVerifiableCredential","proof","jwtProof","find","p","type","JWT_PROOF_TYPE_2020","jwt","isManagedIdentifierDidOpts","isManagedIdentifierDidResult","isManagedIdentifierX5cResult","CredentialMapper","createPEXPresentationSignCallback","args","context","determineProofFormat","determineArgs","format","presentationDefinition","presentation","formatOptions","input_descriptors","length","CredentialMapper","isSdJwtDecodedCredentialPayload","decodedPayload","isMsoMdocDecodedPresentation","isW3cPresentation","signedPayload","formats","Set","Object","keys","map","form","includes","size","values","next","value","has","domain","challenge","proofFormat","idOpts","CLOCK_SKEW","skipDidResolution","isManagedIdentifierDidOpts","offlineWhenNoDIDRegistered","Promise","reject","Error","presentationResult","agent","createSdJwtPresentation","method","holder","issuer","compactSdJwtVc","kb","payload","kbJwt","iat","Math","floor","Date","now","nonce","aud","storedPresentationToOriginalFormat","resolution","identifierManagedGet","header","isManagedIdentifierDidResult","isManagedIdentifierX5cResult","kid","jwk","verifier","Array","isArray","nbf","issuanceDate","converted","parse","isNaN","exp","expirationDate","vp","createVerifiablePresentation","removeOriginalFields","keyRef","kmsKeyRef","fetchRemoteContexts","schema","require"]}
+{"version":3,"sources":["../plugin.schema.json","../src/agent/PresentationExchange.ts","../src/functions.ts","../src/index.ts"],"sourcesContent":["{\n  \"IDidAuthSiopOpAuthenticator\": {\n    \"components\": {\n      \"schemas\": {\n        \"IGetSiopSessionArgs\": {\n          \"type\": \"object\",\n          \"properties\": {\n            \"sessionId\": {\n              \"type\": \"string\"\n            },\n            \"additionalProperties\": false\n          },\n          \"required\": [\"sessionId\"],\n          \"description\": \"Arguments needed for {@link DidAuthSiopOpAuthenticator.getSessionForSiop } \"\n        },\n        \"IRegisterSiopSessionArgs\": {\n          \"type\": \"object\",\n          \"properties\": {\n            \"identifier\": {\n              \"type\": \"object\",\n              \"properties\": {\n                \"did\": {\n                  \"type\": \"string\"\n                },\n                \"alias\": {\n                  \"type\": \"string\"\n                },\n                \"provider\": {\n                  \"type\": \"string\"\n                },\n                \"controllerKeyId\": {\n                  \"type\": \"string\"\n                },\n                \"keys\": {\n                  \"type\": \"array\",\n                  \"items\": {\n                    \"type\": \"object\",\n                    \"properties\": {\n                      \"additionalProperties\": true\n                    }\n                  }\n                },\n                \"services\": {\n                  \"type\": \"array\",\n                  \"items\": {\n                    \"type\": \"object\",\n                    \"properties\": {\n                      \"additionalProperties\": true\n                    }\n                  }\n                }\n              },\n              \"additionalProperties\": false,\n              \"required\": [\"did\", \"provider\", \"keys\", \"services\"]\n            },\n            \"sessionId\": {\n              \"type\": \"string\"\n            },\n            \"expiresIn\": {\n              \"type\": \"number\"\n            },\n            \"additionalProperties\": false\n          },\n          \"required\": [\"identifier\"],\n          \"description\": \"Arguments needed for {@link DidAuthSiopOpAuthenticator.registerSessionForSiop } \"\n        },\n        \"IRemoveSiopSessionArgs\": {\n          \"type\": \"object\",\n          \"properties\": {\n            \"sessionId\": {\n              \"type\": \"string\"\n            },\n            \"additionalProperties\": false\n          },\n          \"required\": [\"sessionId\"],\n          \"description\": \"Arguments needed for {@link DidAuthSiopOpAuthenticator.removeSessionForSiop } \"\n        },\n        \"IAuthenticateWithSiopArgs\": {\n          \"type\": \"object\",\n          \"properties\": {\n            \"sessionId\": {\n              \"type\": \"string\"\n            },\n            \"stateId\": {\n              \"type\": \"string\"\n            },\n            \"redirectUrl\": {\n              \"type\": \"string\"\n            },\n            \"additionalProperties\": false\n          },\n          \"required\": [\"sessionId\", \"stateId\", \"redirectUrl\"],\n          \"description\": \"Arguments needed for {@link DidAuthSiopOpAuthenticator.authenticateWithSiop } \"\n        },\n        \"IResponse\": {\n          \"type\": \"object\",\n          \"properties\": {\n            \"status\": {\n              \"type\": \"number\"\n            },\n            \"additionalProperties\": true\n          },\n          \"required\": [\"status\"],\n          \"description\": \"Result of {@link DidAuthSiopOpAuthenticator.authenticateWithSiop & DidAuthSiopOpAuthenticator.sendSiopAuthenticationResponse } \"\n        },\n        \"IGetSiopAuthenticationRequestFromRpArgs\": {\n          \"type\": \"object\",\n          \"properties\": {\n            \"sessionId\": {\n              \"type\": \"string\"\n            },\n            \"stateId\": {\n              \"type\": \"string\"\n            },\n            \"redirectUrl\": {\n              \"type\": \"string\"\n            },\n            \"additionalProperties\": false\n          },\n          \"required\": [\"sessionId\", \"stateId\", \"redirectUrl\"],\n          \"description\": \"Arguments needed for {@link DidAuthSiopOpAuthenticator.getSiopAuthenticationRequestFromRP } \"\n        },\n        \"ParsedAuthenticationRequestURI\": {\n          \"type\": \"object\",\n          \"properties\": {\n            \"jwt\": {\n              \"type\": \"string\"\n            },\n            \"requestPayload\": {\n              \"type\": \"object\",\n              \"properties\": {\n                \"additionalProperties\": true\n              }\n            },\n            \"registration\": {\n              \"type\": \"object\",\n              \"properties\": {\n                \"additionalProperties\": true\n              }\n            },\n            \"additionalProperties\": false\n          },\n          \"required\": [\"jwt\", \"requestPayload\", \"registration\"],\n          \"description\": \"Result of {@link DidAuthSiopOpAuthenticator.getSiopAuthenticationRequestFromRP } \"\n        },\n        \"IGetSiopAuthenticationRequestDetailsArgs\": {\n          \"type\": \"object\",\n          \"properties\": {\n            \"sessionId\": {\n              \"type\": \"string\"\n            },\n            \"verifiedAuthenticationRequest\": {\n              \"type\": \"object\",\n              \"properties\": {\n                \"additionalProperties\": true\n              }\n            },\n            \"credentialFilter\": {\n              \"type\": \"object\",\n              \"properties\": {\n                \"additionalProperties\": true\n              }\n            },\n            \"additionalProperties\": false\n          },\n          \"required\": [\"sessionId\", \"verifiedAuthenticationRequest\"],\n          \"description\": \"Arguments needed for {@link DidAuthSiopOpAuthenticator.getSiopAuthenticationRequestDetails } \"\n        },\n        \"IAuthRequestDetails\": {\n          \"type\": \"object\",\n          \"properties\": {\n            \"id\": {\n              \"type\": \"string\"\n            },\n            \"alsoKnownAs\": {\n              \"type\": \"array\",\n              \"items\": {\n                \"type\": \"string\"\n              }\n            },\n            \"vpResponseOpts\": {\n              \"type\": \"object\",\n              \"properties\": {\n                \"additionalProperties\": true\n              }\n            },\n            \"additionalProperties\": false\n          },\n          \"required\": [\"id\", \"vpResponseOpts\"],\n          \"description\": \"Result of {@link DidAuthSiopOpAuthenticator.getSiopAuthenticationRequestDetails } \"\n        },\n        \"IVerifySiopAuthenticationRequestUriArgs\": {\n          \"type\": \"object\",\n          \"properties\": {\n            \"sessionId\": {\n              \"type\": \"string\"\n            },\n            \"ParsedAuthenticationRequestURI\": {\n              \"type\": \"object\",\n              \"properties\": {\n                \"additionalProperties\": true\n              }\n            },\n            \"additionalProperties\": false\n          },\n          \"required\": [\"sessionId\", \"ParsedAuthenticationRequestURI\"],\n          \"description\": \"Arguments needed for {@link DidAuthSiopOpAuthenticator.verifySiopAuthenticationRequestURI } \"\n        },\n        \"VerifiedAuthorizationRequest\": {\n          \"type\": \"object\",\n          \"properties\": {\n            \"payload\": {\n              \"type\": \"object\",\n              \"properties\": {\n                \"additionalProperties\": true\n              }\n            },\n            \"presentationDefinitions\": {\n              \"type\": \"object\",\n              \"properties\": {\n                \"additionalProperties\": true\n              }\n            },\n            \"verifyOpts\": {\n              \"type\": \"object\",\n              \"properties\": {\n                \"additionalProperties\": true\n              }\n            },\n            \"additionalProperties\": false\n          },\n          \"required\": [\"payload\", \"verifyOpts\"],\n          \"description\": \"Result of {@link DidAuthSiopOpAuthenticator.verifySiopAuthenticationRequestURI } \"\n        },\n        \"ISendSiopAuthenticationResponseArgs\": {\n          \"type\": \"object\",\n          \"properties\": {\n            \"sessionId\": {\n              \"type\": \"string\"\n            },\n            \"verifiedAuthenticationRequest\": {\n              \"type\": \"object\",\n              \"properties\": {\n                \"additionalProperties\": true\n              }\n            },\n            \"verifiablePresentationResponse\": {\n              \"type\": \"object\",\n              \"properties\": {\n                \"additionalProperties\": true\n              }\n            },\n            \"additionalProperties\": false\n          },\n          \"required\": [\"sessionId\", \"verifiedAuthenticationRequest\"],\n          \"description\": \"Arguments needed for {@link DidAuthSiopOpAuthenticator.sendSiopAuthenticationResponse } \"\n        }\n      },\n      \"methods\": {\n        \"getSessionForSiop\": {\n          \"description\": \"Get SIOP session\",\n          \"arguments\": {\n            \"$ref\": \"#/components/schemas/IGetSiopSessionArgs\"\n          },\n          \"returnType\": \"object\"\n        },\n        \"registerSessionForSiop\": {\n          \"description\": \"Register SIOP session\",\n          \"arguments\": {\n            \"$ref\": \"#/components/schemas/IRegisterSiopSessionArgs\"\n          },\n          \"returnType\": \"object\"\n        },\n        \"removeSessionForSiop\": {\n          \"description\": \"Remove SIOP session\",\n          \"arguments\": {\n            \"$ref\": \"#/components/schemas/IRemoveSiopSessionArgs\"\n          },\n          \"returnType\": \"boolean\"\n        },\n        \"authenticateWithSiop\": {\n          \"description\": \"Authenticate using DID Auth SIOP\",\n          \"arguments\": {\n            \"$ref\": \"#/components/schemas/IAuthenticateWithSiopArgs\"\n          },\n          \"returnType\": {\n            \"$ref\": \"#/components/schemas/Response\"\n          }\n        },\n        \"getSiopAuthenticationRequestFromRP\": {\n          \"description\": \"Get authentication request from RP\",\n          \"arguments\": {\n            \"$ref\": \"#/components/schemas/IGetSiopAuthenticationRequestFromRpArgs\"\n          },\n          \"returnType\": {\n            \"$ref\": \"#/components/schemas/ParsedAuthenticationRequestURI\"\n          }\n        },\n        \"getSiopAuthenticationRequestDetails\": {\n          \"description\": \"Get authentication request details\",\n          \"arguments\": {\n            \"$ref\": \"#/components/schemas/IGetSiopAuthenticationRequestDetailsArgs\"\n          },\n          \"returnType\": {\n            \"$ref\": \"#/components/schemas/IAuthRequestDetails\"\n          }\n        },\n        \"verifySiopAuthenticationRequestURI\": {\n          \"description\": \"Verify authentication request URI\",\n          \"arguments\": {\n            \"$ref\": \"#/components/schemas/IVerifySiopAuthenticationRequestUriArgs\"\n          },\n          \"returnType\": {\n            \"$ref\": \"#/components/schemas/VerifiedAuthorizationRequest\"\n          }\n        },\n        \"sendSiopAuthenticationResponse\": {\n          \"description\": \"Send authentication response\",\n          \"arguments\": {\n            \"$ref\": \"#/components/schemas/ISendSiopAuthenticationResponseArgs\"\n          },\n          \"returnType\": {\n            \"$ref\": \"#/components/schemas/IRequiredContext\"\n          }\n        }\n      }\n    }\n  }\n}\n","import {\n  IDefinitionCredentialFilterArgs,\n  IDefinitionValidateArgs,\n  IPEXFilterResult,\n  IPEXFilterResultWithInputDescriptor,\n  IRequiredContext,\n  PEXOpts,\n  schema,\n  VersionDiscoveryResult,\n} from '../index'\nimport { IAgentPlugin } from '@veramo/core'\n\nimport { IPresentationExchange } from '../types/IPresentationExchange'\nimport { Checked, IPresentationDefinition, PEX } from '@sphereon/pex'\nimport { CompactJWT, CredentialMapper, IProof, JWT_PROOF_TYPE_2020, W3CVerifiableCredential } from '@sphereon/ssi-types'\nimport { InputDescriptorV1, InputDescriptorV2 } from '@sphereon/pex-models'\nimport { toDIDs } from '@sphereon/ssi-sdk-ext.did-utils'\nimport { CredentialRole, UniqueDigitalCredential, verifiableCredentialForRoleFilter } from '@sphereon/ssi-sdk.credential-store'\nimport { FindDigitalCredentialArgs } from '@sphereon/ssi-sdk.data-store-types'\n\nexport class PresentationExchange implements IAgentPlugin {\n  readonly schema = schema.IDidAuthSiopOpAuthenticator\n  private readonly pex = new PEX()\n\n  readonly methods: IPresentationExchange = {\n    pexValidateDefinition: this.pexValidateDefinition.bind(this),\n    pexDefinitionVersion: this.pexDefinitionVersion.bind(this),\n    pexDefinitionFilterCredentials: this.pexDefinitionFilterCredentials.bind(this),\n    pexDefinitionFilterCredentialsPerInputDescriptor: this.pexDefinitionFilterCredentialsPerInputDescriptor.bind(this),\n  }\n\n  constructor(opts?: PEXOpts) {}\n\n  private async pexValidateDefinition(args: IDefinitionValidateArgs): Promise<boolean> {\n    const { definition } = args\n    const invalids: Checked[] = []\n\n    try {\n      const result = PEX.validateDefinition(definition)\n      const validations = Array.isArray(result) ? result : [result]\n      invalids.push(...validations.filter((v) => v.status === 'error'))\n    } catch (error) {\n      invalids.push({\n        status: 'error',\n        message:\n          typeof error === 'string'\n            ? error\n            : typeof error === 'object' && 'message' in (error as object)\n              ? (error as Error).message\n              : 'unknown error',\n        tag: 'validation',\n      })\n    }\n\n    if (invalids.length > 0) {\n      throw Error(`Invalid definition. ${invalids.map((v) => v.message).toString()}`)\n    }\n    return true // Never returns false, but REST API does not allow Promise<void>\n  }\n\n  async pexDefinitionVersion(presentationDefinition: IPresentationDefinition): Promise<VersionDiscoveryResult> {\n    return PEX.definitionVersionDiscovery(presentationDefinition)\n  }\n\n  async pexDefinitionFilterCredentials(args: IDefinitionCredentialFilterArgs, context: IRequiredContext): Promise<IPEXFilterResult> {\n    const credentials = await this.pexFilterCredentials(args.credentialFilterOpts, context)\n    const holderDIDs = args.holderDIDs ? toDIDs(args.holderDIDs) : toDIDs(await context.agent.dataStoreORMGetIdentifiers())\n    const selectResults = this.pex.selectFrom(args.presentationDefinition, credentials ?? [], {\n      ...args,\n      holderDIDs,\n      limitDisclosureSignatureSuites: args.limitDisclosureSignatureSuites ?? ['BbsBlsSignature2020'],\n    })\n    return {\n      id: args.presentationDefinition.id,\n      selectResults,\n      filteredCredentials: selectResults.verifiableCredential?.map((vc) => CredentialMapper.storedCredentialToOriginalFormat(vc)) ?? [],\n    }\n  }\n\n  async pexDefinitionFilterCredentialsPerInputDescriptor(\n    args: IDefinitionCredentialFilterArgs,\n    context: IRequiredContext,\n  ): Promise<IPEXFilterResultWithInputDescriptor[]> {\n    const origDefinition = args.presentationDefinition\n    const credentials = await this.pexFilterCredentials(args.credentialFilterOpts ?? {}, context)\n    const holderDIDs = args.holderDIDs ? toDIDs(args.holderDIDs) : toDIDs(await context.agent.dataStoreORMGetIdentifiers())\n    const limitDisclosureSignatureSuites = args.limitDisclosureSignatureSuites\n\n    const promises = new Map<InputDescriptorV1 | InputDescriptorV2, Promise<IPEXFilterResult>>()\n    origDefinition.input_descriptors.forEach((inputDescriptor) => {\n      const presentationDefinition = {\n        id: inputDescriptor.id,\n        input_descriptors: [inputDescriptor],\n      }\n\n      const credentialRole = args.credentialFilterOpts.credentialRole\n\n      promises.set(\n        inputDescriptor,\n        this.pexDefinitionFilterCredentials(\n          {\n            credentialFilterOpts: { credentialRole, verifiableCredentials: credentials },\n            // @ts-ignore\n            presentationDefinition,\n            holderDIDs,\n            limitDisclosureSignatureSuites,\n          },\n          context,\n        ),\n      )\n    })\n    await Promise.all(promises.values())\n    const result: IPEXFilterResultWithInputDescriptor[] = []\n    for (const entry of promises.entries()) {\n      result.push({ ...(await entry[1]), inputDescriptor: entry[0] })\n    }\n    return result\n  }\n\n  private async pexFilterCredentials(\n    filterOpts: {\n      credentialRole: CredentialRole\n      verifiableCredentials?: W3CVerifiableCredential[]\n      filter?: FindDigitalCredentialArgs\n    },\n    context: IRequiredContext,\n  ): Promise<W3CVerifiableCredential[]> {\n    if (filterOpts.verifiableCredentials && filterOpts.verifiableCredentials.length > 0) {\n      return filterOpts.verifiableCredentials as W3CVerifiableCredential[]\n    }\n\n    const filter = verifiableCredentialForRoleFilter(filterOpts.credentialRole, filterOpts.filter)\n    const uniqueCredentials = await context.agent.crsGetUniqueCredentials({ filter })\n\n    return uniqueCredentials.map((uniqueVC: UniqueDigitalCredential) => {\n      const vc = uniqueVC.uniformVerifiableCredential!\n      const proof = Array.isArray(vc.proof) ? vc.proof : [vc.proof]\n      const jwtProof = proof.find((p: IProof) => p?.type === JWT_PROOF_TYPE_2020)\n      return jwtProof ? (jwtProof.jwt as CompactJWT) : vc\n    })\n  }\n}\n","import { IPresentationDefinition } from '@sphereon/pex'\nimport { Format } from '@sphereon/pex-models'\nimport {\n  isManagedIdentifierDidOpts,\n  isManagedIdentifierDidResult,\n  isManagedIdentifierX5cResult,\n  ManagedIdentifierOptsOrResult,\n} from '@sphereon/ssi-sdk-ext.identifier-resolution'\nimport {\n  CredentialMapper,\n  Optional,\n  OriginalVerifiablePresentation,\n  SdJwtDecodedVerifiableCredential,\n  W3CVerifiablePresentation,\n} from '@sphereon/ssi-types'\nimport { PresentationPayload, ProofFormat } from '@veramo/core'\nimport { IPEXPresentationSignCallback, IRequiredContext } from './types/IPresentationExchange'\n\nexport async function createPEXPresentationSignCallback(\n  args: {\n    idOpts: ManagedIdentifierOptsOrResult\n    fetchRemoteContexts?: boolean\n    skipDidResolution?: boolean\n    format?: Format | ProofFormat\n    domain?: string\n    challenge?: string\n  },\n  context: IRequiredContext,\n): Promise<IPEXPresentationSignCallback> {\n  function determineProofFormat(determineArgs: {\n    format?: Format | 'jwt' | 'lds' | 'EthereumEip712Signature2021'\n    presentationDefinition: IPresentationDefinition\n    presentation: Optional<PresentationPayload, 'holder'> | SdJwtDecodedVerifiableCredential\n  }): string {\n    const { format, presentationDefinition, presentation } = determineArgs\n\n    var formatOptions = format ?? presentationDefinition.format ?? args.format\n    // TODO Refactor so it takes into account the Input Descriptors and we can lookup from there. Now we only do that if there is 1 descriptor\n    if (!formatOptions && presentationDefinition.input_descriptors.length == 1 && 'format' in presentationDefinition.input_descriptors[0]) {\n      formatOptions = presentationDefinition.input_descriptors[0].format\n    }\n    // All format arguments are optional. So if no format has been given we go for the most supported 'jwt'\n    if (!formatOptions) {\n      if (CredentialMapper.isSdJwtDecodedCredentialPayload(presentation.decodedPayload)) {\n        return 'dc+sd-jwt'\n      } else if (CredentialMapper.isMsoMdocDecodedPresentation(presentation.decodedPayload as OriginalVerifiablePresentation)) {\n        return 'mso_mdoc'\n      } else if (CredentialMapper.isW3cPresentation(presentation.decodedPayload)) {\n        if (typeof presentation.signedPayload === 'string') {\n          return 'jwt'\n        }\n        return 'lds'\n      }\n      return 'jwt'\n    } else if (typeof formatOptions === 'string') {\n      // if formatOptions is a singular string we can return that as the format\n      return formatOptions\n    }\n\n    // here we transform all format options to either lds or jwt. but we also want to support sd-jwt, so we need to specifically check for this one. which is ['dc+sd-jwt']\n    const formats = new Set(\n      Object.keys(formatOptions).map((form) => (form.includes('ldp') ? 