@sphereon/ssi-sdk.siopv2-oid4vp-rp-auth 0.34.1-feature.DIIPv4.144 → 0.34.1-feature.DIIPv4.156

package/src/agent/SIOPv2RP.ts

@@ -3,8 +3,9 @@ import {
   AuthorizationResponsePayload,
   AuthorizationResponseState,
   AuthorizationResponseStateStatus,
+  AuthorizationResponseStateWithVerifiedData,
   decodeUriAsJson,
-  VerifiedAuthorizationResponse,
+  VerifiedAuthorizationResponse
 } from '@sphereon/did-auth-siop'
 import { getAgentResolver } from '@sphereon/ssi-sdk-ext.did-utils'
 import {
@@ -24,7 +25,6 @@ import {
 import { IAgentPlugin } from '@veramo/core'
 import { DcqlQuery } from 'dcql'
 import {
-  AuthorizationResponseStateWithVerifiedData,
   IAuthorizationRequestPayloads,
   ICreateAuthRequestArgs,
   IGetAuthRequestStateArgs,
@@ -43,7 +43,6 @@ import {
   VerifiedDataMode,
 } from '../index'
 import { RPInstance } from '../RPInstance'
-
 import { ISIOPv2RP } from '../types/ISIOPv2RP'
 import { shaHasher as defaultHasher } from '@sphereon/ssi-sdk.core'
 
@@ -85,7 +84,7 @@ export class SIOPv2RP implements IAgentPlugin {
   }
 
   private async createAuthorizationRequestURI(createArgs: ICreateAuthRequestArgs, context: IRequiredContext): Promise<string> {
-    return await this.getRPInstance({ definitionId: createArgs.definitionId, responseRedirectURI: createArgs.responseRedirectURI }, context)
+    return await this.getRPInstance({ responseRedirectURI: createArgs.responseRedirectURI, ...(createArgs.useQueryIdInstance === true && { queryId: createArgs.queryId } ) }, context)
       .then((rp) => rp.createAuthorizationRequestURI(createArgs, context))
       .then((URI) => URI.encodedUri)
   }
@@ -94,21 +93,23 @@ export class SIOPv2RP implements IAgentPlugin {
     createArgs: ICreateAuthRequestArgs,
     context: IRequiredContext,
   ): Promise<IAuthorizationRequestPayloads> {
-    return await this.getRPInstance({ definitionId: createArgs.definitionId }, context)
+    return await this.getRPInstance({ queryId: createArgs.queryId }, context)
       .then((rp) => rp.createAuthorizationRequest(createArgs, context))
       .then(async (request) => {
         const authRequest: IAuthorizationRequestPayloads = {
           authorizationRequest: request.payload,
           requestObject: await request.requestObjectJwt(),
-          requestObjectDecoded: await request.requestObject?.getPayload(),
+          requestObjectDecoded: request.requestObject?.getPayload(),
         }
         return authRequest
       })
   }
 
   private async siopGetRequestState(args: IGetAuthRequestStateArgs, context: IRequiredContext): Promise<AuthorizationRequestState | undefined> {
-    return await this.getRPInstance({ definitionId: args.definitionId }, context).then((rp) =>
-      rp.get(context).then((rp) => rp.sessionManager.getRequestStateByCorrelationId(args.correlationId, args.errorOnNotFound)),
+    return await this.getRPInstance({ queryId: args.queryId }, context).then((rp) =>
+      rp.get(context).then((rp) =>
+        rp.sessionManager.getRequestStateByCorrelationId(args.correlationId, args.errorOnNotFound)
+      ),
     )
   }
 
@@ -116,7 +117,7 @@ export class SIOPv2RP implements IAgentPlugin {
     args: IGetAuthResponseStateArgs,
     context: IRequiredContext,
   ): Promise<AuthorizationResponseStateWithVerifiedData | undefined> {
-    const rpInstance: RPInstance = await this.getRPInstance({ definitionId: args.definitionId }, context)
+    const rpInstance: RPInstance = await this.getRPInstance({ queryId: args.queryId }, context)
     const authorizationResponseState: AuthorizationResponseState | undefined = await rpInstance
       .get(context)
       .then((rp) => rp.sessionManager.getResponseStateByCorrelationId(args.correlationId, args.errorOnNotFound))
@@ -193,10 +194,10 @@ export class SIOPv2RP implements IAgentPlugin {
       : CredentialMapper.toUniformPresentation(presentationDecoded as OriginalVerifiablePresentation)
 
