@sphereon/ssi-sdk.siopv2-oid4vp-rp-auth 0.33.1-feature.vcdm2.tsup.31 → 0.33.1-next.2

package/dist/functions.js

@@ -0,0 +1,243 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.getRequestVersion = getRequestVersion;
+exports.getPresentationVerificationCallback = getPresentationVerificationCallback;
+exports.createRPBuilder = createRPBuilder;
+exports.signCallback = signCallback;
+exports.createRP = createRP;
+exports.getSigningAlgo = getSigningAlgo;
+const did_auth_siop_1 = require("@sphereon/did-auth-siop");
+const oid4vc_common_1 = require("@sphereon/oid4vc-common");
+const ssi_sdk_ext_did_utils_1 = require("@sphereon/ssi-sdk-ext.did-utils");
+const ssi_sdk_ext_identifier_resolution_1 = require("@sphereon/ssi-sdk-ext.identifier-resolution");
+const ssi_types_1 = require("@sphereon/ssi-types");
+const events_1 = require("events");
+const ssi_sdk_core_1 = require("@sphereon/ssi-sdk.core");
+function getRequestVersion(rpOptions) {
+    if (Array.isArray(rpOptions.supportedVersions) && rpOptions.supportedVersions.length > 0) {
+        return rpOptions.supportedVersions[0];
+    }
+    return did_auth_siop_1.SupportedVersion.JWT_VC_PRESENTATION_PROFILE_v1;
+}
+function getWellKnownDIDVerifyCallback(siopIdentifierOpts, context) {
+    return siopIdentifierOpts.wellknownDIDVerifyCallback
+        ? siopIdentifierOpts.wellknownDIDVerifyCallback
+        : (args) => __awaiter(this, void 0, void 0, function* () {
+            const result = yield context.agent.cvVerifyCredential({
+                credential: args.credential,
+                fetchRemoteContexts: true,
+            });
+            return { verified: result.result };
+        });
+}
+function getPresentationVerificationCallback(idOpts, context) {
+    function presentationVerificationCallback(args, // FIXME any
+    presentationSubmission) {
+        return __awaiter(this, void 0, void 0, function* () {
+            var _a;
+            if (ssi_types_1.CredentialMapper.isSdJwtEncoded(args)) {
+                const result = yield context.agent.verifySdJwtPresentation({
+                    presentation: args,
+                    kb: true,
+                });
+                // fixme: investigate the correct way to handle this
+                return { verified: !!result.payload };
+            }
+            if (ssi_types_1.CredentialMapper.isMsoMdocOid4VPEncoded(args)) {
+                // TODO Funke reevaluate
+                if (context.agent.mdocOid4vpRPVerify === undefined) {
+                    return Promise.reject('ImDLMdoc agent plugin must be enabled to support MsoMdoc types');
+                }
+                if (presentationSubmission !== undefined && presentationSubmission !== null) {
+                    const verifyResult = yield context.agent.mdocOid4vpRPVerify({
+                        vp_token: args,
+                        presentation_submission: presentationSubmission,
+                    });
+                    return { verified: !verifyResult.error };
+                }
+                throw Error(`mdocOid4vpRPVerify(...) method requires a presentation submission`);
+            }
+            const result = yield context.agent.verifyPresentation({
+                presentation: args,
+                fetchRemoteContexts: true,
+                domain: (_a = (yield context.agent.identifierManagedGet(idOpts)).kid) === null || _a === void 0 ? void 0 : _a.split('#')[0],
+            });
+            return { verified: result.verified };
+        });
+    }
+    return presentationVerificationCallback;
+}
+function createRPBuilder(args) {
+    return __awaiter(this, void 0, void 0, function* () {
+        var _a, _b, _c, _d, _e, _f, _g, _h, _j, _k, _l, _m, _o, _p;
+        const { rpOpts, pexOpts, context } = args;
+        const { identifierOpts } = rpOpts;
+        let definition = args.definition;
+        let dcqlQuery = args.dcql;
+        if (!definition && pexOpts && pexOpts.definitionId) {
+            const presentationDefinitionItems = yield context.agent.pdmGetDefinitions({
+                filter: [
+                    {
+                        definitionId: pexOpts.definitionId,
+                        version: pexOpts.version,
+                        tenantId: pexOpts.tenantId,
+                    },
+                ],
+            });
+            if (presentationDefinitionItems.length > 0) {
+                const presentationDefinitionItem = presentationDefinitionItems[0];
+                definition = presentationDefinitionItem.definitionPayload;
+                if (!dcqlQuery && presentationDefinitionItem.dcqlPayload) {
+                    dcqlQuery = presentationDefinitionItem.dcqlPayload; // cast from DcqlQueryREST back to valibot DcqlQuery
+                }
+            }
+        }
+        const didMethods = (_a = identifierOpts.supportedDIDMethods) !== null && _a !== void 0 ? _a : (yield (0, ssi_sdk_ext_did_utils_1.getAgentDIDMethods)(context));
+        const eventEmitter = (_b = rpOpts.eventEmitter) !== null && _b !== void 0 ? _b : new events_1.EventEmitter();
+        const defaultClientMetadata = {
+            // FIXME: All of the below should be configurable. Some should come from builder, some should be determined by the agent.