'lds' : form.includes('dc+sd-jwt') ? 'dc+sd-jwt' : 'jwt')),\n    )\n\n    // if we only have 1 format type we can return that\n    if (formats.size === 1) {\n      return formats.values().next().value!!\n    }\n    formats.keys().next()\n    // if we can go for sd-jwt, we go for sd-jwt\n    if (formats.has('dc+sd-jwt')) {\n      return 'dc+sd-jwt'\n    }\n    // if it is not sd-jwt we would like to go for jwt\n    else if (formats.has('jwt')) {\n      return 'jwt'\n    }\n\n    // else we go for lds\n    return 'lds'\n  }\n\n  return async ({\n    presentation,\n    domain,\n    presentationDefinition,\n    format,\n    challenge,\n  }: {\n    presentation: Optional<PresentationPayload, 'holder'> | SdJwtDecodedVerifiableCredential\n    presentationDefinition: IPresentationDefinition\n    format?: Format | ProofFormat\n    domain?: string\n    challenge?: string\n  }): Promise<W3CVerifiablePresentation> => {\n    const proofFormat = determineProofFormat({ format, presentationDefinition, presentation })\n    const { idOpts } = args\n    const CLOCK_SKEW = 120\n    if (args.skipDidResolution && isManagedIdentifierDidOpts(idOpts)) {\n      idOpts.offlineWhenNoDIDRegistered = true\n    }\n\n    if ('compactSdJwtVc' in presentation) {\n      if (proofFormat !== 'dc+sd-jwt') {\n        return Promise.reject(Error(`presentation payload does not match proof format ${proofFormat}`))\n      }\n\n      const presentationResult = await context.agent.createSdJwtPresentation({\n        ...(idOpts?.method === 'oid4vci-issuer' && { holder: idOpts?.issuer as string }),\n        presentation: presentation.compactSdJwtVc,\n        kb: {\n          payload: {\n            ...presentation.kbJwt?.payload,\n            iat: presentation.kbJwt?.payload?.iat ?? Math.floor(Date.now() / 1000 - CLOCK_SKEW),\n            nonce: challenge ?? presentation.kbJwt?.payload?.nonce,\n            aud: presentation.kbJwt?.payload?.aud ?? domain ?? args.domain,\n          },\n        },\n      })\n\n      return CredentialMapper.storedPresentationToOriginalFormat(presentationResult.presentation as OriginalVerifiablePresentation)\n    } else {\n      const resolution = await context.agent.identifierManagedGet(idOpts)\n\n      if (proofFormat === 'dc+sd-jwt') {\n        return Promise.reject(Error(`presentation payload does not match proof format ${proofFormat}`))\n      }\n      let header\n      if (!presentation.holder) {\n        presentation.holder = resolution.issuer\n      }\n      if (proofFormat === 'jwt') {\n        header = {\n          ...((isManagedIdentifierDidResult(resolution) || isManagedIdentifierX5cResult(resolution)) && resolution.kid && { kid: resolution.kid }),\n          ...(isManagedIdentifierX5cResult(resolution) && { jwk: resolution.jwk }),\n        }\n        if (presentation.verifier || !presentation.aud) {\n          presentation.aud = Array.isArray(presentation.verifier) ? presentation.verifier : (presentation.verifier ?? domain ?? args.domain)\n          delete presentation.verifier\n        }\n\n        if (!presentation.nbf) {\n          if (presentation.issuanceDate) {\n            const converted = Date.parse(presentation.issuanceDate)\n            if (!isNaN(converted)) {\n              presentation.nbf = Math.floor(converted / 1000) // no skew here, as an explicit value was given\n            }\n          } else {\n            presentation.nbf = Math.floor(Date.now() / 1000 - CLOCK_SKEW)\n          }\n        }\n\n        if (!presentation.iat) {\n          presentation.iat = presentation.nbf\n        }\n\n        if (!presentation.exp) {\n          if (presentation.expirationDate) {\n            const converted = Date.parse(presentation.expirationDate)\n            if (!isNaN(converted)) {\n              presentation.exp = Math.floor(converted / 1000) // no skew here as an explicit value w as given\n            }\n          } else {\n            presentation.exp = presentation.nbf + 600 + CLOCK_SKEW\n          }\n        }\n\n        if (!presentation.vp) {\n          presentation.vp = {}\n        }\n        /*if (!presentation.sub) {\n          presentation.sub = id.did\n        }*/\n        if (!presentation.vp.holder) {\n          presentation.vp.holder = presentation.holder\n        }\n      }\n\n      // we ignore the alg / proof_format for now, as we already have the kid anyway at this point\n\n      // todo: look for jwt_vc_json and remove types and @context\n\n      const vp = await context.agent.createVerifiablePresentation({\n        presentation: presentation as PresentationPayload,\n        removeOriginalFields: false,\n        keyRef: resolution.kmsKeyRef,\n        // domain: domain ?? args.domain, // handled above, and did-jwt-vc creates an array even for 1 entry\n        challenge: challenge ?? args.challenge,\n        fetchRemoteContexts: args.fetchRemoteContexts !