@sphereon/ssi-sdk.siopv2-oid4vp-rp-auth 0.34.1-feature.SSISDK.57.uni.client.206 → 0.34.1-feature.SSISDK.58.host.nonce.endpoint.194

package/dist/index.js

@@ -336,7 +336,6 @@ var plugin_schema_default = {
 import { AuthorizationResponseStateStatus, decodeUriAsJson } from "@sphereon/did-auth-siop";
 import { getAgentResolver as getAgentResolver2 } from "@sphereon/ssi-sdk-ext.did-utils";
 import { shaHasher as defaultHasher2 } from "@sphereon/ssi-sdk.core";
-import { validate as isValidUUID } from "uuid";
 import { CredentialMapper as CredentialMapper2 } from "@sphereon/ssi-types";
 import { DcqlQuery } from "dcql";
 
@@ -352,7 +351,7 @@ function getRequestVersion(rpOptions) {
   if (Array.isArray(rpOptions.supportedVersions) && rpOptions.supportedVersions.length > 0) {
     return rpOptions.supportedVersions[0];
   }
-  return SupportedVersion.OID4VP_v1;
+  return SupportedVersion.JWT_VC_PRESENTATION_PROFILE_v1;
 }
 __name(getRequestVersion, "getRequestVersion");
 function getWellKnownDIDVerifyCallback(siopIdentifierOpts, context) {
@@ -367,33 +366,6 @@ function getWellKnownDIDVerifyCallback(siopIdentifierOpts, context) {
   };
 }
 __name(getWellKnownDIDVerifyCallback, "getWellKnownDIDVerifyCallback");
-function getDcqlQueryLookupCallback(context) {
-  async function dcqlQueryLookup(queryId, version, tenantId) {
-    const result = await context.agent.pdmGetDefinitions({
-      filter: [
-        {
-          queryId,
-          ...tenantId && {
-            tenantId
-          },
-          ...version && {
-            version
-          }
-        },
-        {
-          id: queryId
-        }
-      ]
-    });
-    if (result && result.length > 0) {
-      return result[0].query;
-    }
-    return Promise.reject(Error(`No dcql query found for queryId ${queryId}`));
-  }
-  __name(dcqlQueryLookup, "dcqlQueryLookup");
-  return dcqlQueryLookup;
-}
-__name(getDcqlQueryLookupCallback, "getDcqlQueryLookupCallback");
 function getPresentationVerificationCallback(idOpts, context) {
   async function presentationVerificationCallback(args, presentationSubmission) {
     if (CredentialMapper.isSdJwtEncoded(args)) {
@@ -433,8 +405,27 @@ function getPresentationVerificationCallback(idOpts, context) {
 }
 __name(getPresentationVerificationCallback, "getPresentationVerificationCallback");
 async function createRPBuilder(args) {
-  const { rpOpts, context } = args;
+  const { rpOpts, pexOpts, context } = args;
   const { identifierOpts } = rpOpts;
+  let definition = args.definition;
+  let dcqlQuery = args.dcql;
+  if (!definition && pexOpts && pexOpts.queryId) {
+    const presentationDefinitionItems = await context.agent.pdmGetDefinitions({
+      filter: [
+        {
+          queryId: pexOpts.queryId,
+          version: pexOpts.version,
+          tenantId: pexOpts.tenantId
+        }
+      ]
+    });
+    if (presentationDefinitionItems.length > 0) {
+      const presentationDefinitionItem = presentationDefinitionItems[0];
+      if (!dcqlQuery && presentationDefinitionItem.dcqlPayload) {
+        dcqlQuery = presentationDefinitionItem.dcqlPayload.dcqlQuery;
+      }
+    }
+  }
   const didMethods = identifierOpts.supportedDIDMethods ?? await getAgentDIDMethods(context);
   const eventEmitter = rpOpts.eventEmitter ?? new EventEmitter();
   const defaultClientMetadata = {
@@ -489,15 +480,16 @@ async function createRPBuilder(args) {