+            // For now it is either preconfigured or everything passed in as a single object
+            idTokenSigningAlgValuesSupported: [oid4vc_common_1.SigningAlgo.EDDSA, oid4vc_common_1.SigningAlgo.ES256, oid4vc_common_1.SigningAlgo.ES256K], // added newly
+            requestObjectSigningAlgValuesSupported: [oid4vc_common_1.SigningAlgo.EDDSA, oid4vc_common_1.SigningAlgo.ES256, oid4vc_common_1.SigningAlgo.ES256K], // added newly
+            responseTypesSupported: [did_auth_siop_1.ResponseType.ID_TOKEN], // added newly
+            client_name: 'Sphereon',
+            vpFormatsSupported: {
+                jwt_vc: { alg: ['EdDSA', 'ES256K'] },
+                jwt_vp: { alg: ['ES256K', 'EdDSA'] },
+            },
+            scopesSupported: [did_auth_siop_1.Scope.OPENID_DIDAUTHN],
+            subjectTypesSupported: [did_auth_siop_1.SubjectType.PAIRWISE],
+            subject_syntax_types_supported: didMethods.map((method) => `did:${method}`),
+            passBy: did_auth_siop_1.PassBy.VALUE,
+        };
+        const resolver = (_d = (_c = rpOpts.identifierOpts.resolveOpts) === null || _c === void 0 ? void 0 : _c.resolver) !== null && _d !== void 0 ? _d : (0, ssi_sdk_ext_did_utils_1.getAgentResolver)(context, {
+            resolverResolution: true,
+            localResolution: true,
+            uniresolverResolution: ((_e = rpOpts.identifierOpts.resolveOpts) === null || _e === void 0 ? void 0 : _e.noUniversalResolverFallback) !== true,
+        });
+        //todo: probably wise to first look and see if we actually need the hasher to begin with
+        let hasher = (_f = rpOpts.credentialOpts) === null || _f === void 0 ? void 0 : _f.hasher;
+        if (!((_g = rpOpts.credentialOpts) === null || _g === void 0 ? void 0 : _g.hasher) || typeof ((_h = rpOpts.credentialOpts) === null || _h === void 0 ? void 0 : _h.hasher) !== 'function') {
+            hasher = ssi_sdk_core_1.defaultHasher;
+        }
+        const builder = did_auth_siop_1.RP.builder({ requestVersion: getRequestVersion(rpOpts) })
+            .withScope('openid', did_auth_siop_1.PropertyTarget.REQUEST_OBJECT)
+            .withResponseMode((_j = rpOpts.responseMode) !== null && _j !== void 0 ? _j : did_auth_siop_1.ResponseMode.POST)
+            .withResponseType(did_auth_siop_1.ResponseType.VP_TOKEN, did_auth_siop_1.PropertyTarget.REQUEST_OBJECT)
+            // todo: move to options fill/correct method
+            .withSupportedVersions((_k = rpOpts.supportedVersions) !== null && _k !== void 0 ? _k : [did_auth_siop_1.SupportedVersion.JWT_VC_PRESENTATION_PROFILE_v1, did_auth_siop_1.SupportedVersion.SIOPv2_ID1, did_auth_siop_1.SupportedVersion.SIOPv2_D11])
+            .withEventEmitter(eventEmitter)
+            .withSessionManager((_l = rpOpts.sessionManager) !== null && _l !== void 0 ? _l : new did_auth_siop_1.InMemoryRPSessionManager(eventEmitter))
+            .withClientMetadata((_m = rpOpts.clientMetadataOpts) !== null && _m !== void 0 ? _m : defaultClientMetadata, did_auth_siop_1.PropertyTarget.REQUEST_OBJECT)
+            .withVerifyJwtCallback(rpOpts.verifyJwtCallback
+            ? rpOpts.verifyJwtCallback
+            : getVerifyJwtCallback({
+                resolver,
+                verifyOpts: {
+                    wellknownDIDVerifyCallback: getWellKnownDIDVerifyCallback(rpOpts.identifierOpts, context),
+                    checkLinkedDomain: 'if_present',
+                },
+            }, context))
+            .withRevocationVerification(did_auth_siop_1.RevocationVerification.NEVER)
+            .withPresentationVerification(getPresentationVerificationCallback(identifierOpts.idOpts, context));
+        const oidfOpts = identifierOpts.oidfOpts;
+        if (oidfOpts && (0, ssi_sdk_ext_identifier_resolution_1.isExternalIdentifierOIDFEntityIdOpts)(oidfOpts)) {
