@sphereon/ssi-sdk.siopv2-oid4vp-rp-auth 0.34.1-feature.SSISDK.26.RP.58 → 0.34.1-feature.SSISDK.45.189

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (12) hide show
  1. package/dist/index.cjs +344 -353
  2. package/dist/index.cjs.map +1 -1
  3. package/dist/index.d.cts +732 -52
  4. package/dist/index.d.ts +732 -52
  5. package/dist/index.js +337 -347
  6. package/dist/index.js.map +1 -1
  7. package/package.json +18 -18
  8. package/src/RPInstance.ts +6 -4
  9. package/src/agent/SIOPv2RP.ts +42 -39
  10. package/src/functions.ts +22 -23
  11. package/src/index.ts +1 -1
  12. package/src/types/ISIOPv2RP.ts +29 -50
package/dist/index.cjs CHANGED
@@ -4,9 +4,6 @@ var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
4
4
  var __getOwnPropNames = Object.getOwnPropertyNames;
5
5
  var __hasOwnProp = Object.prototype.hasOwnProperty;
6
6
  var __name = (target, value) => __defProp(target, "name", { value, configurable: true });
7
- var __commonJS = (cb, mod) => function __require() {
8
- return mod || (0, cb[__getOwnPropNames(cb)[0]])((mod = { exports: {} }).exports, mod), mod.exports;
9
- };
10
7
  var __export = (target, all) => {
11
8
  for (var name in all)
12
9
  __defProp(target, name, { get: all[name], enumerable: true });
@@ -21,354 +18,352 @@ var __copyProps = (to, from, except, desc) => {
21
18
  };
22
19
  var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
23
20
 
21
+ // src/index.ts
22
+ var index_exports = {};
23
+ __export(index_exports, {
24
+ SIOPv2RP: () => SIOPv2RP,
25
+ VerifiedDataMode: () => VerifiedDataMode,
26
+ schema: () => plugin_schema_default
27
+ });
28
+ module.exports = __toCommonJS(index_exports);
29
+
24
30
  // plugin.schema.json
25
- var require_plugin_schema = __commonJS({
26
- "plugin.schema.json"(exports, module2) {
27
- module2.exports = {
28
- IDidAuthSiopOpAuthenticator: {
29
- components: {
30
- schemas: {
31
- IGetSiopSessionArgs: {
32
- type: "object",
33
- properties: {
34
- sessionId: {
35
- type: "string"
36
- },
37
- additionalProperties: false
38
- },
39
- required: ["sessionId"],
40
- description: "Arguments needed for {@link DidAuthSiopOpAuthenticator.getSessionForSiop } "
31
+ var plugin_schema_default = {
32
+ IDidAuthSiopOpAuthenticator: {
33
+ components: {
34
+ schemas: {
35
+ IGetSiopSessionArgs: {
36
+ type: "object",
37
+ properties: {
38
+ sessionId: {
39
+ type: "string"
41
40
  },
42
- IRegisterSiopSessionArgs: {
41
+ additionalProperties: false
42
+ },
43
+ required: ["sessionId"],
44
+ description: "Arguments needed for {@link DidAuthSiopOpAuthenticator.getSessionForSiop } "
45
+ },
46
+ IRegisterSiopSessionArgs: {
47
+ type: "object",
48
+ properties: {
49
+ identifier: {
43
50
  type: "object",
44
51
  properties: {
45
- identifier: {
46
- type: "object",
47
- properties: {
48
- did: {
49
- type: "string"
50
- },
51
- alias: {
52
- type: "string"
53
- },
54
- provider: {
55
- type: "string"
56
- },
57
- controllerKeyId: {
58
- type: "string"
59
- },
60
- keys: {
61
- type: "array",
62
- items: {
63
- type: "object",
64
- properties: {
65
- additionalProperties: true
66
- }
67
- }
68
- },
69
- services: {
70
- type: "array",
71
- items: {
72
- type: "object",
73
- properties: {
74
- additionalProperties: true
75
- }
76
- }
77
- }
78
- },
79
- additionalProperties: false,
80
- required: ["did", "provider", "keys", "services"]
81
- },
82
- sessionId: {
52
+ did: {
83
53
  type: "string"
84
54
  },
85
- expiresIn: {
86
- type: "number"
87
- },
88
- additionalProperties: false
89
- },
90
- required: ["identifier"],
91
- description: "Arguments needed for {@link DidAuthSiopOpAuthenticator.registerSessionForSiop } "
92
- },
93
- IRemoveSiopSessionArgs: {
94
- type: "object",
95
- properties: {
96
- sessionId: {
55
+ alias: {
97
56
  type: "string"
98
57
  },
99
- additionalProperties: false
100
- },
101
- required: ["sessionId"],
102
- description: "Arguments needed for {@link DidAuthSiopOpAuthenticator.removeSessionForSiop } "
103
- },
104
- IAuthenticateWithSiopArgs: {
105
- type: "object",
106
- properties: {
107
- sessionId: {
58
+ provider: {
108
59
  type: "string"
109
60
  },
110
- stateId: {
61
+ controllerKeyId: {
111
62
  type: "string"
112
63
  },
113
- redirectUrl: {
114
- type: "string"
64
+ keys: {
65
+ type: "array",
66
+ items: {
67
+ type: "object",
