@sphereon/ssi-sdk.siopv2-oid4vp-rp-auth 0.34.1-feature.SSISDK.45.93 → 0.34.1-feature.SSISDK.46.151

package/dist/index.cjs

@@ -369,6 +369,7 @@ module.exports = __toCommonJS(index_exports);
 var import_did_auth_siop2 = require("@sphereon/did-auth-siop");
 var import_ssi_sdk_ext4 = require("@sphereon/ssi-sdk-ext.did-utils");
 var import_ssi_types2 = require("@sphereon/ssi-types");
+var import_dcql = require("dcql");
 
 // src/functions.ts
 var import_did_auth_siop = require("@sphereon/did-auth-siop");
@@ -401,8 +402,7 @@ function getPresentationVerificationCallback(idOpts, context) {
   async function presentationVerificationCallback(args, presentationSubmission) {
     if (import_ssi_types.CredentialMapper.isSdJwtEncoded(args)) {
       const result2 = await context.agent.verifySdJwtPresentation({
-        presentation: args,
-        kb: true
+        presentation: args
       });
       return {
         verified: !!result2.payload
@@ -441,11 +441,11 @@ async function createRPBuilder(args) {
   const { identifierOpts } = rpOpts;
   let definition = args.definition;
   let dcqlQuery = args.dcql;
-  if (!definition && pexOpts && pexOpts.definitionId) {
+  if (!definition && pexOpts && pexOpts.queryId) {
     const presentationDefinitionItems = await context.agent.pdmGetDefinitions({
       filter: [
         {
-          definitionId: pexOpts.definitionId,
+          definitionId: pexOpts.queryId,
           version: pexOpts.version,
           tenantId: pexOpts.tenantId
         }
@@ -453,9 +453,8 @@ async function createRPBuilder(args) {
     });
     if (presentationDefinitionItems.length > 0) {
       const presentationDefinitionItem = presentationDefinitionItems[0];
-      definition = presentationDefinitionItem.definitionPayload;
       if (!dcqlQuery && presentationDefinitionItem.dcqlPayload) {
-        dcqlQuery = presentationDefinitionItem.dcqlPayload;
+        dcqlQuery = presentationDefinitionItem.dcqlPayload.dcqlQuery;
       }
     }
   }
@@ -525,19 +524,14 @@ async function createRPBuilder(args) {
   }, context)).withRevocationVerification(import_did_auth_siop.RevocationVerification.NEVER).withPresentationVerification(getPresentationVerificationCallback(identifierOpts.idOpts, context));
   const oidfOpts = identifierOpts.oidfOpts;
   if (oidfOpts && (0, import_ssi_sdk_ext2.isExternalIdentifierOIDFEntityIdOpts)(oidfOpts)) {
-    builder.withEntityId(oidfOpts.identifier, import_did_auth_siop.PropertyTarget.REQUEST_OBJECT).withClientIdScheme("entity_id", import_did_auth_siop.PropertyTarget.REQUEST_OBJECT);
+    builder.withEntityId(oidfOpts.identifier, import_did_auth_siop.PropertyTarget.REQUEST_OBJECT);
   } else {
     const resolution = await context.agent.identifierManagedGet(identifierOpts.idOpts);
-    builder.withClientId(resolution.issuer ?? ((0, import_ssi_sdk_ext2.isManagedIdentifierDidResult)(resolution) ? resolution.did : resolution.jwkThumbprint), import_did_auth_siop.PropertyTarget.REQUEST_OBJECT).withClientIdScheme(resolution.clientIdScheme ?? identifierOpts.idOpts.clientIdScheme, import_did_auth_siop.PropertyTarget.REQUEST_OBJECT);
+    builder.withClientId(resolution.issuer ?? ((0, import_ssi_sdk_ext2.isManagedIdentifierDidResult)(resolution) ? resolution.did : resolution.jwkThumbprint), import_did_auth_siop.PropertyTarget.REQUEST_OBJECT);
   }
   if (hasher) {
     builder.withHasher(hasher);
   }
-  if (definition) {
-    builder.withPresentationDefinition({
-      definition
-    }, import_did_auth_siop.PropertyTarget.REQUEST_OBJECT);
-  }
   if (dcqlQuery) {