+            builder.withEntityId(oidfOpts.identifier, did_auth_siop_1.PropertyTarget.REQUEST_OBJECT).withClientIdScheme('entity_id', did_auth_siop_1.PropertyTarget.REQUEST_OBJECT);
+        }
+        else {
+            const resolution = yield context.agent.identifierManagedGet(identifierOpts.idOpts);
+            builder
+                .withClientId((_o = resolution.issuer) !== null && _o !== void 0 ? _o : ((0, ssi_sdk_ext_identifier_resolution_1.isManagedIdentifierDidResult)(resolution) ? resolution.did : resolution.jwkThumbprint), did_auth_siop_1.PropertyTarget.REQUEST_OBJECT)
+                .withClientIdScheme((_p = resolution.clientIdScheme) !== null && _p !== void 0 ? _p : identifierOpts.idOpts.clientIdScheme, did_auth_siop_1.PropertyTarget.REQUEST_OBJECT);
+        }
+        if (hasher) {
+            builder.withHasher(hasher);
+        }
+        //fixme: this has been removed in the new version of did-auth-siop
+        /*if (!rpOpts.clientMetadataOpts?.subjectTypesSupported) {
+          // Do not update in case it is already provided via client metadata opts
+          didMethods.forEach((method) => builder.addDidMethod(method))
+        }*/
+        //fixme: this has been removed in the new version of did-auth-siop
+        // builder.withWellknownDIDVerifyCallback(getWellKnownDIDVerifyCallback(didOpts, context))
+        if (definition) {
+            builder.withPresentationDefinition({ definition }, did_auth_siop_1.PropertyTarget.REQUEST_OBJECT);
+        }
+        if (dcqlQuery) {
+            builder.withDcqlQuery(dcqlQuery);
+        }
+        if (rpOpts.responseRedirectUri) {
+            builder.withResponseRedirectUri(rpOpts.responseRedirectUri);
+        }
+        //const key = resolution.key
+        //fixme: this has been removed in the new version of did-auth-siop
+        //builder.withSuppliedSignature(SuppliedSigner(key, context, getSigningAlgo(key.type) as unknown as KeyAlgo), did, kid, getSigningAlgo(key.type))
+        /*if (isManagedIdentifierDidResult(resolution)) {
+          //fixme: only accepts dids in version used. New SIOP lib also accepts other types
+          builder.withSuppliedSignature(
+            SuppliedSigner(key, context, getSigningAlgo(key.type) as unknown as KeyAlgo),
+            resolution.did,
+            resolution.kid,
+            getSigningAlgo(key.type),
+          )
+        }*/
+        //fixme: signcallback and it's return type are not totally compatible with our CreateJwtCallbackBase
+        const createJwtCallback = signCallback(rpOpts.identifierOpts.idOpts, context);
+        builder.withCreateJwtCallback(createJwtCallback);
+        return builder;
+    });
+}
+function signCallback(idOpts, context) {
+    return (jwtIssuer, jwt, kid) => __awaiter(this, void 0, void 0, function* () {
+        if (!((0, ssi_sdk_ext_identifier_resolution_1.isManagedIdentifierDidOpts)(idOpts) || (0, ssi_sdk_ext_identifier_resolution_1.isManagedIdentifierX5cOpts)(idOpts))) {
+            return Promise.reject(Error(`JWT issuer method ${jwtIssuer.method} not yet supported`));
+        }
+        const result = yield context.agent.jwtCreateJwsCompactSignature({
+            // FIXME fix cose-key inference
+            // @ts-ignore
+            issuer: { identifier: idOpts.identifier, kmsKeyRef: idOpts.kmsKeyRef, noIdentifierInHeader: false },
+            // FIXME fix JWK key_ops
+            // @ts-ignore
+            protectedHeader: jwt.header,
+            payload: jwt.payload,
+        });
+        return result.jwt;
+    });
+}
+function getVerifyJwtCallback(_opts, context) {
+    return (_jwtVerifier, jwt) => __awaiter(this, void 0, void 0, function* () {
+        const result = yield context.agent.jwtVerifyJwsSignature({ jws: jwt.raw });
+        console.log(result.message);
+        return !result.error;
+    });
+}
+function createRP(_a) {