   private async siopUpdateRequestState(args: IUpdateRequestStateArgs, context: IRequiredContext): Promise<AuthorizationRequestState> {
-    if (args.state !== 'sent') {
-      throw Error(`Only 'sent' status is supported for this method at this point`)
+    if (args.state !== 'authorization_request_created') {
+      throw Error(`Only 'authorization_request_created' status is supported for this method at this point`)
     }
-    return await this.getRPInstance({ definitionId: args.definitionId }, context)
+    return await this.getRPInstance({ queryId: args.queryId }, context)
       // todo: In the SIOP library we need to update the signal method to be more like this method
       .then((rp) =>
         rp.get(context).then(async (rp) => {
@@ -210,7 +211,7 @@ export class SIOPv2RP implements IAgentPlugin {
   }
 
   private async siopDeleteState(args: IGetAuthResponseStateArgs, context: IRequiredContext): Promise<boolean> {
-    return await this.getRPInstance({ definitionId: args.definitionId }, context)
+    return await this.getRPInstance({ queryId: args.queryId }, context)
       .then((rp) => rp.get(context).then((rp) => rp.sessionManager.deleteStateForCorrelationId(args.correlationId)))
       .then(() => true)
   }
@@ -223,7 +224,7 @@ export class SIOPv2RP implements IAgentPlugin {
       typeof args.authorizationResponse === 'string'
         ? (decodeUriAsJson(args.authorizationResponse) as AuthorizationResponsePayload)
         : args.authorizationResponse
-    return await this.getRPInstance({ definitionId: args.definitionId }, context).then((rp) =>
+    return await this.getRPInstance({ queryId: args.queryId }, context).then((rp) =>
       rp.get(context).then((rp) =>
         rp.verifyAuthorizationResponse(authResponse, {
           correlationId: args.correlationId,
@@ -235,9 +236,9 @@ export class SIOPv2RP implements IAgentPlugin {
   }
 
   private async siopImportDefinitions(args: ImportDefinitionsArgs, context: IRequiredContext): Promise<void> {
-    const { definitions, tenantId, version, versionControlMode } = args
+    const { queries, tenantId, version, versionControlMode } = args
     await Promise.all(
-      definitions.map(async (definitionPair) => {
+      queries.map(async (definitionPair) => {
         const definitionPayload = definitionPair.definitionPayload
         if (!definitionPayload && !definitionPair.dcqlPayload) {
           return Promise.reject(Error('Either dcqlPayload or definitionPayload must be suppplied'))
@@ -270,7 +271,7 @@ export class SIOPv2RP implements IAgentPlugin {
   }
 
   private async siopGetRedirectURI(args: IGetRedirectUriArgs, context: IRequiredContext): Promise<string | undefined> {
-    const instanceId = args.definitionId ?? SIOPv2RP._DEFAULT_OPTS_KEY
+    const instanceId = args.queryId ?? SIOPv2RP._DEFAULT_OPTS_KEY
     if (this.instances.has(instanceId)) {
       const rpInstance = this.instances.get(instanceId)
       if (rpInstance !== undefined) {
@@ -285,17 +286,17 @@ export class SIOPv2RP implements IAgentPlugin {
     return undefined
   }
 
-  async getRPInstance({ definitionId, responseRedirectURI }: ISiopRPInstanceArgs, context: IRequiredContext): Promise<RPInstance> {
-    const instanceId = definitionId ?? SIOPv2RP._DEFAULT_OPTS_KEY
+  async getRPInstance({ queryId, responseRedirectURI }: ISiopRPInstanceArgs, context: IRequiredContext): Promise<RPInstance> {
+    const instanceId = queryId ?? SIOPv2RP._DEFAULT_OPTS_KEY
     if (!this.instances.has(instanceId)) {
-      const instanceOpts = this.getInstanceOpts(definitionId)
-      const rpOpts = await this.getRPOptions(context, { definitionId, responseRedirectURI: responseRedirectURI })
+      const instanceOpts = this.getInstanceOpts(queryId)
+      const rpOpts = await this.getRPOptions(context, { queryId, responseRedirectURI: responseRedirectURI })
       if (!rpOpts.identifierOpts.resolveOpts?.resolver || typeof rpOpts.identifierOpts.resolveOpts.resolver.resolve !== 'function') {
         if (!rpOpts.identifierOpts?.resolveOpts) {
           rpOpts.identifierOpts = { ...rpOpts.identifierOpts }
           rpOpts.identifierOpts.resolveOpts = { ...rpOpts.identifierOpts.resolveOpts }
         }
-        console.log('Using agent DID resolver for RP instance with definition id ' + definitionId)
+        console.log('Using agent DID resolver for RP instance with definition id ' + queryId)
         rpOpts.identifierOpts.resolveOpts.resolver = getAgentResolver(context, {
           uniresolverResolution: true,
           localResolution: true,
@@ -311,11 +312,11 @@ export class SIOPv2RP implements IAgentPlugin {
     return rpInstance
   }
 