     builder.withDcqlQuery(dcqlQuery);
   }
@@ -633,7 +627,7 @@ var RPInstance = class {
     return this.definitionId !== void 0;
   }
   get definitionId() {
-    return this.pexOptions?.definitionId;
+    return this.pexOptions?.queryId;
   }
   async getPresentationDefinition(context) {
     return this.definitionId ? await context.agent.pexStoreGetDefinition({
@@ -642,7 +636,7 @@ var RPInstance = class {
     }) : void 0;
   }
   async createAuthorizationRequestURI(createArgs, context) {
-    const { correlationId, claims, requestByReferenceURI, responseURI, responseURIType } = createArgs;
+    const { correlationId, queryId, claims, requestByReferenceURI, responseURI, responseURIType } = createArgs;
     const nonce = createArgs.nonce ?? (0, import_uuid.v4)();
     const state = createArgs.state ?? correlationId;
     let jwtIssuer;
@@ -670,6 +664,7 @@ var RPInstance = class {
     return await this.get(context).then((rp) => rp.createAuthorizationRequestURI({
       version: getRequestVersion(this.rpOptions),
       correlationId,
+      queryId,
       nonce,
       state,
       claims,
@@ -755,30 +750,32 @@ var SIOPv2RP = class _SIOPv2RP {
   }
   async createAuthorizationRequestURI(createArgs, context) {
     return await this.getRPInstance({
-      definitionId: createArgs.definitionId,
-      responseRedirectURI: createArgs.responseRedirectURI
+      responseRedirectURI: createArgs.responseRedirectURI,
+      ...createArgs.useQueryIdInstance === true && {
+        queryId: createArgs.queryId
+      }
     }, context).then((rp) => rp.createAuthorizationRequestURI(createArgs, context)).then((URI) => URI.encodedUri);
   }
   async createAuthorizationRequestPayloads(createArgs, context) {
     return await this.getRPInstance({
-      definitionId: createArgs.definitionId
+      queryId: createArgs.queryId
     }, context).then((rp) => rp.createAuthorizationRequest(createArgs, context)).then(async (request) => {
       const authRequest = {
         authorizationRequest: request.payload,
         requestObject: await request.requestObjectJwt(),
-        requestObjectDecoded: await request.requestObject?.getPayload()
+        requestObjectDecoded: request.requestObject?.getPayload()
       };
       return authRequest;
     });
   }
   async siopGetRequestState(args, context) {
     return await this.getRPInstance({
-      definitionId: args.definitionId
+      queryId: args.queryId
     }, context).then((rp) => rp.get(context).then((rp2) => rp2.sessionManager.getRequestStateByCorrelationId(args.correlationId, args.errorOnNotFound)));
   }
   async siopGetResponseState(args, context) {
     const rpInstance = await this.getRPInstance({
-      definitionId: args.definitionId
+      queryId: args.queryId
     }, context);
     const authorizationResponseState = await rpInstance.get(context).then((rp) => rp.sessionManager.getResponseStateByCorrelationId(args.correlationId, args.errorOnNotFound));
     if (authorizationResponseState === void 0) {
@@ -831,11 +828,11 @@ var SIOPv2RP = class _SIOPv2RP {
   }
   presentationOrClaimsFrom = /* @__PURE__ */ __name((presentationDecoded) => import_ssi_types2.CredentialMapper.isSdJwtDecodedCredential(presentationDecoded) ? presentationDecoded.decodedPayload : import_ssi_types2.CredentialMapper.toUniformPresentation(presentationDecoded), "presentationOrClaimsFrom");
   async siopUpdateRequestState(args, context) {
-    if (args.state !== "sent") {
-      throw Error(`Only 'sent' status is supported for this method at this point`);