+    return __awaiter(this, arguments, void 0, function* ({ rpOptions, context }) {
+        return (yield createRPBuilder({ rpOpts: rpOptions, context })).build();
+    });
+}
+function getSigningAlgo(type) {
+    switch (type) {
+        case 'Ed25519':
+            return oid4vc_common_1.SigningAlgo.EDDSA;
+        case 'Secp256k1':
+            return oid4vc_common_1.SigningAlgo.ES256K;
+        case 'Secp256r1':
+            return oid4vc_common_1.SigningAlgo.ES256;
+        // @ts-ignore
+        case 'RSA':
+            return oid4vc_common_1.SigningAlgo.RS256;
+        default:
+            throw Error('Key type not yet supported');
+    }
+}
+//# sourceMappingURL=functions.js.map

package/dist/functions.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"functions.js","sourceRoot":"","sources":["../src/functions.ts"],"names":[],"mappings":";;;;;;;;;;;AAyCA,8CAKC;AAcD,kFAyCC;AAED,0CAqJC;AAED,oCAmBC;AAmBD,4BAEC;AAED,wCAcC;AAtTD,2DAiBgC;AAChC,2DAA0G;AAE1G,2EAAsF;AACtF,mGAMoD;AAGpD,mDAAoH;AAMpH,mCAAqC;AAGrC,yDAAsD;AAEtD,SAAgB,iBAAiB,CAAC,SAAqB;IACrD,IAAI,KAAK,CAAC,OAAO,CAAC,SAAS,CAAC,iBAAiB,CAAC,IAAI,SAAS,CAAC,iBAAiB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACzF,OAAO,SAAS,CAAC,iBAAiB,CAAC,CAAC,CAAC,CAAA;IACvC,CAAC;IACD,OAAO,gCAAgB,CAAC,8BAA8B,CAAA;AACxD,CAAC;AAED,SAAS,6BAA6B,CAAC,kBAA0C,EAAE,OAAyB;IAC1G,OAAO,kBAAkB,CAAC,0BAA0B;QAClD,CAAC,CAAC,kBAAkB,CAAC,0BAA0B;QAC/C,CAAC,CAAC,CAAO,IAAyB,EAAoC,EAAE;YACpE,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,KAAK,CAAC,kBAAkB,CAAC;gBACpD,UAAU,EAAE,IAAI,CAAC,UAA0C;gBAC3D,mBAAmB,EAAE,IAAI;aAC1B,CAAC,CAAA;YACF,OAAO,EAAE,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE,CAAA;QACpC,CAAC,CAAA,CAAA;AACP,CAAC;AAED,SAAgB,mCAAmC,CACjD,MAAqC,EACrC,OAAyB;IAEzB,SAAe,gCAAgC,CAC7C,IAAS,EAAE,YAAY;IACvB,sBAA+C;;;YAE/C,IAAI,4BAAgB,CAAC,cAAc,CAAC,IAAI,CAAC,EAAE,CAAC;gBAC1C,MAAM,MAAM,GAAmC,MAAM,OAAO,CAAC,KAAK,CAAC,uBAAuB,CAAC;oBACzF,YAAY,EAAE,IAAI;oBAClB,EAAE,EAAE,IAAI;iBACT,CAAC,CAAA;gBACF,oDAAoD;gBACpD,OAAO,EAAE,QAAQ,EAAE,CAAC,CAAC,MAAM,CAAC,OAAO,EAAE,CAAA;YACvC,CAAC;YAED,IAAI,4BAAgB,CAAC,sBAAsB,CAAC,IAAI,CAAC,EAAE,CAAC;gBAClD,wBAAwB;gBACxB,IAAI,OAAO,CAAC,KAAK,CAAC,kBAAkB,KAAK,SAAS,EAAE,CAAC;oBACnD,OAAO,OAAO,CAAC,MAAM,CAAC,gEAAgE,CAAC,CAAA;gBACzF,CAAC;gBACD,IAAI,sBAAsB,KAAK,SAAS,IAAI,sBAAsB,KAAK,IAAI,EAAE,CAAC;oBAC5E,MAAM,YAAY,GAAG,MAAM,OAAO,CAAC,KAAK,CAAC,kBAAkB,CAAC;wBAC1D,QAAQ,EAAE,IAAI;wBACd,uBAAuB,EAAE,sBAAsB;qBAChD,CAAC,CAAA;oBACF,OAAO,EAAE,QAAQ,EAAE,CAAC,YAAY,CAAC,KAAK,EAAE,CAAA;gBAC1C,CAAC;gBACD,MAAM,KAAK,CAAC,mEAAmE,CAAC,CAAA;YAClF,CAAC;YAED,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,KAAK,CAAC,kBAAkB,CAAC;gBACpD,YAAY,EAAE,IAAI;gBAClB,mBAAmB,EAAE,IAAI;gBACzB,MAAM,EAAE,MAAA,CAAC,MAAM,OAAO,CAAC,KAAK,CAAC,oBAAoB,CAAC,MAAM,CAAC,CAAC,CAAC,GAAG,0CAAE,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC;aAC9E,CAAC,CAAA;YACF,OAAO,EAAE,QAAQ,EAAE,MAAM,CAAC,QAAQ,EAAE,CAAA;QACtC,CAAC;KAAA;IAED,OAAO,gCAAgC,CAAA;AACzC,CAAC;AAED,SAAsB,eAAe,CAAC,IAMrC;;;QACC,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,OAAO,EAAE,GAAG,IAAI,CAAA;QACzC,MAAM,EAAE,cAAc,EAAE,GAAG,MAAM,CAAA;QACjC,IAAI,UAAU,GAAwC,IAAI,CAAC,UAAU,CAAA;QACrE,IAAI,SAAS,GAA0B,IAAI,CAAC,IAAI,CAAA;QAEhD,IAAI,CAAC,UAAU,IAAI,OAAO,IAAI,OAAO,CAAC,YAAY,EAAE,CAAC;YACnD,MAAM,2BAA2B,GAAG,MAAM,OAAO,CAAC,KAAK,CAAC,iBAAiB,CAAC;gBACxE,MAAM,EAAE;oBACN;wBACE,YAAY,EAAE,OAAO,CAAC,YAAY;wBAClC,OAAO,EAAE,OAAO,CAAC,OAAO;wBACxB,QAAQ,EAAE,OAAO,CAAC,QAAQ;qBAC3B;iBACF;aACF,CAAC,CAAA;YAEF,IAAI,2BAA2B,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBAC3C,MAAM,0BAA0B,GAAG,2BAA2B,CAAC,CAAC,CAAC,CAAA;gBACjE,UAAU,GAAG,0BAA0B,CAAC,iBAAiB,CAAA;gBACzD,IAAI,CAAC,SAAS,IAAI,0BAA0B,CAAC,WAAW,EAAE,CAAC;oBACzD,SAAS,GAAG,0BAA0B,CAAC,WAAwB,CAAA,CAAC,oDAAoD;gBACtH,CAAC;YACH,CAAC;QACH,CAAC;QAED,MAAM,UAAU,GAAG,MAAA,cAAc,CAAC,mBAAmB,mCAAI,CAAC,MAAM,IAAA,0CAAkB,EAAC,OAAO,CAAC,CAAC,CAAA;QAC5F,MAAM,YAAY,GAAG,MAAA,MAAM,CAAC,YAAY,mCAAI,IAAI