68
+ properties: {
69
+ additionalProperties: true
70
+ }
71
+ }
115
72
  },
116
- additionalProperties: false
73
+ services: {
74
+ type: "array",
75
+ items: {
76
+ type: "object",
77
+ properties: {
78
+ additionalProperties: true
79
+ }
80
+ }
81
+ }
117
82
  },
118
- required: ["sessionId", "stateId", "redirectUrl"],
119
- description: "Arguments needed for {@link DidAuthSiopOpAuthenticator.authenticateWithSiop } "
83
+ additionalProperties: false,
84
+ required: ["did", "provider", "keys", "services"]
85
+ },
86
+ sessionId: {
87
+ type: "string"
88
+ },
89
+ expiresIn: {
90
+ type: "number"
91
+ },
92
+ additionalProperties: false
93
+ },
94
+ required: ["identifier"],
95
+ description: "Arguments needed for {@link DidAuthSiopOpAuthenticator.registerSessionForSiop } "
96
+ },
97
+ IRemoveSiopSessionArgs: {
98
+ type: "object",
99
+ properties: {
100
+ sessionId: {
101
+ type: "string"
102
+ },
103
+ additionalProperties: false
104
+ },
105
+ required: ["sessionId"],
106
+ description: "Arguments needed for {@link DidAuthSiopOpAuthenticator.removeSessionForSiop } "
107
+ },
108
+ IAuthenticateWithSiopArgs: {
109
+ type: "object",
110
+ properties: {
111
+ sessionId: {
112
+ type: "string"
113
+ },
114
+ stateId: {
115
+ type: "string"
116
+ },
117
+ redirectUrl: {
118
+ type: "string"
119
+ },
120
+ additionalProperties: false
121
+ },
122
+ required: ["sessionId", "stateId", "redirectUrl"],
123
+ description: "Arguments needed for {@link DidAuthSiopOpAuthenticator.authenticateWithSiop } "
124
+ },
125
+ IResponse: {
126
+ type: "object",
127
+ properties: {
128
+ status: {
129
+ type: "number"
130
+ },
131
+ additionalProperties: true
132
+ },
133
+ required: ["status"],
134
+ description: "Result of {@link DidAuthSiopOpAuthenticator.authenticateWithSiop & DidAuthSiopOpAuthenticator.sendSiopAuthenticationResponse } "
135
+ },
136
+ IGetSiopAuthenticationRequestFromRpArgs: {
137
+ type: "object",
138
+ properties: {
139
+ sessionId: {
140
+ type: "string"
141
+ },
142
+ stateId: {
143
+ type: "string"
120
144
  },
121
- IResponse: {
145
+ redirectUrl: {
146
+ type: "string"
147
+ },
148
+ additionalProperties: false
149
+ },
150
+ required: ["sessionId", "stateId", "redirectUrl"],
151
+ description: "Arguments needed for {@link DidAuthSiopOpAuthenticator.getSiopAuthenticationRequestFromRP } "
152
+ },
153
+ ParsedAuthenticationRequestURI: {
154
+ type: "object",
155
+ properties: {
156
+ jwt: {
157
+ type: "string"
158
+ },
159
+ requestPayload: {
122
160
  type: "object",
123
161
  properties: {
124
- status: {
125
- type: "number"
126
- },
127
162
  additionalProperties: true
128
- },
129
- required: ["status"],
130
- description: "Result of {@link DidAuthSiopOpAuthenticator.authenticateWithSiop & DidAuthSiopOpAuthenticator.sendSiopAuthenticationResponse } "
163
+ }
131
164
  },
132
- IGetSiopAuthenticationRequestFromRpArgs: {
165
+ registration: {
133
166
  type: "object",
134
167
  properties: {
135
- sessionId: {
136
- type: "string"
137
- },
138
- stateId: {
139
- type: "string"
140
- },
141
- redirectUrl: {
142
- type: "string"
143
- },
144
- additionalProperties: false
145
- },
146
- required: ["sessionId", "stateId", "redirectUrl"],
147
- description: "Arguments needed for {@link DidAuthSiopOpAuthenticator.getSiopAuthenticationRequestFromRP } "
168
+ additionalProperties: true
169
+ }
148
170
  },
149
- ParsedAuthenticationRequestURI: {
171
+ additionalProperties: false
172
+ },
173
+ required: ["jwt", "requestPayload", "registration"],
174
+ description: "Result of {@link DidAuthSiopOpAuthenticator.getSiopAuthenticationRequestFromRP } "
175
+ },
176
+ IGetSiopAuthenticationRequestDetailsArgs: {
177
+ type: "object",
178
+ properties: {
179
+ sessionId: {
180
+ type: "string"
181
+ },
182
+ verifiedAuthenticationRequest: {
150
183
  type: "object",
151
184
  properties: {
152
- jwt: {
153
- type: "string"
154
- },
155
- requestPayload: {
156
- type: "object",
157
- properties: {
158
- additionalProperties: true
159
- }
160
- },
161
- registration: {
162
- type: "object",
163
- properties: {
164
- additionalProperties: true
165
- }
166
- },
167
- additionalProperties: false
168
- },
169
- required: ["jwt", "requestPayload", "registration"],
170
- description: "Result of {@link DidAuthSiopOpAuthenticator.getSiopAuthenticationRequestFromRP } "