+    if (args.state !== "authorization_request_created") {
+      throw Error(`Only 'authorization_request_created' status is supported for this method at this point`);
     }
     return await this.getRPInstance({
-      definitionId: args.definitionId
+      queryId: args.queryId
     }, context).then((rp) => rp.get(context).then(async (rp2) => {
       await rp2.signalAuthRequestRetrieved({
         correlationId: args.correlationId,
@@ -846,7 +843,7 @@ var SIOPv2RP = class _SIOPv2RP {
   }
   async siopDeleteState(args, context) {
     return await this.getRPInstance({
-      definitionId: args.definitionId
+      queryId: args.queryId
     }, context).then((rp) => rp.get(context).then((rp2) => rp2.sessionManager.deleteStateForCorrelationId(args.correlationId))).then(() => true);
   }
   async siopVerifyAuthResponse(args, context) {
@@ -855,25 +852,38 @@ var SIOPv2RP = class _SIOPv2RP {
     }
     const authResponse = typeof args.authorizationResponse === "string" ? (0, import_did_auth_siop2.decodeUriAsJson)(args.authorizationResponse) : args.authorizationResponse;
     return await this.getRPInstance({
-      definitionId: args.definitionId
+      queryId: args.queryId
     }, context).then((rp) => rp.get(context).then((rp2) => rp2.verifyAuthorizationResponse(authResponse, {
       correlationId: args.correlationId,
-      ...args.dcqlQuery ? {
-        dcqlQuery: args.dcqlQuery
+      ...args.dcqlQueryPayload ? {
+        dcqlQuery: args.dcqlQueryPayload.dcqlQuery
       } : {},
       audience: args.audience
     })));
   }
   async siopImportDefinitions(args, context) {
-    const { definitions, tenantId, version, versionControlMode } = args;
-    await Promise.all(definitions.map(async (definitionPair) => {
+    const { queries, tenantId, version, versionControlMode } = args;
+    await Promise.all(queries.map(async (definitionPair) => {
       const definitionPayload = definitionPair.definitionPayload;
-      await context.agent.pexValidateDefinition({
-        definition: definitionPayload
-      });
-      console.log(`persisting definition ${definitionPayload.id} / ${definitionPayload.name} with versionControlMode ${versionControlMode}`);
+      if (!definitionPayload && !definitionPair.dcqlPayload) {
+        return Promise.reject(Error("Either dcqlPayload or definitionPayload must be suppplied"));
+      }
+      let definitionId;
+      if (definitionPair.dcqlPayload) {
+        import_dcql.DcqlQuery.validate(definitionPair.dcqlPayload.dcqlQuery);
+        console.log(`persisting DCQL definition ${definitionPair.dcqlPayload.queryId} with versionControlMode ${versionControlMode}`);
+        definitionId = definitionPair.dcqlPayload.queryId;
+      }
+      if (definitionPayload) {
+        await context.agent.pexValidateDefinition({
+          definition: definitionPayload
+        });
+        console.log(`persisting PEX definition ${definitionPayload.id} / ${definitionPayload.name} with versionControlMode ${versionControlMode}`);
+        definitionId = definitionPayload.id;
+      }
       return context.agent.pdmPersistDefinition({
         definitionItem: {
+          definitionId,
           tenantId,
           version,
           definitionPayload,
@@ -886,7 +896,7 @@ var SIOPv2RP = class _SIOPv2RP {
     }));
   }
   async siopGetRedirectURI(args, context) {
-    const instanceId = args.definitionId ?? _SIOPv2RP._DEFAULT_OPTS_KEY;
+    const instanceId = args.queryId ?? _SIOPv2RP._DEFAULT_OPTS_KEY;
     if (this.instances.has(instanceId)) {
       const rpInstance = this.instances.get(instanceId);