,qBAAY,EAAE,CAAA;QAE9D,MAAM,qBAAqB,GAAuB;YAChD,yHAAyH;YACzH,gFAAgF;YAChF,gCAAgC,EAAE,CAAC,2BAAW,CAAC,KAAK,EAAE,2BAAW,CAAC,KAAK,EAAE,2BAAW,CAAC,MAAM,CAAC,EAAE,cAAc;YAC5G,sCAAsC,EAAE,CAAC,2BAAW,CAAC,KAAK,EAAE,2BAAW,CAAC,KAAK,EAAE,2BAAW,CAAC,MAAM,CAAC,EAAE,cAAc;YAClH,sBAAsB,EAAE,CAAC,4BAAY,CAAC,QAAQ,CAAC,EAAE,cAAc;YAC/D,WAAW,EAAE,UAAU;YACvB,kBAAkB,EAAE;gBAClB,MAAM,EAAE,EAAE,GAAG,EAAE,CAAC,OAAO,EAAE,QAAQ,CAAC,EAAE;gBACpC,MAAM,EAAE,EAAE,GAAG,EAAE,CAAC,QAAQ,EAAE,OAAO,CAAC,EAAE;aACrC;YACD,eAAe,EAAE,CAAC,qBAAK,CAAC,eAAe,CAAC;YACxC,qBAAqB,EAAE,CAAC,2BAAW,CAAC,QAAQ,CAAC;YAC7C,8BAA8B,EAAE,UAAU,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,OAAO,MAAM,EAAE,CAAC;YAC3E,MAAM,EAAE,sBAAM,CAAC,KAAK;SACrB,CAAA;QAED,MAAM,QAAQ,GACZ,MAAA,MAAA,MAAM,CAAC,cAAc,CAAC,WAAW,0CAAE,QAAQ,mCAC3C,IAAA,wCAAgB,EAAC,OAAO,EAAE;YACxB,kBAAkB,EAAE,IAAI;YACxB,eAAe,EAAE,IAAI;YACrB,qBAAqB,EAAE,CAAA,MAAA,MAAM,CAAC,cAAc,CAAC,WAAW,0CAAE,2BAA2B,MAAK,IAAI;SAC/F,CAAC,CAAA;QACJ,wFAAwF;QACxF,IAAI,MAAM,GAAuB,MAAA,MAAM,CAAC,cAAc,0CAAE,MAAM,CAAA;QAC9D,IAAI,CAAC,CAAA,MAAA,MAAM,CAAC,cAAc,0CAAE,MAAM,CAAA,IAAI,OAAO,CAAA,MAAA,MAAM,CAAC,cAAc,0CAAE,MAAM,CAAA,KAAK,UAAU,EAAE,CAAC;YAC1F,MAAM,GAAG,4BAAa,CAAA;QACxB,CAAC;QAED,MAAM,OAAO,GAAG,kBAAE,CAAC,OAAO,CAAC,EAAE,cAAc,EAAE,iBAAiB,CAAC,MAAM,CAAC,EAAE,CAAC;aACtE,SAAS,CAAC,QAAQ,EAAE,8BAAc,CAAC,cAAc,CAAC;aAClD,gBAAgB,CAAC,MAAA,MAAM,CAAC,YAAY,mCAAI,4BAAY,CAAC,IAAI,CAAC;aAC1D,gBAAgB,CAAC,4BAAY,CAAC,QAAQ,EAAE,8BAAc,CAAC,cAAc,CAAC;YACvE,4CAA4C;aAC3C,qBAAqB,CACpB,MAAA,MAAM,CAAC,iBAAiB,mCAAI,CAAC,gCAAgB,CAAC,8BAA8B,EAAE,gCAAgB,CAAC,UAAU,EAAE,gCAAgB,CAAC,UAAU,CAAC,CACxI;aAEA,gBAAgB,CAAC,YAAY,CAAC;aAC9B,kBAAkB,CAAC,MAAA,MAAM,CAAC,cAAc,mCAAI,IAAI,wCAAwB,CAAC,YAAY,CAAC,CAAC;aACvF,kBAAkB,CAAC,MAAA,MAAM,CAAC,kBAAkB,mCAAI,qBAAqB,EAAE,8BAAc,CAAC,cAAc,CAAC;aACrG,qBAAqB,CACpB,MAAM,CAAC,iBAAiB;YACtB,CAAC,CAAC,MAAM,CAAC,iBAAiB;YAC1B,CAAC,CAAC,oBAAoB,CAClB;gBACE,QAAQ;gBACR,UAAU,EAAE;oBACV,0BAA0B,EAAE,6BAA6B,CAAC,MAAM,CAAC,cAAc,EAAE,OAAO,CAAC;oBACzF,iBAAiB,EAAE,YAAY;iBAChC;aACF,EACD,OAAO,CACR,CACN;aACA,0BAA0B,CAAC,sCAAsB,CAAC,KAAK,CAAC;aACxD,4BAA4B,CAAC,mCAAmC,CAAC,cAAc,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,CAAA;QAEpG,MAAM,QAAQ,GAAG,cAAc,CAAC,QAAQ,CAAA;QACxC,IAAI,QAAQ,IAAI,IAAA,wEAAoC,EAAC,QAAQ,CAAC,EAAE,CAAC;YAC/D,OAAO,CAAC,YAAY,CAAC,QAAQ,CAAC,UAAU,EAAE,8BAAc,CAAC,cAAc,CAAC,CAAC,kBAAkB,CAAC,WAAW,EAAE,8BAAc,CAAC,cAAc,CAAC,CAAA;QACzI,CAAC;aAAM,CAAC;YACN,MAAM,UAAU,GAAG,MAAM,OAAO,CAAC,KAAK,CAAC,oBAAoB,CAAC,cAAc,CAAC,MAAM,CAAC,CAAA;YAClF,OAAO;iBACJ,YAAY,CACX,MAAA,UAAU,CAAC,MAAM,mCAAI,CAAC,IAAA,gEAA4B,EAAC,UAAU,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,UAAU,CAAC,aAAa,CAAC,EAC3G,8BAAc,CAAC,cAAc,CAC9B;iBACA,kBAAkB,CACjB,MAAC,UAAU,CAAC,cAAiC,mCAAK,cAAc,CAAC,MAAM,CAAC,cAAiC,EACzG,8BAAc,CAAC,cAAc,CAC9B,CAAA;QACL,CAAC;QAED,IAAI,MAAM,EAAE,CAAC;YACX,OAAO,CAAC,UAAU,CAAC,MAAM,CAAC,CAAA;QAC5B,CAAC;QACD,kEAAkE;QAClE;;;WAGG;QACH,kEAAkE;QAClE,0FAA0F;QAE1F,IAAI,UAAU,EAAE,CAAC;YACf,OAAO,CAAC,0BAA0B,CAAC,EAAE,UAAU,EAAE,EAAE,8BAAc,CAAC,cAAc,CAAC,CAAA;QACnF,CAAC;QACD,IAAI,SAAS,EAAE,CAAC;YACd,OAAO,CAAC,aAAa,CAAC,SAAS,CAAC,CAAA;QAClC,CAAC;QAED,IAAI,MAAM,CAAC,mBAAmB,EAAE,CAAC;YAC/B,OAAO,CAAC,uBAAuB,CAAC,MAAM,CAAC,mBAAmB,CAAC,CAAA;QAC7D,CAAC;QAED,4BAA4B;QAC5B,kEAAkE;QAClE,iJAAiJ;QAEjJ;;;;;;;;WAQG;QACH,oGAAoG;QACpG,MAAM,iBAAiB,GAAG,YAAY,CAAC,MAAM,CAAC,cAAc,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;QAC7E,OAAO,CAAC,qBAAqB,CAAC,iBAAkD,CAAC,CAAA;QACjF,OAAO,OAAO,CAAA;IAChB,CAAC;CAAA;AAED,SAAgB,YAAY,CAC1B,MAAqC,EACrC,OAAyB;IAEzB,OAAO,CAAO,SAAoB,EAAE,GAA+C,EAAE,GAAY,EAAE,EAAE;QACnG,IAAI,CAAC,CAAC,IAAA,8DAA0B,EAAC,MAAM,CAAC,IAAI,IAAA,8DAA0B,EAAC,MAAM,CAAC,CAAC,EAAE,CAAC;YAChF,OAAO,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,qBAAqB,SAAS,CAAC,MAAM,oBAAoB,CAAC,CAAC,CAAA;QACzF,CAAC;QACD,MAAM,MAAM,GAAqB,MAAM,OAAO,CAAC,KAAK,CAAC,4BAA4B,CAAC;YAChF,+BAA+B;YAC/B,aAAa;YACb,MAAM,EAAE,EAAE,UAAU,EAAE,MAAM,CAAC,UAAU,EAAE,SAAS,