@sphereon/ssi-sdk.siopv2-oid4vp-op-auth 0.34.1-fix.182 → 0.34.1-fix.226

package/dist/index.cjs

@@ -423,9 +423,9 @@ var plugin_schema_default = {
 };
 
 // src/agent/DidAuthSiopOpAuthenticator.ts
-var import_did_auth_siop5 = require("@sphereon/did-auth-siop");
+var import_did_auth_siop4 = require("@sphereon/did-auth-siop");
 var import_ssi_sdk6 = require("@sphereon/ssi-sdk.data-store");
-var import_ssi_types8 = require("@sphereon/ssi-types");
+var import_ssi_types7 = require("@sphereon/ssi-types");
 var import_uuid2 = require("uuid");
 
 // src/session/functions.ts
@@ -451,10 +451,8 @@ __name(createOID4VPPresentationSignCallback, "createOID4VPPresentationSignCallba
 async function createOPBuilder({ opOptions, idOpts: idOpts1, context }) {
   const eventEmitter = opOptions.eventEmitter ?? new import_events.EventEmitter();
   const builder = import_did_auth_siop.OP.builder().withResponseMode(opOptions.responseMode ?? import_did_auth_siop.ResponseMode.DIRECT_POST).withSupportedVersions(opOptions.supportedVersions ?? [
-    import_did_auth_siop.SupportedVersion.SIOPv2_ID1,
-    import_did_auth_siop.SupportedVersion.JWT_VC_PRESENTATION_PROFILE_v1,
-    import_did_auth_siop.SupportedVersion.SIOPv2_D11,
-    import_did_auth_siop.SupportedVersion.SIOPv2_D12_OID4VP_D18
+    import_did_auth_siop.SupportedVersion.OID4VP_v1,
+    import_did_auth_siop.SupportedVersion.SIOPv2_OID4VP_D28
   ]).withExpiresIn(opOptions.expiresIn ?? 300).withEventEmitter(eventEmitter).withRegistration({
     passBy: import_did_auth_siop.PassBy.VALUE
   });
@@ -1346,13 +1344,12 @@ var Siopv2Machine = class {
 };
 
 // src/services/Siopv2MachineService.ts
-var import_did_auth_siop4 = require("@sphereon/did-auth-siop");
-var import_ssi_sdk_ext3 = require("@sphereon/ssi-sdk-ext.identifier-resolution");
-var import_ssi_sdk3 = require("@sphereon/ssi-sdk.credential-store");
-var import_ssi_sdk4 = require("@sphereon/ssi-sdk.data-store");
+var import_ssi_sdk_ext3 = require("@sphereon/ssi-sdk-ext.did-utils");
+var import_ssi_sdk_ext4 = require("@sphereon/ssi-sdk-ext.identifier-resolution");
+var import_ssi_sdk3 = require("@sphereon/ssi-sdk.core");
+var import_ssi_sdk4 = require("@sphereon/ssi-sdk.credential-store");
+var import_ssi_sdk5 = require("@sphereon/ssi-sdk.data-store");
 var import_ssi_types6 = require("@sphereon/ssi-types");
-var import_ssi_types7 = require("@sphereon/ssi-types");
-var import_ssi_sdk5 = require("@sphereon/ssi-sdk.core");
 var import_dcql = require("dcql");
 
 // src/utils/dcql.ts
@@ -1393,12 +1390,11 @@ function convertToDcqlCredentials(credential, hasher) {
 __name(convertToDcqlCredentials, "convertToDcqlCredentials");
 