-  async getRPOptions(context: IRequiredContext, opts: { definitionId?: string; responseRedirectURI?: string }): Promise<IRPOptions> {
-    const { definitionId, responseRedirectURI: responseRedirectURI } = opts
-    const options = this.getInstanceOpts(definitionId)?.rpOpts ?? this.opts.defaultOpts
+  async getRPOptions(context: IRequiredContext, opts: { queryId?: string; responseRedirectURI?: string }): Promise<IRPOptions> {
+    const { queryId, responseRedirectURI: responseRedirectURI } = opts
+    const options = this.getInstanceOpts(queryId)?.rpOpts ?? this.opts.defaultOpts
     if (!options) {
-      throw Error(`Could not get specific nor default options for definition ${definitionId}`)
+      throw Error(`Could not get specific nor default options for definition ${queryId}`)
     }
     if (this.opts.defaultOpts) {
       if (!options.identifierOpts) {
@@ -349,7 +350,7 @@ export class SIOPv2RP implements IAgentPlugin {
   getInstanceOpts(definitionId?: string): IPEXInstanceOptions | undefined {
     if (!this.opts.instanceOpts) return undefined
 
-    const instanceOpt = definitionId ? this.opts.instanceOpts.find((i) => i.definitionId === definitionId) : undefined
+    const instanceOpt = definitionId ? this.opts.instanceOpts.find((i) => i.queryId === definitionId) : undefined
 
     return instanceOpt ?? this.getDefaultOptions(definitionId)
   }
@@ -357,11 +358,11 @@ export class SIOPv2RP implements IAgentPlugin {
   private getDefaultOptions(definitionId: string | undefined) {
     if (!this.opts.instanceOpts) return undefined
 
-    const defaultOptions = this.opts.instanceOpts.find((i) => i.definitionId === 'default')
+    const defaultOptions = this.opts.instanceOpts.find((i) => i.queryId === 'default')
     if (defaultOptions) {
       const clonedOptions = { ...defaultOptions }
       if (definitionId !== undefined) {
-        clonedOptions.definitionId = definitionId
+        clonedOptions.queryId = definitionId
       }
       return clonedOptions
     }

package/src/functions.ts

@@ -116,11 +116,11 @@ export async function createRPBuilder(args: {
   let definition: IPresentationDefinition | undefined = args.definition
   let dcqlQuery: DcqlQuery | undefined = args.dcql
 
-  if (!definition && pexOpts && pexOpts.definitionId) {
+  if (!definition && pexOpts && pexOpts.queryId) {
     const presentationDefinitionItems = await context.agent.pdmGetDefinitions({
       filter: [
         {
-          definitionId: pexOpts.definitionId,
+          definitionId: pexOpts.queryId,
           version: pexOpts.version,
           tenantId: pexOpts.tenantId,
         },

package/src/index.ts

@@ -1,7 +1,7 @@
 /**
  * @public
  */
-const schema = require('../plugin.schema.json')
+import schema from '../plugin.schema.json'
 export { schema }
 export { SIOPv2RP } from './agent/SIOPv2RP'
 export * from './types/ISIOPv2RP'

package/src/types/ISIOPv2RP.ts

@@ -2,7 +2,8 @@ import {
   AuthorizationRequestPayload,
   AuthorizationRequestState,
   AuthorizationResponsePayload,
-  AuthorizationResponseState,
+  AuthorizationResponseStateWithVerifiedData,
+  CallbackOpts,
   ClaimPayloadCommonOpts,
   ClientMetadataOpts,
   IRPSessionManager,
@@ -27,7 +28,7 @@ import { IPDManager, VersionControlMode } from '@sphereon/ssi-sdk.pd-manager'
 import { IPresentationExchange } from '@sphereon/ssi-sdk.presentation-exchange'
 import { ISDJwtPlugin } from '@sphereon/ssi-sdk.sd-jwt'
 import { AuthorizationRequestStateStatus } from '@sphereon/ssi-sdk.siopv2-oid4vp-common'
-import { AdditionalClaims, DcqlQueryPayload, HasherSync } from '@sphereon/ssi-types'
+import { DcqlQueryPayload, HasherSync } from '@sphereon/ssi-types'
 import { VerifyCallback } from '@sphereon/wellknown-dids-client'
 import { IAgentContext, ICredentialIssuer, ICredentialVerifier, IDIDManager, IKeyManager, IPluginMethodMap, IResolver } from '@veramo/core'
 