EAAE,MAAM,CAAC,SAAS,EAAE,oBAAoB,EAAE,KAAK,EAAE;YACnG,wBAAwB;YACxB,aAAa;YACb,eAAe,EAAE,GAAG,CAAC,MAAM;YAC3B,OAAO,EAAE,GAAG,CAAC,OAAO;SACrB,CAAC,CAAA;QACF,OAAO,MAAM,CAAC,GAAG,CAAA;IACnB,CAAC,CAAA,CAAA;AACH,CAAC;AAED,SAAS,oBAAoB,CAC3B,KAMC,EACD,OAAyB;IAEzB,OAAO,CAAO,YAAY,EAAE,GAAG,EAAE,EAAE;QACjC,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,KAAK,CAAC,qBAAqB,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,GAAG,EAAE,CAAC,CAAA;QAC1E,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,OAAO,CAAC,CAAA;QAC3B,OAAO,CAAC,MAAM,CAAC,KAAK,CAAA;IACtB,CAAC,CAAA,CAAA;AACH,CAAC;AAED,SAAsB,QAAQ;yDAAC,EAAE,SAAS,EAAE,OAAO,EAAwD;QACzG,OAAO,CAAC,MAAM,eAAe,CAAC,EAAE,MAAM,EAAE,SAAS,EAAE,OAAO,EAAE,CAAC,CAAC,CAAC,KAAK,EAAE,CAAA;IACxE,CAAC;CAAA;AAED,SAAgB,cAAc,CAAC,IAAc;IAC3C,QAAQ,IAAI,EAAE,CAAC;QACb,KAAK,SAAS;YACZ,OAAO,2BAAW,CAAC,KAAK,CAAA;QAC1B,KAAK,WAAW;YACd,OAAO,2BAAW,CAAC,MAAM,CAAA;QAC3B,KAAK,WAAW;YACd,OAAO,2BAAW,CAAC,KAAK,CAAA;QAC1B,aAAa;QACb,KAAK,KAAK;YACR,OAAO,2BAAW,CAAC,KAAK,CAAA;QAC1B;YACE,MAAM,KAAK,CAAC,4BAA4B,CAAC,CAAA;IAC7C,CAAC;AACH,CAAC"}

package/dist/index.d.ts

@@ -1,218 +1,8 @@
-import { IPluginMethodMap, IAgentContext, IResolver, IDIDManager, IKeyManager, ICredentialIssuer, ICredentialVerifier, IAgentPlugin } from '@veramo/core';
-import { ResponseURIType, ClaimPayloadCommonOpts, AuthorizationRequestPayload, RequestObjectPayload, AuthorizationRequestState, AuthorizationResponseState, AuthorizationResponsePayload, PresentationDefinitionWithLocation, VerifiedAuthorizationResponse, ResponseMode, SupportedVersion, IRPSessionManager, ClientMetadataOpts, VerifyJwtCallback, PresentationVerificationCallback, VPTokenLocation, VerifiablePresentationTypeFormat, RP, URI, AuthorizationRequest } from '@sphereon/did-auth-siop';
-import { IIdentifierResolution, ManagedIdentifierOptsOrResult, ExternalIdentifierOIDFEntityIdOpts } from '@sphereon/ssi-sdk-ext.identifier-resolution';
-import { AdditionalClaims, DcqlQueryREST, HasherSync, W3CVerifiablePresentation } from '@sphereon/ssi-types';
-import { Resolvable } from 'did-resolver';
-import { DIDDocument } from '@sphereon/did-uni-client';
-import { EventEmitter } from 'events';
-import { IPresentationDefinition } from '@sphereon/pex';
-import { IDIDOptions } from '@sphereon/ssi-sdk-ext.did-utils';
-import { IPresentationExchange } from '@sphereon/ssi-sdk.presentation-exchange';
-import { VerifyCallback } from '@sphereon/wellknown-dids-client';
-import { AuthorizationRequestStateStatus } from '@sphereon/ssi-sdk.siopv2-oid4vp-common';
-import { IPDManager, VersionControlMode } from '@sphereon/ssi-sdk.pd-manager';
-import { CheckLinkedDomain } from '@sphereon/did-auth-siop-adapter';
-import { ISDJwtPlugin } from '@sphereon/ssi-sdk.sd-jwt';
-import { IJwtService } from '@sphereon/ssi-sdk-ext.jwt-service';
-import { JwtIssuer } from '@sphereon/oid4vc-common';
-import { ImDLMdoc } from '@sphereon/ssi-sdk.mdl-mdoc';
-import { ICredentialValidation, SchemaValidation } from '@sphereon/ssi-sdk.credential-validation';
-
-declare enum VerifiedDataMode {
-    NONE = "none",
-    VERIFIED_PRESENTATION = "vp",
-    CREDENTIAL_SUBJECT_FLATTENED = "cs-flat"
-}
-interface ISIOPv2RP extends IPluginMethodMap {
-    siopCreateAuthRequestURI(createArgs: ICreateAuthRequestArgs, context: IRequiredContext): Promise<string>;
-    siopCreateAuthRequestPayloads(createArgs: ICreateAuthRequestArgs, context: IRequiredContext): Promise<IAuthorizationRequestPayloads>;
-    siopGetAuthRequestState(args: IGetAuthRequestStateArgs, context: IRequiredContext): Promise<AuthorizationRequestState | undefined>;
-    siopGetAuthResponseState(args: IGetAuthResponseStateArgs, context: IRequiredContext): Promise<AuthorizationResponseStateWithVerifiedData | undefined>;
-    siopUpdateAuthRequestState(args: IUpdateRequestStateArgs, context: IRequiredContext): Promise<AuthorizationRequestState>;