 // src/services/Siopv2MachineService.ts
-var import_ssi_sdk_ext4 = require("@sphereon/ssi-sdk-ext.did-utils");
-var logger3 = import_ssi_types7.Loggers.DEFAULT.get(LOGGER_NAMESPACE);
+var logger3 = import_ssi_types6.Loggers.DEFAULT.get(LOGGER_NAMESPACE);
 var siopSendAuthorizationResponse = /* @__PURE__ */ __name(async (connectionType, args, context) => {
   const { agent } = context;
   const { credentials } = args;
-  if (connectionType !== import_ssi_sdk4.ConnectionType.SIOPv2_OpenID4VP) {
+  if (connectionType !== import_ssi_sdk5.ConnectionType.SIOPv2_OpenID4VP) {
     return Promise.reject(Error(`No supported authentication provider for type: ${connectionType}`));
   }
   const session = await agent.siopGetOPSession({
@@ -1408,7 +1404,7 @@ var siopSendAuthorizationResponse = /* @__PURE__ */ __name(async (connectionType
   const aud = request.authorizationRequest.getMergedProperty("aud");
   logger3.debug(`AUD: ${aud}`);
   logger3.debug(JSON.stringify(request.authorizationRequest));
-  const domain = await request.authorizationRequest.getMergedProperty("client_id") ?? request.issuer ?? (request.versions.includes(import_did_auth_siop4.SupportedVersion.JWT_VC_PRESENTATION_PROFILE_v1) ? "https://self-issued.me/v2/openid-vc" : "https://self-issued.me/v2");
+  const domain = await request.authorizationRequest.getMergedProperty("client_id") ?? request.issuer ?? "https://self-issued.me/v2";
   logger3.debug(`NONCE: ${session.nonce}, domain: ${domain}`);
   const firstUniqueDC = credentials[0];
   if (typeof firstUniqueDC !== "object" || !("digitalCredential" in firstUniqueDC)) {
@@ -1417,9 +1413,9 @@ var siopSendAuthorizationResponse = /* @__PURE__ */ __name(async (connectionType
   let identifier;
   const digitalCredential = firstUniqueDC.digitalCredential;
   const firstVC = firstUniqueDC.uniformVerifiableCredential;
-  const holder = import_ssi_types7.CredentialMapper.isSdJwtDecodedCredential(firstVC) ? firstVC.decodedPayload.cnf?.jwk ? (
+  const holder = import_ssi_types6.CredentialMapper.isSdJwtDecodedCredential(firstVC) ? firstVC.decodedPayload.cnf?.jwk ? (
     //doesn't apply to did:jwk only, as you can represent any DID key as a JWK. So whenever you encounter a JWK it doesn't mean it had to come from a did:jwk in the system. It just can always be represented as a did:jwk
-    `did:jwk:${(0, import_ssi_sdk5.encodeJoseBlob)(firstVC.decodedPayload.cnf?.jwk)}#0`
+    `did:jwk:${(0, import_ssi_sdk3.encodeJoseBlob)(firstVC.decodedPayload.cnf?.jwk)}#0`
   ) : firstVC.decodedPayload.sub : Array.isArray(firstVC.credentialSubject) ? firstVC.credentialSubject[0].id : firstVC.credentialSubject.id;
   if (!digitalCredential.kmsKeyRef) {
     if (!holder) {
@@ -1433,7 +1429,7 @@ var siopSendAuthorizationResponse = /* @__PURE__ */ __name(async (connectionType
       logger3.debug(`Holder DID not found: ${holder}`);
       throw e;
     }
-  } else if ((0, import_ssi_sdk_ext3.isOID4VCIssuerIdentifier)(digitalCredential.kmsKeyRef)) {
+  } else if ((0, import_ssi_sdk_ext4.isOID4VCIssuerIdentifier)(digitalCredential.kmsKeyRef)) {
     identifier = await session.context.agent.identifierManagedGetByOID4VCIssuer({
       identifier: firstUniqueDC.digitalCredential.kmsKeyRef
     });
@@ -1499,7 +1495,7 @@ var getSelectableCredentials = /* @__PURE__ */ __name(async (dcqlQuery, context)
   };
   const { agent } = agentContext;
   const uniqueVerifiableCredentials = await agent.crsGetUniqueCredentials({
-    filter: (0, import_ssi_sdk3.verifiableCredentialForRoleFilter)(import_ssi_types6.CredentialRole.HOLDER)
+    filter: (0, import_ssi_sdk4.verifiableCredentialForRoleFilter)(import_ssi_types6.CredentialRole.HOLDER)
   });
   const branding = await agent.ibGetCredentialBranding();
   const dcqlCredentialsWithCredentials = new Map(uniqueVerifiableCredentials.map((vc) => [
@@ -1570,7 +1566,7 @@ var translateCorrelationIdToName = /* @__PURE__ */ __name(async (correlationId,
 }, "translateCorrelationIdToName");
 