185
+ additionalProperties: true
186
+ }
171
187
  },
172
- IGetSiopAuthenticationRequestDetailsArgs: {
188
+ credentialFilter: {
173
189
  type: "object",
174
190
  properties: {
175
- sessionId: {
176
- type: "string"
177
- },
178
- verifiedAuthenticationRequest: {
179
- type: "object",
180
- properties: {
181
- additionalProperties: true
182
- }
183
- },
184
- credentialFilter: {
185
- type: "object",
186
- properties: {
187
- additionalProperties: true
188
- }
189
- },
190
- additionalProperties: false
191
- },
192
- required: ["sessionId", "verifiedAuthenticationRequest"],
193
- description: "Arguments needed for {@link DidAuthSiopOpAuthenticator.getSiopAuthenticationRequestDetails } "
191
+ additionalProperties: true
192
+ }
193
+ },
194
+ additionalProperties: false
195
+ },
196
+ required: ["sessionId", "verifiedAuthenticationRequest"],
197
+ description: "Arguments needed for {@link DidAuthSiopOpAuthenticator.getSiopAuthenticationRequestDetails } "
198
+ },
199
+ IAuthRequestDetails: {
200
+ type: "object",
201
+ properties: {
202
+ id: {
203
+ type: "string"
204
+ },
205
+ alsoKnownAs: {
206
+ type: "array",
207
+ items: {
208
+ type: "string"
209
+ }
194
210
  },
195
- IAuthRequestDetails: {
211
+ vpResponseOpts: {
196
212
  type: "object",
197
213
  properties: {
198
- id: {
199
- type: "string"
200
- },
201
- alsoKnownAs: {
202
- type: "array",
203
- items: {
204
- type: "string"
205
- }
206
- },
207
- vpResponseOpts: {
208
- type: "object",
209
- properties: {
210
- additionalProperties: true
211
- }
212
- },
213
- additionalProperties: false
214
- },
215
- required: ["id", "vpResponseOpts"],
216
- description: "Result of {@link DidAuthSiopOpAuthenticator.getSiopAuthenticationRequestDetails } "
214
+ additionalProperties: true
215
+ }
217
216
  },
218
- IVerifySiopAuthenticationRequestUriArgs: {
217
+ additionalProperties: false
218
+ },
219
+ required: ["id", "vpResponseOpts"],
220
+ description: "Result of {@link DidAuthSiopOpAuthenticator.getSiopAuthenticationRequestDetails } "
221
+ },
222
+ IVerifySiopAuthenticationRequestUriArgs: {
223
+ type: "object",
224
+ properties: {
225
+ sessionId: {
226
+ type: "string"
227
+ },
228
+ ParsedAuthenticationRequestURI: {
219
229
  type: "object",
220
230
  properties: {
221
- sessionId: {
222
- type: "string"
223
- },
224
- ParsedAuthenticationRequestURI: {
225
- type: "object",
226
- properties: {
227
- additionalProperties: true
228
- }
229
- },
230
- additionalProperties: false
231
- },
232
- required: ["sessionId", "ParsedAuthenticationRequestURI"],
233
- description: "Arguments needed for {@link DidAuthSiopOpAuthenticator.verifySiopAuthenticationRequestURI } "
231
+ additionalProperties: true
232
+ }
234
233
  },
235
- VerifiedAuthorizationRequest: {
234
+ additionalProperties: false
235
+ },
236
+ required: ["sessionId", "ParsedAuthenticationRequestURI"],
237
+ description: "Arguments needed for {@link DidAuthSiopOpAuthenticator.verifySiopAuthenticationRequestURI } "
238
+ },
239
+ VerifiedAuthorizationRequest: {
240
+ type: "object",
241
+ properties: {
242
+ payload: {
236
243
  type: "object",
237
244
  properties: {
238
- payload: {
239
- type: "object",
240
- properties: {
241
- additionalProperties: true
242
- }
243
- },
244
- presentationDefinitions: {
245
- type: "object",
246
- properties: {
247
- additionalProperties: true
248
- }
249
- },
250
- verifyOpts: {
251
- type: "object",
252
- properties: {
253
- additionalProperties: true
254
- }
255
- },
256
- additionalProperties: false
257
- },
258
- required: ["payload", "verifyOpts"],
259
- description: "Result of {@link DidAuthSiopOpAuthenticator.verifySiopAuthenticationRequestURI } "
245
+ additionalProperties: true
246
+ }
260
247
  },
261
- ISendSiopAuthenticationResponseArgs: {
248
+ presentationDefinitions: {
262
249
  type: "object",
263
250
  properties: {
264
- sessionId: {
265
- type: "string"
266
- },
267
- verifiedAuthenticationRequest: {
268
- type: "object",
269
- properties: {
270
- additionalProperties: true
271
- }
272
- },
273
- verifiablePresentationResponse: {
274
- type: "object",
275
- properties: {
276
- additionalProperties: true
277
- }
278
- },
279
- additionalProperties: false
280
- },
281
- required: ["sessionId", "verifiedAuthenticationRequest"],
282