-    siopDeleteAuthState(args: IDeleteAuthStateArgs, context: IRequiredContext): Promise<boolean>;
-    siopVerifyAuthResponse(args: IVerifyAuthResponseStateArgs, context: IRequiredContext): Promise<VerifiedAuthorizationResponse>;
-    siopImportDefinitions(args: ImportDefinitionsArgs, context: IRequiredContext): Promise<void>;
-    siopGetRedirectURI(args: IGetRedirectUriArgs, context: IRequiredContext): Promise<string | undefined>;
-}
-interface ISiopv2RPOpts {
-    defaultOpts?: IRPDefaultOpts;
-    instanceOpts?: IPEXInstanceOptions[];
-}
-interface IRPDefaultOpts extends IRPOptions {
-}
-interface ICreateAuthRequestArgs {
-    definitionId: string;
-    correlationId: string;
-    responseURIType: ResponseURIType;
-    responseURI: string;
-    responseRedirectURI?: string;
-    jwtIssuer?: JwtIssuer;
-    requestByReferenceURI?: string;
-    nonce?: string;
-    state?: string;
-    claims?: ClaimPayloadCommonOpts;
-}
-interface IGetAuthRequestStateArgs {
-    correlationId: string;
-    definitionId: string;
-    errorOnNotFound?: boolean;
-}
-interface IGetAuthResponseStateArgs {
-    correlationId: string;
-    definitionId: string;
-    errorOnNotFound?: boolean;
-    progressRequestStateTo?: AuthorizationRequestStateStatus;
-    includeVerifiedData?: VerifiedDataMode;
-}
-interface IUpdateRequestStateArgs {
-    definitionId: string;
-    correlationId: string;
-    state: AuthorizationRequestStateStatus;
-    error?: string;
-}
-interface IDeleteAuthStateArgs {
-    correlationId: string;
-    definitionId: string;
-}
-interface IVerifyAuthResponseStateArgs {
-    authorizationResponse: string | AuthorizationResponsePayload;
-    definitionId?: string;
-    correlationId: string;
-    audience?: string;
-    presentationDefinitions?: PresentationDefinitionWithLocation | PresentationDefinitionWithLocation[];
-    dcqlQuery?: DcqlQueryREST;
-}
-interface IDefinitionPair {
-    definitionPayload: IPresentationDefinition;
-    dcqlPayload?: DcqlQueryREST;
-}
-interface ImportDefinitionsArgs {
-    definitions: Array<IDefinitionPair>;
-    tenantId?: string;
-    version?: string;
-    versionControlMode?: VersionControlMode;
-}
-interface IGetRedirectUriArgs {
-    correlationId: string;
-    definitionId?: string;
-    state?: string;
-}
-interface IAuthorizationRequestPayloads {
-    authorizationRequest: AuthorizationRequestPayload;
-    requestObject?: string;
-    requestObjectDecoded?: RequestObjectPayload;
-}
-interface IPEXDefinitionPersistArgs extends IPEXInstanceOptions {
-    definition: IPresentationDefinition;
-    ttl?: number;
-}
-interface ISiopRPInstanceArgs {
-    definitionId?: string;
-    responseRedirectURI?: string;
-}
-interface IPEXInstanceOptions extends IPEXOptions {
-    rpOpts?: IRPOptions;
-}
-interface IRPOptions {
-    responseMode?: ResponseMode;
-    supportedVersions?: SupportedVersion[];
-    sessionManager?: IRPSessionManager;
-    clientMetadataOpts?: ClientMetadataOpts;
-    expiresIn?: number;
-    eventEmitter?: EventEmitter;
-    credentialOpts?: CredentialOpts;
-    verificationPolicies?: VerificationPolicies;
-    identifierOpts: ISIOPIdentifierOptions;
-    verifyJwtCallback?: VerifyJwtCallback;
-    responseRedirectUri?: string;
-}
-interface IPEXOptions {
-    presentationVerifyCallback?: PresentationVerificationCallback;
-    definitionId: string;
-    version?: string;
-    tenantId?: string;
-}
-type VerificationPolicies = {
-    schemaValidation: SchemaValidation;
-};
-interface PerDidResolver {
-    didMethod: string;
-    resolver: Resolvable;
-}
-interface IAuthRequestDetails {
-    rpDIDDocument?: DIDDocument;
-    id: string;
-    verifiablePresentationMatches: IPresentationWithDefinition[];
-    alsoKnownAs?: string[];
-}
-interface IPresentationWithDefinition {
-    location: VPTokenLocation;
-    definition: PresentationDefinitionWithLocation;