== false,\n        proofFormat: proofFormat as ProofFormat,\n        header,\n      })\n\n      // makes sure we extract an actual JWT from the internal representation in case it is a JWT\n      return CredentialMapper.storedPresentationToOriginalFormat(vp as OriginalVerifiablePresentation)\n    }\n  }\n}\n","/**\n * @public\n */\nconst schema = require('../plugin.schema.json')\nexport { schema }\nexport { PresentationExchange } from './agent/PresentationExchange'\nexport * from './types/IPresentationExchange'\nexport * from './functions'\n"],"mappings":";;;;;;;;AAAA;AAAA;AAAA;AAAA,MACE,6BAA+B;AAAA,QAC7B,YAAc;AAAA,UACZ,SAAW;AAAA,YACT,qBAAuB;AAAA,cACrB,MAAQ;AAAA,cACR,YAAc;AAAA,gBACZ,WAAa;AAAA,kBACX,MAAQ;AAAA,gBACV;AAAA,gBACA,sBAAwB;AAAA,cAC1B;AAAA,cACA,UAAY,CAAC,WAAW;AAAA,cACxB,aAAe;AAAA,YACjB;AAAA,YACA,0BAA4B;AAAA,cAC1B,MAAQ;AAAA,cACR,YAAc;AAAA,gBACZ,YAAc;AAAA,kBACZ,MAAQ;AAAA,kBACR,YAAc;AAAA,oBACZ,KAAO;AAAA,sBACL,MAAQ;AAAA,oBACV;AAAA,oBACA,OAAS;AAAA,sBACP,MAAQ;AAAA,oBACV;AAAA,oBACA,UAAY;AAAA,sBACV,MAAQ;AAAA,oBACV;AAAA,oBACA,iBAAmB;AAAA,sBACjB,MAAQ;AAAA,oBACV;AAAA,oBACA,MAAQ;AAAA,sBACN,MAAQ;AAAA,sBACR,OAAS;AAAA,wBACP,MAAQ;AAAA,wBACR,YAAc;AAAA,0BACZ,sBAAwB;AAAA,wBAC1B;AAAA,sBACF;AAAA,oBACF;AAAA,oBACA,UAAY;AAAA,sBACV,MAAQ;AAAA,sBACR,OAAS;AAAA,wBACP,MAAQ;AAAA,wBACR,YAAc;AAAA,0BACZ,sBAAwB;AAAA,wBAC1B;AAAA,sBACF;AAAA,oBACF;AAAA,kBACF;AAAA,kBACA,sBAAwB;AAAA,kBACxB,UAAY,CAAC,OAAO,YAAY,QAAQ,UAAU;AAAA,gBACpD;AAAA,gBACA,WAAa;AAAA,kBACX,MAAQ;AAAA,gBACV;AAAA,gBACA,WAAa;AAAA,kBACX,MAAQ;AAAA,gBACV;AAAA,gBACA,sBAAwB;AAAA,cAC1B;AAAA,cACA,UAAY,CAAC,YAAY;AAAA,cACzB,aAAe;AAAA,YACjB;AAAA,YACA,wBAA0B;AAAA,cACxB,MAAQ;AAAA,cACR,YAAc;AAAA,gBACZ,WAAa;AAAA,kBACX,MAAQ;AAAA,gBACV;AAAA,gBACA,sBAAwB;AAAA,cAC1B;AAAA,cACA,UAAY,CAAC,WAAW;AAAA,cACxB,aAAe;AAAA,YACjB;AAAA,YACA,2BAA6B;AAAA,cAC3B,MAAQ;AAAA,cACR,YAAc;AAAA,gBACZ,WAAa;AAAA,kBACX,MAAQ;AAAA,gBACV;AAAA,gBACA,SAAW;AAAA,kBACT,MAAQ;AAAA,gBACV;AAAA,gBACA,aAAe;AAAA,kBACb,MAAQ;AAAA,gBACV;AAAA,gBACA,sBAAwB;AAAA,cAC1B;AAAA,cACA,UAAY,CAAC,aAAa,WAAW,aAAa;AAAA,cAClD,aAAe;AAAA,YACjB;AAAA,YACA,WAAa;AAAA,cACX,MAAQ;AAAA,cACR,YAAc;AAAA,gBACZ,QAAU;AAAA,kBACR,MAAQ;AAAA,gBACV;AAAA,gBACA,sBAAwB;AAAA,cAC1B;AAAA,cACA,UAAY,CAAC,QAAQ;AAAA,cACrB,aAAe;AAAA,YACjB;AAAA,YACA,yCAA2C;AAAA,cACzC,MAAQ;AAAA,cACR,YAAc;AAAA,gBACZ,WAAa;AAAA,kBACX,MAAQ;AAAA,gBACV;AAAA,gBACA,SAAW;AAAA,kBACT,MAAQ;AAAA,gBACV;AAAA,gBACA,aAAe;AAAA,kBACb,MAAQ;AAAA,gBACV;AAAA,gBACA,sBAAwB;AAAA,cAC1B;AAAA,cACA,UAAY,CAAC,aAAa,WAAW,aAAa;AAAA,cAClD,aAAe;AAAA,YACjB;AAAA,YACA,gCAAkC;AAAA,cAChC,MAAQ;AAAA,cACR,YAAc;AAAA,gBACZ,KAAO;AAAA,kBACL,MAAQ;AAAA,gBACV;AAAA,gBACA,gBAAkB;AAAA,kBAChB,MAAQ;AAAA,kBACR,YAAc;AAAA,oBACZ,sBAAwB;AAAA,kBAC1B;AAAA,gBACF;AAAA,gBACA,cAAgB;AAAA,kBACd,MAAQ;AAAA,kBACR,YAAc;AAAA,oBACZ,sBAAwB;AAAA,kBAC1B;AAAA,gBACF;AAAA,gBACA,sBAAwB;AAAA,cAC1B;AAAA,cACA,UAAY,CAAC,OAAO,kBAAkB,cAAc;AAAA,cACpD,aAAe;AAAA,YACjB;AAAA,YACA,0CAA4C;AAAA,cAC1C,MAAQ;AAAA,cACR,YAAc;AAAA,gBACZ,WAAa;AAAA,kBACX,MAAQ;AAAA,gBACV;AAAA,gBACA,+BAAiC;AAAA,kBAC/B,MAAQ;AAAA,kBACR,YAAc;AAAA,oBACZ,sBAAwB;AAAA,kBAC1B;AAAA,gBACF;AAAA,gBACA,kBAAoB;AAAA,kBAClB,MAAQ;AAAA,kBACR,YAAc;AAAA,oBACZ,sBAAwB;AAAA,kBAC1B;AAAA,gBACF;AAAA,gBACA,sBAAwB;AAAA,cAC1B;AAAA,cACA,UAAY,CAAC,aAAa,+BAA+B;AAAA,cACzD,aAAe;AAAA,YACjB;AAAA,YACA,qBAAuB;AAAA,cACrB,MAAQ;AAAA,cACR,YAAc;AAAA,gBACZ,IAAM;AAAA,kBACJ,MAAQ;AAAA,gBACV;AAAA,gBACA,aAAe;AAAA,kBACb,MAAQ;AAAA,kBACR,OAAS;AAAA,oBACP,MAAQ;AAAA,kBACV;AAAA,gBACF;AAAA,gBACA,gBAAkB;AAAA,kBAChB,MAAQ;AAAA,kBACR,YAAc;AAAA,oBACZ,sBAAwB;AAAA,kBAC1B;AAAA,gBACF;AAAA,gBACA,sBAAwB;AAAA,cAC1B;AAAA,cACA,UAAY,CAAC,MAAM,gBAAgB;AAAA,cACnC,aAAe;AAAA,YACjB;AAAA,YACA,yCAA2C;AAAA,cACzC,MAAQ;AAAA,cACR,YAAc;AAAA,gBACZ,WAAa;AAAA,kBACX,MAAQ;AAAA,gBACV;AAAA,gBACA,gCAAkC;AAAA,kBAChC,MAAQ;AAAA,kBACR,YAAc;AAAA,oBACZ,sBAAwB;AAAA,kBAC1B;AAAA,gBACF;AAAA,gBACA,sBAAwB;AAAA,cAC1B;AAAA,cACA,UAAY,CAAC,aAAa,gCAAgC;AAAA,cAC1D,aAAe;AAAA,YACjB;AAAA,YACA,8BAAgC;AAAA,cAC9B,MAAQ;AAAA,cACR,YAAc;AAAA,gBACZ,SAAW;AAAA,kBACT,MAAQ;AAAA,kBACR,YAAc;AAAA,oBACZ,sBAAwB;AAAA,kBAC1B;AAAA,gBACF;AAAA,gBACA,yBAA2B;AAAA,kBACzB,MAAQ;AAAA,kBACR,YAAc;AAAA,oBACZ,sBAAwB;AAAA,kBAC1B;AAAA,gBACF;AAAA,gBACA,YAAc;AAAA,kBACZ,MAAQ;AAAA,kBACR,YAAc;AAAA,oBACZ,sBAAwB;AAAA,kBAC1B;AAAA,gBACF;AAAA,gBACA,sBAAwB;AAAA,cAC1B;AAAA,cACA,UAAY,CAAC,WAAW,YAAY;AAAA,cACpC,aAAe;AAAA,YACjB;AAAA,YACA,qCAAuC;AAAA,cACrC,MAAQ;AAAA,cACR,YAAc;AAAA,gBACZ,WAAa;AAAA,kBACX,MAAQ;AAAA,gBACV;AAAA,gBACA,+BAAiC;AAAA,kBAC/B,MAAQ;AAAA,kBACR,YAAc;AAAA,oBACZ,sBAAwB;AAAA,kBAC1B;AAAA,gBACF;AAAA,gBACA,gCAAkC;AAAA,kBAChC,MAAQ;AAAA,kBACR,YAAc;AAAA,oBACZ,sBAAwB;AAAA,kBAC1B;AAAA,gBACF;AAAA,gBACA,sBAAwB;AAAA,cAC1B;AAAA,cACA,UAAY,CAAC,aAAa,+BAA+B;AAAA,cACzD,aAAe;AAAA,YACjB;AAAA,UACF;AAAA,UACA,SAAW;AAAA,YACT,mBAAqB;AAAA,cACnB,aAAe;AAAA,cACf,WAAa;AAAA,gBACX,MAAQ;AAAA,cACV;AAAA,cACA,YAAc;AAAA,YAChB;AAAA,YACA,wBAA0B;AAAA,cACxB,aAAe;AAAA,cACf,WAAa;AAAA,gBACX,MAAQ;AAAA,cACV;AAAA,cACA,YAAc;AAAA,YAChB;AAAA,YACA,sBAAwB;AAAA,cACtB,aAAe;AAAA,cACf,WAAa;AAAA,gBACX,MAAQ;AAAA,cACV;AAAA,cACA,YAAc;AAAA,YAChB;AAAA,YACA,sBAAwB;AAAA,cACtB,aAAe;AAAA,cACf,WAAa;AAAA,gBACX,MAAQ;AAAA,cACV;AAAA,cACA,YAAc;AAAA,gBACZ,MAAQ;AAAA,cACV;AAAA,YACF;AAAA,YACA,oCAAsC;AAAA,cACpC,aAAe;AAAA,cACf,WAAa;AAAA,gBACX,MAAQ;AAAA,cACV;AAAA,cACA,YAAc;AAAA,gBACZ,MAAQ;AAAA,cACV;AAAA,YACF;AAAA,YACA,qCAAuC;AAAA,cACrC,aAAe;AAAA,cACf,WAAa;AAAA,gBACX,MAAQ;AAAA,cACV;AAAA,cACA,YAAc;AAAA,gBACZ,MAAQ;AAAA,cACV;AAAA,YACF;AAAA,YACA,oCAAsC;AAAA,cACpC,aAAe;AAAA,cACf,WAAa;AAAA,gBACX,MAAQ;AAAA,cACV;AAAA,cACA,YAAc;AAAA,gBACZ,MAAQ;AAAA,cACV;AAAA,YACF;AAAA,YACA,gCAAkC;AAAA,cAChC,aAAe;AAAA,cACf,WAAa;AAAA,gBACX,MAAQ;AAAA,cACV;AAAA,cACA,YAAc;AAAA,gBACZ,MAAQ;AAAA,cACV;AAAA,YACF;AAAA,UACF;AAAA,QACF;AAAA,MACF;AAAA,IACF;AAAA;AAAA;;;AC3TA,SAA2CA,WAAW;AACtD,SAAqBC,kBAA0BC,2BAAoD;AAEnG,SAASC,cAAc;AACvB,SAAkDC,yCAAyC;AAGpF,IAAMC,uBAAN,MAAMA;EApBb,OAoBaA;;;EACFC,SAASA,OAAOC;EACRC,MAAM,IAAIC,IAAAA;EAElBC,UAAiC;IACxCC,uBAAuB,KAAKA,sBAAsBC,KAAK,IAAI;IAC3DC,sBAAsB,KAAKA,qBAAqBD,KAAK,IAAI;IACzDE,gCAAgC,KAAKA,+BAA+BF,KAAK,IAAI;IAC7EG,kDAAkD,KAAKA,iDAAiDH,KAAK,IAAI;EACnH;EAEA,YAAYI,MAAgB;EAAC;EAE7B,MAAcL,sBAAsBM,MAAiD;AACnF,UAAM,EAAEC,WAAU,IAAKD;AACvB,UAAME,WAAsB,CAAA;AAE5B,QAAI;AACF,YAAMC,SAASX,IAAIY,mBAAmBH,UAAAA;AACtC,YAAMI,cAAcC,MAAMC,QAAQJ,MAAAA,IAAUA,SAAS;QAACA;;AACtDD,eAASM,KAAI,GAAIH,YAAYI,OAAO,CAACC,MAAMA,EAAEC,WAAW,OAAA,CAAA;IAC1D,SAASC,OAAO;AACdV,eAASM,KAAK;QACZG,QAAQ;QACRE,SACE,OAAOD,UAAU,WACbA,QACA,OAAOA,UAAU,YAAY,aAAcA,QACxCA,MAAgBC,UACjB;QACRC,KAAK;MACP,CAAA;IACF;AAEA,QAAIZ,SAASa,SAAS,GAAG;AACvB,YAAMC,MAAM,uBAAuBd,SAASe,IAAI,CAACP,MAAMA,EAAEG,OAAO,EAAEK,SAAQ,CAAA,EAAI;IAChF;AACA,WAAO;EACT;EAEA,MAAMtB,qBAAqBuB,wBAAkF;AAC3G,WAAO3B,IAAI4B,2BAA2BD,sBAAAA;EACxC;EAEA,MAAMtB,+BAA+BG,MAAuCqB,SAAsD;AAChI,UAAMC,cAAc,MAAM,KAAKC,qBAAqBvB,KAAKwB,sBAAsBH,OAAAA;AAC/E,UAAMI,aAAazB,KAAKyB,aAAaC,OAAO1B,KAAKyB,UAAU,IAAIC,OAAO,MAAML,QAAQM,MAAMC,2BAA0B,CAAA;AACpH,UAAMC,gBAAgB,KAAKtC,IAAIuC,WAAW9B,KAAKmB,wBAAwBG,eAAe,CAAA,GAAI;MACxF,GAAGtB;MACHyB;MACAM,gCAAgC/B,KAAK+B,kCAAkC;QAAC;;IAC1E,CAAA;AACA,WAAO;MACLC,IAAIhC,KAAKmB,uBAAuBa;MAChCH;MACAI,qBAAqBJ,cAAcK,sBAAsBjB,IAAI,CAACkB,OAAOC,iBAAiBC,iCAAiCF,EAAAA,CAAAA,KAAQ,CAAA;IACjI;EACF;EAEA,MAAMrC,iDACJE,MACAqB,SACgD;AAChD,UAAMiB,iBAAiBtC,KAAKmB;AAC5B,UAAMG,cAAc,MAAM,KAAKC,qBAAqBvB,KAAKwB,wBAAwB,CAAC,GAAGH,OAAAA;AACrF,UAAMI,aAAazB,KAAKyB,aAAaC,OAAO1B,KAAKyB,UAAU,IAAIC,OAAO,MAAML,QAAQM,MAAMC,2BAA0B,CAAA;AACpH,UAAMG,iCAAiC/B,KAAK+B;AAE5C,UAAMQ,WAAW,oBAAIC,IAAAA;AACrBF,mBAAeG,kBAAkBC,QAAQ,CAACC,oBAAAA;AACxC,YAAMxB,yBAAyB;QAC7Ba,IAAIW,gBAAgBX;QACpBS,mBAAmB;UAACE;;MACtB;AAEA,YAAMC,iBAAiB5C,KAAKwB,qBAAqBoB;AAEjDL,eAASM,IACPF,iBACA,KAAK9C,+BACH;QACE2B,sBAAsB;UAAEoB;UAAgBE,uBAAuBxB;QAAY;;QAE3EH;QACAM;QACAM;MACF,GACAV,OAAAA,CAAAA;IAGN,CAAA;AACA,UAAM0B,QAAQC,IAAIT,SAASU,OAAM,CAAA;AACjC,UAAM9C,SAAgD,CAAA;AACtD,eAAW+C,SAASX,SAASY,QAAO,GAAI;AACtChD,aAAOK,KAAK;QAAE,GAAI,MAAM0C,MAAM,CAAA;QAAKP,iBAAiBO,MAAM,CAAA;MAAG,CAAA;IAC/D;AACA,WAAO/C;EACT;EAEA,MAAcoB,qBACZ6B,YAKA/B,SACoC;AACpC,QAAI+B,WAAWN,yBAAyBM,WAAWN,sBAAsB/B,SAAS,GAAG;AACnF,aAAOqC,WAAWN;IACpB;AAEA,UAAMrC,SAAS4C,kCAAkCD,WAAWR,gBAAgBQ,WAAW3C,MAAM;AAC7F,UAAM6C,oBAAoB,MAAMjC,QAAQM,MAAM4B,wBAAwB;MAAE9C;IAAO,CAAA;AAE/E,WAAO6C,kBAAkBrC,IAAI,CAACuC,aAAAA;AAC5B,YAAMrB,KAAKqB,SAASC;AACpB,YAAMC,QAAQpD,MAAMC,QAAQ4B,GAAGuB,KAAK,IAAIvB,GAAGuB,QAAQ;QAACvB,GAAGuB;;AACvD,YAAMC,WAAWD,MAAME,KAAK,CAACC,MAAcA,GAAGC,SAASC,mBAAAA;AACvD,aAAOJ,WAAYA,SAASK,MAAqB7B;IACnD,CAAA;EACF;AACF;;;AC3IA,SACE8B,4BACAC,8BACAC,oCAEK;AACP,SACEC,oBAAAA,yBAKK;AAIP,eAAsBC,kCACpBC,MAQAC,SAAyB;AAEzB,WAASC,qBAAqBC,eAI7B;AACC,UAAM,EAAEC,QAAQC,wBAAwBC,aAAY,IAAKH;AAEzD,QAAII,gBAAgBH,UAAUC,uBAAuBD,UAAUJ,KAAKI;AAEpE,QAAI,CAACG,iBAAiBF,uBAAuBG,kBAAkBC,UAAU,KAAK,YAAYJ,uBAAuBG,kBAAkB,CAAA,GAAI;AACrID,sBAAgBF,uBAAuBG,kBAAkB,CAAA,EAAGJ;IAC9D;AAEA,QAAI,CAACG,eAAe;AAClB,UAAIG,kBAAiBC,gCAAgCL,aAAaM,cAAc,GAAG;AACjF,eAAO;MACT,WAAWF,kBAAiBG,6BAA6BP,aAAaM,cAAc,GAAqC;AACvH,eAAO;MACT,WAAWF,kBAAiBI,kBAAkBR,aAAaM,cAAc,GAAG;AAC1E,YAAI,OAAON,aAAaS,kBAAkB,UAAU;AAClD,iBAAO;QACT;AACA,eAAO;MACT;AACA,aAAO;IACT,WAAW,OAAOR,kBAAkB,UAAU;AAE5C,aAAOA;IACT;AAGA,UAAMS,UAAU,IAAIC,IAClBC,OAAOC,KAAKZ,aAAAA,EAAea,IAAI,CAACC,SAAUA,KAAKC,SAAS,KAAA,IAAS,QAAQD,KAAKC,SAAS,WAAA,IAAe,cAAc,KAAA,CAAA;AAItH,QAAIN,QAAQO,SAAS,GAAG;AACtB,aAAOP,QAAQQ,OAAM,EAAGC,KAAI,EAAGC;IACjC;AACAV,YAAQG,KAAI,EAAGM,KAAI;AAEnB,QAAIT,QAAQW,IAAI,WAAA,GAAc;AAC5B,aAAO;IACT,WAESX,QAAQW,IAAI,KAAA,GAAQ;AAC3B,aAAO;IACT;AAGA,WAAO;EACT;AAnDSzB;AAqDT,SAAO,OAAO,EACZI,cACAsB,QACAvB,wBACAD,QACAyB,UAAS,MAOV;AACC,UAAMC,cAAc5B,qBAAqB;MAAEE;MAAQC;MAAwBC;IAAa,CAAA;AACxF,UAAM,EAAEyB,OAAM,IAAK/B;AACnB,UAAMgC,aAAa;AACnB,QAAIhC,KAAKiC,qBAAqBC,2BAA2BH,MAAAA,GAAS;AAChEA,aAAOI,6BAA6B;IACtC;AAEA,QAAI,oBAAoB7B,cAAc;AACpC,UAAIwB,gBAAgB,aAAa;AAC/B,eAAOM,QAAQC,OAAOC,MAAM,oDAAoDR,WAAAA,EAAa,CAAA;MAC/F;AAEA,YAAMS,qBAAqB,MAAMtC,QAAQuC,MAAMC,wBAAwB;QACrE,GAAIV,QAAQW,WAAW,oBAAoB;UAAEC,QAAQZ,QAAQa;QAAiB;QAC9EtC,cAAcA,aAAauC;QAC3BC,IAAI;UACFC,SAAS;YACP,GAAGzC,aAAa0C,OAAOD;YACvBE,KAAK3C,aAAa0C,OAAOD,SAASE,OAAOC,KAAKC,MAAMC,KAAKC,IAAG,IAAK,MAAOrB,UAAAA;YACxEsB,OAAOzB,aAAavB,aAAa0C,OAAOD,SAASO;YACjDC,KAAKjD,aAAa0C,OAAOD,SAASQ,OAAO3B,UAAU5B,KAAK4B;UAC1D;QACF;MACF,CAAA;AAEA,aAAOlB,kBAAiB8C,mCAAmCjB,mBAAmBjC,YAAY;IAC5F,OAAO;AACL,YAAMmD,aAAa,MAAMxD,QAAQuC,MAAMkB,qBAAqB3B,MAAAA;AAE5D,UAAID,gBAAgB,aAAa;AAC/B,eAAOM,QAAQC,OAAOC,MAAM,oDAAoDR,WAAAA,EAAa,CAAA;MAC/F;AACA,UAAI6B;AACJ,UAAI,CAACrD,aAAaqC,QAAQ;AACxBrC,qBAAaqC,SAASc,WAAWb;MACnC;AACA,UAAId,gBAAgB,OAAO;AACzB6B,iBAAS;UACP,IAAKC,6BAA6BH,UAAAA,KAAeI,6BAA6BJ,UAAAA,MAAgBA,WAAWK,OAAO;YAAEA,KAAKL,WAAWK;UAAI;UACtI,GAAID,6BAA6BJ,UAAAA,KAAe;YAAEM,KAAKN,WAAWM;UAAI;QACxE;AACA,YAAIzD,aAAa0D,YAAY,CAAC1D,aAAaiD,KAAK;AAC9CjD,uBAAaiD,MAAMU,MAAMC,QAAQ5D,aAAa0D,QAAQ,IAAI1D,aAAa0D,WAAY1D,aAAa0D,YAAYpC,UAAU5B,KAAK4B;AAC3H,iBAAOtB,aAAa0D;QACtB;AAEA,YAAI,CAAC1D,aAAa6D,KAAK;AACrB,cAAI7D,aAAa8D,cAAc;AAC7B,kBAAMC,YAAYjB,KAAKkB,MAAMhE,aAAa8D,YAAY;AACtD,gBAAI,CAACG,MAAMF,SAAAA,GAAY;AACrB/D,2BAAa6D,MAAMjB,KAAKC,MAAMkB,YAAY,GAAA;YAC5C;UACF,OAAO;AACL/D,yBAAa6D,MAAMjB,KAAKC,MAAMC,KAAKC,IAAG,IAAK,MAAOrB,UAAAA;UACpD;QACF;AAEA,YAAI,CAAC1B,aAAa2C,KAAK;AACrB3C,uBAAa2C,MAAM3C,aAAa6D;QAClC;AAEA,YAAI,CAAC7D,aAAakE,KAAK;AACrB,cAAIlE,aAAamE,gBAAgB;AAC/B,kBAAMJ,YAAYjB,KAAKkB,MAAMhE,aAAamE,cAAc;AACxD,gBAAI,CAACF,MAAMF,SAAAA,GAAY;AACrB/D,2BAAakE,MAAMtB,KAAKC,MAAMkB,YAAY,GAAA;YAC5C;UACF,OAAO;AACL/D,yBAAakE,MAAMlE,aAAa6D,MAAM,MAAMnC;UAC9C;QACF;AAEA,YAAI,CAAC1B,aAAaoE,IAAI;AACpBpE,uBAAaoE,KAAK,CAAC;QACrB;AAIA,YAAI,CAACpE,aAAaoE,GAAG/B,QAAQ;AAC3BrC,uBAAaoE,GAAG/B,SAASrC,aAAaqC;QACxC;MACF;AAMA,YAAM+B,KAAK,MAAMzE,QAAQuC,MAAMmC,6BAA6B;QAC1DrE;QACAsE,sBAAsB;QACtBC,QAAQpB,WAAWqB;;QAEnBjD,WAAWA,aAAa7B,KAAK6B;QAC7BkD,qBAAqB/E,KAAK+E,wBAAwB;QAClDjD;QACA6B;MACF,CAAA;AAGA,aAAOjD,kBAAiB8C,mCAAmCkB,EAAAA;IAC7D;EACF;AACF;AAnLsB3E;;;ACftB,IAAMiF,SAASC;","names":["PEX","CredentialMapper","JWT_PROOF_TYPE_2020","toDIDs","verifiableCredentialForRoleFilter","PresentationExchange","schema","IDidAuthSiopOpAuthenticator","pex","PEX","methods","pexValidateDefinition","bind","pexDefinitionVersion","pexDefinitionFilterCredentials","pexDefinitionFilterCredentialsPerInputDescriptor","opts","args","definition","invalids","result","validateDefinition","validations","Array","isArray","push","filter","v","status","error","message","tag","length","Error","map","toString","presentationDefinition","definitionVersionDiscovery","context","credentials","pexFilterCredentials","credentialFilterOpts","holderDIDs","toDIDs","agent","dataStoreORMGetIdentifiers","selectResults","selectFrom","limitDisclosureSignatureSuites","id","filteredCredentials","verifiableCredential","vc","CredentialMapper","storedCredentialToOriginalFormat","origDefinition","promises","Map","input_descriptors","forEach","inputDescriptor","credentialRole","set","verifiableCredentials","Promise","all","values","entry","entries","filterOpts","verifiableCredentialForRoleFilter","uniqueCredentials","crsGetUniqueCredentials","uniqueVC","uniformVerifiableCredential","proof","jwtProof","find","p","type","JWT_PROOF_TYPE_2020","jwt","isManagedIdentifierDidOpts","isManagedIdentifierDidResult","isManagedIdentifierX5cResult","CredentialMapper","createPEXPresentationSignCallback","args","context","determineProofFormat","determineArgs","format","presentationDefinition","presentation","formatOptions","input_descriptors","length","CredentialMapper","isSdJwtDecodedCredentialPayload","decodedPayload","isMsoMdocDecodedPresentation","isW3cPresentation","signedPayload","formats","Set","Object","keys","map","form","includes","size","values","next","value","has","domain","challenge","proofFormat","idOpts","CLOCK_SKEW","skipDidResolution","isManagedIdentifierDidOpts","offlineWhenNoDIDRegistered","Promise","reject","Error","presentationResult","agent","createSdJwtPresentation","method","holder","issuer","compactSdJwtVc","kb","payload","kbJwt","iat","Math","floor","Date","now","nonce","aud","storedPresentationToOriginalFormat","resolution","identifierManagedGet","header","isManagedIdentifierDidResult","isManagedIdentifierX5cResult","kid","jwk","verifier","Array","isArray","nbf","issuanceDate","converted","parse","isNaN","exp","expirationDate","vp","createVerifiablePresentation","removeOriginalFields","keyRef","kmsKeyRef","fetchRemoteContexts","schema","require"]}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@sphereon/ssi-sdk.presentation-exchange",
-  "version": "0.34.1-next.91+3c949810",
+  "version": "0.36.1-feat.SSISDK.83.3+08adc8a3",
   "source": "src/index.ts",
   "type": "module",
   "main": "./dist/index.cjs",
@@ -28,17 +28,18 @@
   "dependencies": {
     "@sphereon/pex": "5.0.0-unstable.28",
     "@sphereon/pex-models": "^2.3.2",
-    "@sphereon/ssi-sdk-ext.did-utils": "0.34.1-next.91+3c949810",
-    "@sphereon/ssi-sdk-ext.identifier-resolution": "0.34.1-next.91+3c949810",
-    "@sphereon/ssi-sdk.credential-store": "0.34.1-next.91+3c949810",
-    "@sphereon/ssi-sdk.data-store": "0.34.1-next.91+3c949810",
-    "@sphereon/ssi-sdk.sd-jwt": "0.34.1-next.91+3c949810",
-    "@sphereon/ssi-types": "0.34.1-next.91+3c949810",
+    "@sphereon/ssi-sdk-ext.did-utils": "0.36.1-feat.SSISDK.83.3+08adc8a3",
+    "@sphereon/ssi-sdk-ext.identifier-resolution": "0.36.1-feat.SSISDK.83.3+08adc8a3",
+    "@sphereon/ssi-sdk.credential-store": "0.36.1-feat.SSISDK.83.3+08adc8a3",
+    "@sphereon/ssi-sdk.data-store": "0.36.1-feat.SSISDK.83.3+08adc8a3",
+    "@sphereon/ssi-sdk.data-store-types": "0.36.1-feat.SSISDK.83.3+08adc8a3",
+    "@sphereon/ssi-sdk.sd-jwt": "0.36.1-feat.SSISDK.83.3+08adc8a3",
+    "@sphereon/ssi-types": "0.36.1-feat.SSISDK.83.3+08adc8a3",
     "@veramo/core": "4.2.0"
   },
   "devDependencies": {
     "@sphereon/did-uni-client": "^0.6.3",
-    "@sphereon/ssi-sdk.agent-config": "0.34.1-next.91+3c949810",
+    "@sphereon/ssi-sdk.agent-config": "0.36.1-feat.SSISDK.83.3+08adc8a3",
     "@types/json-buffer": "^3.0.2",
     "@veramo/did-provider-key": "4.2.0",
     "@veramo/did-resolver": "4.2.0",
@@ -74,5 +75,5 @@
     "OpenID Connect",
     "Authenticator"
   ],
-  "gitHead": "3c9498100ca07dfc2ba7979e7347fb9b19c47d18"
+  "gitHead": "08adc8a36bd361bbae337829b04343fd37de5803"
 }

package/src/agent/PresentationExchange.ts

@@ -16,7 +16,7 @@ import { CompactJWT, CredentialMapper, IProof, JWT_PROOF_TYPE_2020, W3CVerifiabl
 import { InputDescriptorV1, InputDescriptorV2 } from '@sphereon/pex-models'
 import { toDIDs } from '@sphereon/ssi-sdk-ext.did-utils'
 import { CredentialRole, UniqueDigitalCredential, verifiableCredentialForRoleFilter } from '@sphereon/ssi-sdk.credential-store'
-import { FindDigitalCredentialArgs } from '@sphereon/ssi-sdk.data-store'
+import { FindDigitalCredentialArgs } from '@sphereon/ssi-sdk.data-store-types'
 
 export class PresentationExchange implements IAgentPlugin {
   readonly schema = schema.IDidAuthSiopOpAuthenticator

package/src/types/IPresentationExchange.ts

@@ -12,7 +12,8 @@ import {
 import { IPresentation, Optional, SdJwtDecodedVerifiableCredential, W3CVerifiableCredential, W3CVerifiablePresentation } from '@sphereon/ssi-types'
 import { IPresentationDefinition, PEVersion, SelectResults } from '@sphereon/pex'
 import { Format, InputDescriptorV1, InputDescriptorV2 } from '@sphereon/pex-models'
-import { CredentialRole, FindDigitalCredentialArgs } from '@sphereon/ssi-sdk.data-store'
+import { FindDigitalCredentialArgs } from '@sphereon/ssi-sdk.data-store-types'
+import { CredentialRole } from '@sphereon/ssi-types'
 import { ISDJwtPlugin } from '@sphereon/ssi-sdk.sd-jwt'
 
 export interface IPresentationExchange extends IPluginMethodMap {