- description: "Arguments needed for {@link DidAuthSiopOpAuthenticator.sendSiopAuthenticationResponse } "
283
- }
284
- },
285
- methods: {
286
- getSessionForSiop: {
287
- description: "Get SIOP session",
288
- arguments: {
289
- $ref: "#/components/schemas/IGetSiopSessionArgs"
290
- },
291
- returnType: "object"
292
- },
293
- registerSessionForSiop: {
294
- description: "Register SIOP session",
295
- arguments: {
296
- $ref: "#/components/schemas/IRegisterSiopSessionArgs"
297
- },
298
- returnType: "object"
299
- },
300
- removeSessionForSiop: {
301
- description: "Remove SIOP session",
302
- arguments: {
303
- $ref: "#/components/schemas/IRemoveSiopSessionArgs"
304
- },
305
- returnType: "boolean"
306
- },
307
- authenticateWithSiop: {
308
- description: "Authenticate using DID Auth SIOP",
309
- arguments: {
310
- $ref: "#/components/schemas/IAuthenticateWithSiopArgs"
311
- },
312
- returnType: {
313
- $ref: "#/components/schemas/Response"
251
+ additionalProperties: true
314
252
  }
315
253
  },
316
- getSiopAuthenticationRequestFromRP: {
317
- description: "Get authentication request from RP",
318
- arguments: {
319
- $ref: "#/components/schemas/IGetSiopAuthenticationRequestFromRpArgs"
320
- },
321
- returnType: {
322
- $ref: "#/components/schemas/ParsedAuthenticationRequestURI"
254
+ verifyOpts: {
255
+ type: "object",
256
+ properties: {
257
+ additionalProperties: true
323
258
  }
324
259
  },
325
- getSiopAuthenticationRequestDetails: {
326
- description: "Get authentication request details",
327
- arguments: {
328
- $ref: "#/components/schemas/IGetSiopAuthenticationRequestDetailsArgs"
329
- },
330
- returnType: {
331
- $ref: "#/components/schemas/IAuthRequestDetails"
332
- }
260
+ additionalProperties: false
261
+ },
262
+ required: ["payload", "verifyOpts"],
263
+ description: "Result of {@link DidAuthSiopOpAuthenticator.verifySiopAuthenticationRequestURI } "
264
+ },
265
+ ISendSiopAuthenticationResponseArgs: {
266
+ type: "object",
267
+ properties: {
268
+ sessionId: {
269
+ type: "string"
333
270
  },
334
- verifySiopAuthenticationRequestURI: {
335
- description: "Verify authentication request URI",
336
- arguments: {
337
- $ref: "#/components/schemas/IVerifySiopAuthenticationRequestUriArgs"
338
- },
339
- returnType: {
340
- $ref: "#/components/schemas/VerifiedAuthorizationRequest"
271
+ verifiedAuthenticationRequest: {
272
+ type: "object",
273
+ properties: {
274
+ additionalProperties: true
341
275
  }
342
276
  },
343
- sendSiopAuthenticationResponse: {
344
- description: "Send authentication response",
345
- arguments: {
346
- $ref: "#/components/schemas/ISendSiopAuthenticationResponseArgs"
347
- },
348
- returnType: {
349
- $ref: "#/components/schemas/IRequiredContext"
277
+ verifiablePresentationResponse: {
278
+ type: "object",
279
+ properties: {
280
+ additionalProperties: true
350
281
  }
351
- }
282
+ },
283
+ additionalProperties: false
284
+ },
285
+ required: ["sessionId", "verifiedAuthenticationRequest"],
286
+ description: "Arguments needed for {@link DidAuthSiopOpAuthenticator.sendSiopAuthenticationResponse } "
287
+ }
288
+ },
289
+ methods: {
290
+ getSessionForSiop: {
291
+ description: "Get SIOP session",
292
+ arguments: {
293
+ $ref: "#/components/schemas/IGetSiopSessionArgs"
294
+ },
295
+ returnType: "object"
296
+ },
297
+ registerSessionForSiop: {
298
+ description: "Register SIOP session",
299
+ arguments: {
300
+ $ref: "#/components/schemas/IRegisterSiopSessionArgs"
301
+ },
302
+ returnType: "object"
303
+ },
304
+ removeSessionForSiop: {
305
+ description: "Remove SIOP session",
306
+ arguments: {
307
+ $ref: "#/components/schemas/IRemoveSiopSessionArgs"
308
+ },
309
+ returnType: "boolean"
310
+ },
311
+ authenticateWithSiop: {
312
+ description: "Authenticate using DID Auth SIOP",
313
+ arguments: {
314
+ $ref: "#/components/schemas/IAuthenticateWithSiopArgs"
315
+ },
316
+ returnType: {
317
+ $ref: "#/components/schemas/Response"
318
+ }
319
+ },
320
+ getSiopAuthenticationRequestFromRP: {
321
+ description: "Get authentication request from RP",
322
+ arguments: {
323
+ $ref: "#/components/schemas/IGetSiopAuthenticationRequestFromRpArgs"
324
+ },
325
+ returnType: {
326
+ $ref: "#/components/schemas/ParsedAuthenticationRequestURI"
327
+ }
328
+ },
329
+ getSiopAuthenticationRequestDetails: {