       if (rpInstance !== void 0) {
@@ -902,12 +912,12 @@ var SIOPv2RP = class _SIOPv2RP {
     }
     return void 0;
   }
-  async getRPInstance({ definitionId, responseRedirectURI }, context) {
-    const instanceId = definitionId ?? _SIOPv2RP._DEFAULT_OPTS_KEY;
+  async getRPInstance({ queryId, responseRedirectURI }, context) {
+    const instanceId = queryId ?? _SIOPv2RP._DEFAULT_OPTS_KEY;
     if (!this.instances.has(instanceId)) {
-      const instanceOpts = this.getInstanceOpts(definitionId);
+      const instanceOpts = this.getInstanceOpts(queryId);
       const rpOpts = await this.getRPOptions(context, {
-        definitionId,
+        queryId,
         responseRedirectURI
       });
       if (!rpOpts.identifierOpts.resolveOpts?.resolver || typeof rpOpts.identifierOpts.resolveOpts.resolver.resolve !== "function") {
@@ -919,7 +929,7 @@ var SIOPv2RP = class _SIOPv2RP {
             ...rpOpts.identifierOpts.resolveOpts
           };
         }
-        console.log("Using agent DID resolver for RP instance with definition id " + definitionId);
+        console.log("Using agent DID resolver for RP instance with definition id " + queryId);
         rpOpts.identifierOpts.resolveOpts.resolver = (0, import_ssi_sdk_ext4.getAgentResolver)(context, {
           uniresolverResolution: true,
           localResolution: true,
@@ -938,10 +948,10 @@ var SIOPv2RP = class _SIOPv2RP {
     return rpInstance;
   }
   async getRPOptions(context, opts) {
-    const { definitionId, responseRedirectURI } = opts;
-    const options = this.getInstanceOpts(definitionId)?.rpOpts ?? this.opts.defaultOpts;
+    const { queryId, responseRedirectURI } = opts;
+    const options = this.getInstanceOpts(queryId)?.rpOpts ?? this.opts.defaultOpts;
     if (!options) {
-      throw Error(`Could not get specific nor default options for definition ${definitionId}`);
+      throw Error(`Could not get specific nor default options for definition ${queryId}`);
     }
     if (this.opts.defaultOpts) {
       if (!options.identifierOpts) {
@@ -975,18 +985,18 @@ var SIOPv2RP = class _SIOPv2RP {
   }
   getInstanceOpts(definitionId) {
     if (!this.opts.instanceOpts) return void 0;
-    const instanceOpt = definitionId ? this.opts.instanceOpts.find((i) => i.definitionId === definitionId) : void 0;
+    const instanceOpt = definitionId ? this.opts.instanceOpts.find((i) => i.queryId === definitionId) : void 0;
     return instanceOpt ?? this.getDefaultOptions(definitionId);
   }
   getDefaultOptions(definitionId) {
     if (!this.opts.instanceOpts) return void 0;
-    const defaultOptions = this.opts.instanceOpts.find((i) => i.definitionId === "default");
+    const defaultOptions = this.opts.instanceOpts.find((i) => i.queryId === "default");
     if (defaultOptions) {
       const clonedOptions = {
         ...defaultOptions
       };
       if (definitionId !== void 0) {
-        clonedOptions.definitionId = definitionId;
+        clonedOptions.queryId = definitionId;
       }
       return clonedOptions;
     }
@@ -995,12 +1005,12 @@ var SIOPv2RP = class _SIOPv2RP {
 };
 
 // src/types/ISIOPv2RP.ts
-var VerifiedDataMode = /* @__PURE__ */ function(VerifiedDataMode2) {
+var VerifiedDataMode = /* @__PURE__ */ (function(VerifiedDataMode2) {
   VerifiedDataMode2["NONE"] = "none";
   VerifiedDataMode2["VERIFIED_PRESENTATION"] = "vp";
   VerifiedDataMode2["CREDENTIAL_SUBJECT_FLATTENED"] = "cs-flat";
   return VerifiedDataMode2;
-}({});
+})({});
 
 // src/index.ts
 var schema = require_plugin_schema();