 // src/agent/DidAuthSiopOpAuthenticator.ts
-var logger4 = import_ssi_types8.Loggers.DEFAULT.options(LOGGER_NAMESPACE, {}).get(LOGGER_NAMESPACE);
+var logger4 = import_ssi_types7.Loggers.DEFAULT.options(LOGGER_NAMESPACE, {}).get(LOGGER_NAMESPACE);
 var didAuthSiopOpAuthenticatorMethods = [
   "cmGetContacts",
   "cmGetContact",
@@ -1728,7 +1724,7 @@ var DidAuthSiopOpAuthenticator = class {
     const verifiedAuthorizationRequest = await session.getAuthorizationRequest();
     const clientName = verifiedAuthorizationRequest.registrationMetadataPayload?.client_name;
     const url = verifiedAuthorizationRequest.responseURI ?? (args.url.includes("request_uri") ? decodeURIComponent(args.url.split("?request_uri=")[1].trim()) : verifiedAuthorizationRequest.issuer ?? verifiedAuthorizationRequest.registrationMetadataPayload?.client_id);
-    const uri = url.includes("://") ? new URL(url) : void 0;
+    const uri = url?.includes("://") ? new URL(url) : void 0;
     const correlationId = uri?.hostname ?? await this.determineCorrelationId(uri, verifiedAuthorizationRequest, clientName, context);
     const clientId = verifiedAuthorizationRequest.authorizationRequest.getMergedProperty("client_id");
     return {
@@ -1788,7 +1784,7 @@ var DidAuthSiopOpAuthenticator = class {
         alias: correlationId,
         origin: import_ssi_sdk6.IdentityOrigin.EXTERNAL,
         roles: [
-          import_ssi_types8.CredentialRole.ISSUER
+          import_ssi_types7.CredentialRole.ISSUER
         ],
         identifier: {
           type: correlationId.startsWith("did:") ? import_ssi_sdk6.CorrelationIdentifierType.DID : import_ssi_sdk6.CorrelationIdentifierType.URL,
@@ -1832,7 +1828,7 @@ var DidAuthSiopOpAuthenticator = class {
     return {
       body: responseBody,
       url: response?.url,
-      queryParams: (0, import_did_auth_siop5.decodeUriAsJson)(response?.url)
+      queryParams: (0, import_did_auth_siop4.decodeUriAsJson)(response?.url)
     };
   }
   async siopGetSelectableCredentials(args, context) {
@@ -1845,11 +1841,11 @@ var DidAuthSiopOpAuthenticator = class {
 };
 
 // src/machine/CallbackStateListener.ts
-var import_ssi_types9 = require("@sphereon/ssi-types");
-var logger5 = import_ssi_types9.Loggers.DEFAULT.options("sphereon:siopv2-oid4vp:op-auth", {
-  defaultLogLevel: import_ssi_types9.LogLevel.DEBUG,
+var import_ssi_types8 = require("@sphereon/ssi-types");
+var logger5 = import_ssi_types8.Loggers.DEFAULT.options("sphereon:siopv2-oid4vp:op-auth", {
+  defaultLogLevel: import_ssi_types8.LogLevel.DEBUG,
   methods: [
-    import_ssi_types9.LogMethod.CONSOLE
+    import_ssi_types8.LogMethod.CONSOLE
   ]
 }).get("sphereon:siopv2-oid4vp:op-auth");
 var OID4VPCallbackStateListener = /* @__PURE__ */ __name((callbacks) => {
@@ -1882,8 +1878,8 @@ var OID4VPCallbackStateListener = /* @__PURE__ */ __name((callbacks) => {
 var import_ssi_sdk7 = require("@sphereon/ssi-sdk.agent-config");
 var import_ssi_sdk8 = require("@sphereon/ssi-sdk.core");
 var import_ssi_sdk9 = require("@sphereon/ssi-sdk.xstate-machine-persistence");
-var import_ssi_types10 = require("@sphereon/ssi-types");
-var logger6 = import_ssi_types10.Loggers.DEFAULT.options(LOGGER_NAMESPACE, {}).get(LOGGER_NAMESPACE);
+var import_ssi_types9 = require("@sphereon/ssi-types");
+var logger6 = import_ssi_types9.Loggers.DEFAULT.options(LOGGER_NAMESPACE, {}).get(LOGGER_NAMESPACE);
 var Siopv2OID4VPLinkHandler = class extends import_ssi_sdk8.LinkHandlerAdapter {
   static {
     __name(this, "Siopv2OID4VPLinkHandler");