330
+ description: "Get authentication request details",
331
+ arguments: {
332
+ $ref: "#/components/schemas/IGetSiopAuthenticationRequestDetailsArgs"
333
+ },
334
+ returnType: {
335
+ $ref: "#/components/schemas/IAuthRequestDetails"
336
+ }
337
+ },
338
+ verifySiopAuthenticationRequestURI: {
339
+ description: "Verify authentication request URI",
340
+ arguments: {
341
+ $ref: "#/components/schemas/IVerifySiopAuthenticationRequestUriArgs"
342
+ },
343
+ returnType: {
344
+ $ref: "#/components/schemas/VerifiedAuthorizationRequest"
345
+ }
346
+ },
347
+ sendSiopAuthenticationResponse: {
348
+ description: "Send authentication response",
349
+ arguments: {
350
+ $ref: "#/components/schemas/ISendSiopAuthenticationResponseArgs"
351
+ },
352
+ returnType: {
353
+ $ref: "#/components/schemas/IRequiredContext"
352
354
  }
353
355
  }
354
356
  }
355
- };
357
+ }
356
358
  }
357
- });
358
-
359
- // src/index.ts
360
- var index_exports = {};
361
- __export(index_exports, {
362
- SIOPv2RP: () => SIOPv2RP,
363
- VerifiedDataMode: () => VerifiedDataMode,
364
- schema: () => schema
365
- });
366
- module.exports = __toCommonJS(index_exports);
359
+ };
367
360
 
368
361
  // src/agent/SIOPv2RP.ts
369
362
  var import_did_auth_siop2 = require("@sphereon/did-auth-siop");
370
363
  var import_ssi_sdk_ext4 = require("@sphereon/ssi-sdk-ext.did-utils");
364
+ var import_ssi_sdk2 = require("@sphereon/ssi-sdk.core");
371
365
  var import_ssi_types2 = require("@sphereon/ssi-types");
366
+ var import_dcql = require("dcql");
372
367
 
373
368
  // src/functions.ts
374
369
  var import_did_auth_siop = require("@sphereon/did-auth-siop");
@@ -401,8 +396,7 @@ function getPresentationVerificationCallback(idOpts, context) {
401
396
  async function presentationVerificationCallback(args, presentationSubmission) {
402
397
  if (import_ssi_types.CredentialMapper.isSdJwtEncoded(args)) {
403
398
  const result2 = await context.agent.verifySdJwtPresentation({
404
- presentation: args,
405
- kb: true
399
+ presentation: args
406
400
  });
407
401
  return {
408
402
  verified: !!result2.payload
@@ -441,11 +435,11 @@ async function createRPBuilder(args) {
441
435
  const { identifierOpts } = rpOpts;
442
436
  let definition = args.definition;
443
437
  let dcqlQuery = args.dcql;
444
- if (!definition && pexOpts && pexOpts.definitionId) {
438
+ if (!definition && pexOpts && pexOpts.queryId) {
445
439
  const presentationDefinitionItems = await context.agent.pdmGetDefinitions({
446
440
  filter: [
447
441
  {
448
- definitionId: pexOpts.definitionId,
442
+ queryId: pexOpts.queryId,
449
443
  version: pexOpts.version,
450
444
  tenantId: pexOpts.tenantId
451
445
  }
@@ -453,9 +447,8 @@ async function createRPBuilder(args) {
453
447
  });
454
448
  if (presentationDefinitionItems.length > 0) {
455
449
  const presentationDefinitionItem = presentationDefinitionItems[0];
456
- definition = presentationDefinitionItem.definitionPayload;
457
450
  if (!dcqlQuery && presentationDefinitionItem.dcqlPayload) {
458
- dcqlQuery = presentationDefinitionItem.dcqlPayload;
451
+ dcqlQuery = presentationDefinitionItem.dcqlPayload.dcqlQuery;
459
452
  }
460
453
  }
461
454
  }
@@ -525,19 +518,16 @@ async function createRPBuilder(args) {
525
518
  }, context)).withRevocationVerification(import_did_auth_siop.RevocationVerification.NEVER).withPresentationVerification(getPresentationVerificationCallback(identifierOpts.idOpts, context));
526
519
  const oidfOpts = identifierOpts.oidfOpts;
527
520
  if (oidfOpts && (0, import_ssi_sdk_ext2.isExternalIdentifierOIDFEntityIdOpts)(oidfOpts)) {
528
- builder.withEntityId(oidfOpts.identifier, import_did_auth_siop.PropertyTarget.REQUEST_OBJECT).withClientIdScheme("entity_id", import_did_auth_siop.PropertyTarget.REQUEST_OBJECT);
521
+ builder.withEntityId(oidfOpts.identifier, import_did_auth_siop.PropertyTarget.REQUEST_OBJECT);
529
522
  } else {
530
523
  const resolution = await context.agent.identifierManagedGet(identifierOpts.idOpts);
531
- builder.withClientId(resolution.issuer ?? ((0, import_ssi_sdk_ext2.isManagedIdentifierDidResult)(resolution) ? resolution.did : resolution.jwkThumbprint), import_did_auth_siop.PropertyTarget.REQUEST_OBJECT).withClientIdScheme(resolution.clientIdScheme ?? identifierOpts.idOpts.clientIdScheme, import_did_auth_siop.PropertyTarget.REQUEST_OBJECT);
524
+ const clientId = rpOpts.clientMetadataOpts?.client_id ?? resolution.issuer ?? ((0, import_ssi_sdk_ext2.isManagedIdentifierDidResult)(resolution) ? resolution.did : resolution.jwkThumbprint);
525
+ const clientIdPrefixed = prefixClientId(clientId);
526
+ builder.withClientId(clientIdPrefixed, import_did_auth_siop.PropertyTarget.REQUEST_OBJECT);
532
527
  }
533
528
  if (hasher) {
534
529
  builder.withHasher(hasher);
535
530
  }
536
- if (definition) {
537
- builder.withPresentationDefinition({
538
- definition
539
- }, import_did_auth_siop.PropertyTarget.REQUEST_OBJECT);
540
- }
541
531
  if (dcqlQuery) {
542
532
  builder.withDcqlQuery(dcqlQuery);
543
533
  }
@@ -597,6 +587,13 @@ function getSigningAlgo(type) {
597
587
  }
598
588
  }
599
589
  __name(getSigningAlgo, "getSigningAlgo");
590
+ function prefixClientId(clientId) {
591
+ if (clientId.startsWith("did:")) {
592
+ return `${import_did_auth_siop.ClientIdentifierPrefix.DECENTRALIZED_IDENTIFIER}:${clientId}`;
593
+ }
594
+ return clientId;
595
+ }
596
+ __name(prefixClientId, "prefixClientId");
600
597
 
601
598
  // src/RPInstance.ts
602
599
  var import_uuid = require("uuid");
@@ -633,7 +630,7 @@ var RPInstance = class {
633
630
  return this.definitionId !== void 0;
634
631
  }
635
632
  get definitionId() {
636
- return this.pexOptions?.definitionId;
633
+ return this.pexOptions?.queryId;
637
634
  }
638
635
  async getPresentationDefinition(context) {
639
636
  return this.definitionId ? await context.agent.pexStoreGetDefinition({
@@ -642,7 +639,7 @@ var RPInstance = class {
642
639
  }) : void 0;
643
640
  }
644
641
  async createAuthorizationRequestURI(createArgs, context) {
645
- const { correlationId, claims, requestByReferenceURI, responseURI, responseURIType } = createArgs;
642
+ const { correlationId, queryId, claims, requestByReferenceURI, responseURI, responseURIType, callback } = createArgs;
646
643
  const nonce = createArgs.nonce ?? (0, import_uuid.v4)();
647
644
  const state = createArgs.state ?? correlationId;
648
645
  let jwtIssuer;
@@ -670,13 +667,15 @@ var RPInstance = class {
670
667
  return await this.get(context).then((rp) => rp.createAuthorizationRequestURI({
671
668
  version: getRequestVersion(this.rpOptions),
672
669
  correlationId,
670
+ queryId,
673
671
  nonce,
674
672
  state,
675
673
  claims,
676
674
  requestByReferenceURI,
677
675
  responseURI,
678
676
  responseURIType,
679
- jwtIssuer
677
+ jwtIssuer,
678
+ callback
680
679
  }));
681
680
  }
682
681
  async createAuthorizationRequest(createArgs, context) {
@@ -717,7 +716,6 @@ var RPInstance = class {
717
716
  };
718
717
 
719
718
  // src/agent/SIOPv2RP.ts
720
- var import_ssi_sdk2 = require("@sphereon/ssi-sdk.core");
721
719
  var SIOPv2RP = class _SIOPv2RP {
722
720
  static {
723
721
  __name(this, "SIOPv2RP");
@@ -725,7 +723,7 @@ var SIOPv2RP = class _SIOPv2RP {
725
723
  opts;
726
724
  static _DEFAULT_OPTS_KEY = "_default";
727
725
  instances = /* @__PURE__ */ new Map();
728
- schema = schema.IDidAuthSiopOpAuthenticator;
726
+ schema = plugin_schema_default.IDidAuthSiopOpAuthenticator;
729
727
  methods = {
730
728
  siopCreateAuthRequestURI: this.createAuthorizationRequestURI.bind(this),
731
729
  siopCreateAuthRequestPayloads: this.createAuthorizationRequestPayloads.bind(this),
@@ -755,30 +753,32 @@ var SIOPv2RP = class _SIOPv2RP {
755
753
  }
756
754
  async createAuthorizationRequestURI(createArgs, context) {
757
755
  return await this.getRPInstance({
758
- definitionId: createArgs.definitionId,
759
- responseRedirectURI: createArgs.responseRedirectURI
756
+ responseRedirectURI: createArgs.responseRedirectURI,
757
+ ...createArgs.useQueryIdInstance === true && {
758
+ queryId: createArgs.queryId
759
+ }
760
760
  }, context).then((rp) => rp.createAuthorizationRequestURI(createArgs, context)).then((URI) => URI.encodedUri);
761
761
  }
762
762
  async createAuthorizationRequestPayloads(createArgs, context) {
763
763
  return await this.getRPInstance({
764
- definitionId: createArgs.definitionId
764
+ queryId: createArgs.queryId
765
765
  }, context).then((rp) => rp.createAuthorizationRequest(createArgs, context)).then(async (request) => {
766
766
  const authRequest = {
767
767
  authorizationRequest: request.payload,
768
768
  requestObject: await request.requestObjectJwt(),
769
- requestObjectDecoded: await request.requestObject?.getPayload()
769
+ requestObjectDecoded: request.requestObject?.getPayload()
770
770
  };
771
771
  return authRequest;
772
772
  });
773
773
  }
774
774
  async siopGetRequestState(args, context) {
775
775
  return await this.getRPInstance({
776
- definitionId: args.definitionId
776
+ queryId: args.queryId
777
777
  }, context).then((rp) => rp.get(context).then((rp2) => rp2.sessionManager.getRequestStateByCorrelationId(args.correlationId, args.errorOnNotFound)));
778
778
  }
779
779
  async siopGetResponseState(args, context) {
780
780
  const rpInstance = await this.getRPInstance({
781
- definitionId: args.definitionId
781
+ queryId: args.queryId
782
782
  }, context);
783
783
  const authorizationResponseState = await rpInstance.get(context).then((rp) => rp.sessionManager.getResponseStateByCorrelationId(args.correlationId, args.errorOnNotFound));
784
784
  if (authorizationResponseState === void 0) {
@@ -831,11 +831,11 @@ var SIOPv2RP = class _SIOPv2RP {
831
831
  }
832
832
  presentationOrClaimsFrom = /* @__PURE__ */ __name((presentationDecoded) => import_ssi_types2.CredentialMapper.isSdJwtDecodedCredential(presentationDecoded) ? presentationDecoded.decodedPayload : import_ssi_types2.CredentialMapper.toUniformPresentation(presentationDecoded), "presentationOrClaimsFrom");
833
833
  async siopUpdateRequestState(args, context) {
834
- if (args.state !== "sent") {
835
- throw Error(`Only 'sent' status is supported for this method at this point`);
834
+ if (args.state !== "authorization_request_created") {
835
+ throw Error(`Only 'authorization_request_created' status is supported for this method at this point`);
836
836
  }
837
837
  return await this.getRPInstance({
838
- definitionId: args.definitionId
838
+ queryId: args.queryId
839
839
  }, context).then((rp) => rp.get(context).then(async (rp2) => {
840
840
  await rp2.signalAuthRequestRetrieved({
841
841
  correlationId: args.correlationId,
@@ -846,7 +846,7 @@ var SIOPv2RP = class _SIOPv2RP {
846
846
  }
847
847
  async siopDeleteState(args, context) {
848
848
  return await this.getRPInstance({
849
- definitionId: args.definitionId
849
+ queryId: args.queryId
850
850
  }, context).then((rp) => rp.get(context).then((rp2) => rp2.sessionManager.deleteStateForCorrelationId(args.correlationId))).then(() => true);
851
851
  }
852
852
  async siopVerifyAuthResponse(args, context) {
@@ -855,12 +855,9 @@ var SIOPv2RP = class _SIOPv2RP {
855
855
  }
856
856
  const authResponse = typeof args.authorizationResponse === "string" ? (0, import_did_auth_siop2.decodeUriAsJson)(args.authorizationResponse) : args.authorizationResponse;
857
857
  return await this.getRPInstance({
858
- definitionId: args.definitionId
858
+ queryId: args.queryId
859
859
  }, context).then((rp) => rp.get(context).then((rp2) => rp2.verifyAuthorizationResponse(authResponse, {
860
860
  correlationId: args.correlationId,
861
- ...args.presentationDefinitions && !args.dcqlQuery ? {
862
- presentationDefinitions: args.presentationDefinitions
863
- } : {},
864
861
  ...args.dcqlQuery ? {
865
862
  dcqlQuery: args.dcqlQuery
866
863
  } : {},
@@ -868,19 +865,16 @@ var SIOPv2RP = class _SIOPv2RP {
868
865
  })));
869
866
  }
870
867
  async siopImportDefinitions(args, context) {
871
- const { definitions, tenantId, version, versionControlMode } = args;
872
- await Promise.all(definitions.map(async (definitionPair) => {
873
- const definitionPayload = definitionPair.definitionPayload;
874
- await context.agent.pexValidateDefinition({
875
- definition: definitionPayload
876
- });
877
- console.log(`persisting definition ${definitionPayload.id} / ${definitionPayload.name} with versionControlMode ${versionControlMode}`);
868
+ const { importItems, tenantId, version, versionControlMode } = args;
869
+ await Promise.all(importItems.map(async (importItem) => {
870
+ import_dcql.DcqlQuery.validate(importItem.query);
871
+ console.log(`persisting DCQL definition ${importItem.queryId} with versionControlMode ${versionControlMode}`);
878
872
  return context.agent.pdmPersistDefinition({
879
873
  definitionItem: {
874
+ queryId: importItem.queryId,
880
875
  tenantId,
881
876
  version,
882
- definitionPayload,
883