-    format: VerifiablePresentationTypeFormat;
-    presentation: W3CVerifiablePresentation;
-}
-interface ISIOPIdentifierOptions extends Omit<IDIDOptions, 'idOpts'> {
-    idOpts: ManagedIdentifierOptsOrResult;
-    oidfOpts?: ExternalIdentifierOIDFEntityIdOpts;
-    checkLinkedDomains?: CheckLinkedDomain;
-    wellknownDIDVerifyCallback?: VerifyCallback;
-}
-type CredentialOpts = {
-    hasher?: HasherSync;
-};
-interface AuthorizationResponseStateWithVerifiedData extends AuthorizationResponseState {
-    verifiedData?: AdditionalClaims;
-}
-type IRequiredContext = IAgentContext<IResolver & IDIDManager & IKeyManager & IIdentifierResolution & ICredentialIssuer & ICredentialValidation & ICredentialVerifier & IPresentationExchange & IPDManager & ISDJwtPlugin & IJwtService & ImDLMdoc>;
-
-declare class RPInstance {
-    private _rp;
-    private readonly _pexOptions;
-    private readonly _rpOptions;
-    constructor({ rpOpts, pexOpts }: {
-        rpOpts: IRPOptions;
-        pexOpts?: IPEXOptions;
-    });
-    get(context: IRequiredContext): Promise<RP>;
-    get rpOptions(): IRPOptions;
-    get pexOptions(): IPEXOptions | undefined;
-    hasDefinition(): boolean;
-    get definitionId(): string | undefined;
-    getPresentationDefinition(context: IRequiredContext): Promise<IPresentationDefinition | undefined>;
-    createAuthorizationRequestURI(createArgs: Omit<ICreateAuthRequestArgs, 'definitionId'>, context: IRequiredContext): Promise<URI>;
-    createAuthorizationRequest(createArgs: Omit<ICreateAuthRequestArgs, 'definitionId'>, context: IRequiredContext): Promise<AuthorizationRequest>;
-}
-
-declare class SIOPv2RP implements IAgentPlugin {
-    private readonly opts;
-    private static readonly _DEFAULT_OPTS_KEY;
-    private readonly instances;
-    readonly schema: any;
-    readonly methods: ISIOPv2RP;
-    constructor(opts: ISiopv2RPOpts);
-    setDefaultOpts(rpDefaultOpts: IRPDefaultOpts, context: IRequiredContext): void;
-    private createAuthorizationRequestURI;
-    private createAuthorizationRequestPayloads;
-    private siopGetRequestState;
-    private siopGetResponseState;
-    private presentationOrClaimsFrom;
-    private siopUpdateRequestState;
-    private siopDeleteState;
-    private siopVerifyAuthResponse;
-    private siopImportDefinitions;
-    private siopGetRedirectURI;
-    getRPInstance({ definitionId, responseRedirectURI }: ISiopRPInstanceArgs, context: IRequiredContext): Promise<RPInstance>;
-    getRPOptions(context: IRequiredContext, opts: {
-        definitionId?: string;
-        responseRedirectURI?: string;
-    }): Promise<IRPOptions>;
-    getInstanceOpts(definitionId?: string): IPEXInstanceOptions | undefined;
-    private getDefaultOptions;
-}
-
 /**
  * @public
  */
 declare const schema: any;
-
-export { type AuthorizationResponseStateWithVerifiedData, type CredentialOpts, type IAuthRequestDetails, type IAuthorizationRequestPayloads, type ICreateAuthRequestArgs, type IDefinitionPair, type IDeleteAuthStateArgs, type IGetAuthRequestStateArgs, type IGetAuthResponseStateArgs, type IGetRedirectUriArgs, type IPEXDefinitionPersistArgs, type IPEXInstanceOptions, type IPEXOptions, type IPresentationWithDefinition, type IRPDefaultOpts, type IRPOptions, type IRequiredContext, type ISIOPIdentifierOptions, type ISIOPv2RP, type ISiopRPInstanceArgs, type ISiopv2RPOpts, type IUpdateRequestStateArgs, type IVerifyAuthResponseStateArgs, type ImportDefinitionsArgs, type PerDidResolver, SIOPv2RP, type VerificationPolicies, VerifiedDataMode, schema };
+export { schema };
+export { SIOPv2RP } from './agent/SIOPv2RP';
+export * from './types/ISIOPv2RP';
+//# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;GAEG;AACH,QAAA,MAAM,MAAM,KAAmC,CAAA;AAC/C,OAAO,EAAE,MAAM,EAAE,CAAA;AACjB,OAAO,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAA;AAC3C,cAAc,mBAAmB,CAAA"}