@@ -52,7 +53,6 @@ export interface ISIOPv2RP extends IPluginMethodMap {
   siopDeleteAuthState(args: IDeleteAuthStateArgs, context: IRequiredContext): Promise<boolean>
   siopVerifyAuthResponse(args: IVerifyAuthResponseStateArgs, context: IRequiredContext): Promise<VerifiedAuthorizationResponse>
   siopImportDefinitions(args: ImportDefinitionsArgs, context: IRequiredContext): Promise<void>
-
   siopGetRedirectURI(args: IGetRedirectUriArgs, context: IRequiredContext): Promise<string | undefined>
 }
 
@@ -64,8 +64,9 @@ export interface ISiopv2RPOpts {
 export interface IRPDefaultOpts extends IRPOptions {}
 
 export interface ICreateAuthRequestArgs {
-  definitionId: string
+  queryId: string
   correlationId: string
+  useQueryIdInstance?: boolean
   responseURIType: ResponseURIType
   responseURI: string
   responseRedirectURI?: string
@@ -74,24 +75,25 @@ export interface ICreateAuthRequestArgs {
   nonce?: string
   state?: string
   claims?: ClaimPayloadCommonOpts
+  callback?: CallbackOpts
 }
 
 export interface IGetAuthRequestStateArgs {
   correlationId: string
-  definitionId: string
+  queryId?: string
   errorOnNotFound?: boolean
 }
 
 export interface IGetAuthResponseStateArgs {
   correlationId: string
-  definitionId: string
+  queryId?: string
   errorOnNotFound?: boolean
   progressRequestStateTo?: AuthorizationRequestStateStatus
   includeVerifiedData?: VerifiedDataMode
 }
 
 export interface IUpdateRequestStateArgs {
-  definitionId: string
+  queryId: string
   correlationId: string
   state: AuthorizationRequestStateStatus
   error?: string
@@ -99,12 +101,12 @@ export interface IUpdateRequestStateArgs {
 
 export interface IDeleteAuthStateArgs {
   correlationId: string
-  definitionId: string
+  queryId?: string
 }
 
 export interface IVerifyAuthResponseStateArgs {
   authorizationResponse: string | AuthorizationResponsePayload
-  definitionId?: string
+  queryId?: string
   correlationId: string
   audience?: string
   dcqlQueryPayload?: DcqlQueryPayload
@@ -116,7 +118,7 @@ export interface IDefinitionPair {
 }
 
 export interface ImportDefinitionsArgs {
-  definitions: Array<IDefinitionPair>
+  queries: Array<IDefinitionPair>
   tenantId?: string
   version?: string
   versionControlMode?: VersionControlMode
@@ -124,7 +126,7 @@ export interface ImportDefinitionsArgs {
 
 export interface IGetRedirectUriArgs {
   correlationId: string
-  definitionId?: string
+  queryId?: string
   state?: string
 }
 
@@ -140,7 +142,7 @@ export interface IPEXDefinitionPersistArgs extends IPEXInstanceOptions {
 }
 
 export interface ISiopRPInstanceArgs {
-  definitionId?: string
+  queryId?: string
   responseRedirectURI?: string
 }
 
@@ -165,7 +167,7 @@ export interface IRPOptions {
 export interface IPEXOptions {
   presentationVerifyCallback?: PresentationVerificationCallback
   // definition?: IPresentationDefinition
-  definitionId: string
+  queryId: string
   version?: string
   tenantId?: string
 }
@@ -198,10 +200,6 @@ export type CredentialOpts = {
   hasher?: HasherSync
 }
 
-export interface AuthorizationResponseStateWithVerifiedData extends AuthorizationResponseState {
-  verifiedData?: AdditionalClaims
-}
-
 export type IRequiredContext = IAgentContext<
   IResolver &
     IDIDManager &