- dcqlPayload: definitionPair.dcqlPayload
877
+ query: importItem.query
884
878
  },
885
879
  opts: {
886
880
  versionControlMode
@@ -889,7 +883,7 @@ var SIOPv2RP = class _SIOPv2RP {
889
883
  }));
890
884
  }
891
885
  async siopGetRedirectURI(args, context) {
892
- const instanceId = args.definitionId ?? _SIOPv2RP._DEFAULT_OPTS_KEY;
886
+ const instanceId = args.queryId ?? _SIOPv2RP._DEFAULT_OPTS_KEY;
893
887
  if (this.instances.has(instanceId)) {
894
888
  const rpInstance = this.instances.get(instanceId);
895
889
  if (rpInstance !== void 0) {
@@ -905,12 +899,12 @@ var SIOPv2RP = class _SIOPv2RP {
905
899
  }
906
900
  return void 0;
907
901
  }
908
- async getRPInstance({ definitionId, responseRedirectURI }, context) {
909
- const instanceId = definitionId ?? _SIOPv2RP._DEFAULT_OPTS_KEY;
902
+ async getRPInstance({ queryId, responseRedirectURI }, context) {
903
+ const instanceId = queryId ?? _SIOPv2RP._DEFAULT_OPTS_KEY;
910
904
  if (!this.instances.has(instanceId)) {
911
- const instanceOpts = this.getInstanceOpts(definitionId);
905
+ const instanceOpts = this.getInstanceOpts(queryId);
912
906
  const rpOpts = await this.getRPOptions(context, {
913
- definitionId,
907
+ queryId,
914
908
  responseRedirectURI
915
909
  });
916
910
  if (!rpOpts.identifierOpts.resolveOpts?.resolver || typeof rpOpts.identifierOpts.resolveOpts.resolver.resolve !== "function") {
@@ -922,7 +916,7 @@ var SIOPv2RP = class _SIOPv2RP {
922
916
  ...rpOpts.identifierOpts.resolveOpts
923
917
  };
924
918
  }
925
- console.log("Using agent DID resolver for RP instance with definition id " + definitionId);
919
+ console.log("Using agent DID resolver for RP instance with definition id " + queryId);
926
920
  rpOpts.identifierOpts.resolveOpts.resolver = (0, import_ssi_sdk_ext4.getAgentResolver)(context, {
927
921
  uniresolverResolution: true,
928
922
  localResolution: true,
@@ -941,10 +935,10 @@ var SIOPv2RP = class _SIOPv2RP {
941
935
  return rpInstance;
942
936
  }
943
937
  async getRPOptions(context, opts) {
944
- const { definitionId, responseRedirectURI } = opts;
945
- const options = this.getInstanceOpts(definitionId)?.rpOpts ?? this.opts.defaultOpts;
938
+ const { queryId, responseRedirectURI } = opts;
939
+ const options = this.getInstanceOpts(queryId)?.rpOpts ?? this.opts.defaultOpts;
946
940
  if (!options) {
947
- throw Error(`Could not get specific nor default options for definition ${definitionId}`);
941
+ throw Error(`Could not get specific nor default options for definition ${queryId}`);
948
942
  }
949
943
  if (this.opts.defaultOpts) {
950
944
  if (!options.identifierOpts) {
@@ -978,18 +972,18 @@ var SIOPv2RP = class _SIOPv2RP {
978
972
  }
979
973
  getInstanceOpts(definitionId) {
980
974
  if (!this.opts.instanceOpts) return void 0;
981
- const instanceOpt = definitionId ? this.opts.instanceOpts.find((i) => i.definitionId === definitionId) : void 0;
975
+ const instanceOpt = definitionId ? this.opts.instanceOpts.find((i) => i.queryId === definitionId) : void 0;
982
976
  return instanceOpt ?? this.getDefaultOptions(definitionId);
983
977
  }
984
978
  getDefaultOptions(definitionId) {
985
979
  if (!this.opts.instanceOpts) return void 0;
986
- const defaultOptions = this.opts.instanceOpts.find((i) => i.definitionId === "default");
980
+ const defaultOptions = this.opts.instanceOpts.find((i) => i.queryId === "default");
987
981
  if (defaultOptions) {
988
982
  const clonedOptions = {
989
983
  ...defaultOptions
990
984
  };
991
985
  if (definitionId !== void 0) {
992
- clonedOptions.definitionId = definitionId;
986
+ clonedOptions.queryId = definitionId;
993
987
  }
994
988
  return clonedOptions;
995
989
  }
@@ -998,13 +992,10 @@ var SIOPv2RP = class _SIOPv2RP {
998
992
  };
999
993
 
1000
994
  // src/types/ISIOPv2RP.ts
1001
- var VerifiedDataMode = /* @__PURE__ */ function(VerifiedDataMode2) {
995
+ var VerifiedDataMode = /* @__PURE__ */ (function(VerifiedDataMode2) {
1002
996
  VerifiedDataMode2["NONE"] = "none";
1003
997
  VerifiedDataMode2["VERIFIED_PRESENTATION"] = "vp";
1004
998
  VerifiedDataMode2["CREDENTIAL_SUBJECT_FLATTENED"] = "cs-flat";
1005
999
  return VerifiedDataMode2;
1006
- }({});
1007
-
1008
- // src/index.ts
1009
- var schema = require_plugin_schema();
1000
+ })({});
1010
1001
  //# sourceMappingURL=index.cjs.map