   const builder = RP.builder({
     requestVersion: getRequestVersion(rpOpts)
   }).withScope("openid", PropertyTarget.REQUEST_OBJECT).withResponseMode(rpOpts.responseMode ?? ResponseMode.POST).withResponseType(ResponseType.VP_TOKEN, PropertyTarget.REQUEST_OBJECT).withSupportedVersions(rpOpts.supportedVersions ?? [
-    SupportedVersion.OID4VP_v1,
-    SupportedVersion.SIOPv2_OID4VP_D28
+    SupportedVersion.JWT_VC_PRESENTATION_PROFILE_v1,
+    SupportedVersion.SIOPv2_ID1,
+    SupportedVersion.SIOPv2_D11
   ]).withEventEmitter(eventEmitter).withSessionManager(rpOpts.sessionManager ?? new InMemoryRPSessionManager(eventEmitter)).withClientMetadata(rpOpts.clientMetadataOpts ?? defaultClientMetadata, PropertyTarget.REQUEST_OBJECT).withVerifyJwtCallback(rpOpts.verifyJwtCallback ? rpOpts.verifyJwtCallback : getVerifyJwtCallback({
     resolver,
     verifyOpts: {
       wellknownDIDVerifyCallback: getWellKnownDIDVerifyCallback(rpOpts.identifierOpts, context),
       checkLinkedDomain: "if_present"
     }
-  }, context)).withDcqlQueryLookup(getDcqlQueryLookupCallback(context)).withRevocationVerification(RevocationVerification.NEVER).withPresentationVerification(getPresentationVerificationCallback(identifierOpts.idOpts, context));
+  }, context)).withRevocationVerification(RevocationVerification.NEVER).withPresentationVerification(getPresentationVerificationCallback(identifierOpts.idOpts, context));
   const oidfOpts = identifierOpts.oidfOpts;
   if (oidfOpts && isExternalIdentifierOIDFEntityIdOpts(oidfOpts)) {
     builder.withEntityId(oidfOpts.identifier, PropertyTarget.REQUEST_OBJECT);
@@ -510,6 +502,9 @@ async function createRPBuilder(args) {
   if (hasher) {
     builder.withHasher(hasher);
   }
+  if (dcqlQuery) {
+    builder.withDcqlQuery(dcqlQuery);
+  }
   if (rpOpts.responseRedirectUri) {
     builder.withResponseRedirectUri(rpOpts.responseRedirectUri);
   }
@@ -582,16 +577,17 @@ var RPInstance = class {
     __name(this, "RPInstance");
   }
   _rp;
-  _presentationOptions;
+  _pexOptions;
   _rpOptions;
   constructor({ rpOpts, pexOpts }) {
     this._rpOptions = rpOpts;
-    this._presentationOptions = pexOpts;
+    this._pexOptions = pexOpts;
   }
   async get(context) {
     if (!this._rp) {
       const builder = await createRPBuilder({
         rpOpts: this._rpOptions,
+        pexOpts: this._pexOptions,
         context
       });
       this._rp = builder.build();
@@ -601,8 +597,20 @@ var RPInstance = class {
   get rpOptions() {
     return this._rpOptions;
   }
-  get presentationOptions() {
-    return this._presentationOptions;
+  get pexOptions() {
+    return this._pexOptions;
+  }
+  hasDefinition() {
+    return this.definitionId !== void 0;
+  }
+  get definitionId() {
+    return this.pexOptions?.queryId;
+  }
+  async getPresentationDefinition(context) {
+    return this.definitionId ? await context.agent.pexStoreGetDefinition({
+      definitionId: this.definitionId,
+      tenantId: this.pexOptions?.tenantId
+    }) : void 0;
   }
   async createAuthorizationRequestURI(createArgs, context) {
     const { correlationId, queryId, claims, requestByReferenceURI, responseURI, responseURIType, callback } = createArgs;
@@ -719,7 +727,6 @@ var SIOPv2RP = class _SIOPv2RP {
   }
   async createAuthorizationRequestURI(createArgs, context) {
     return await this.getRPInstance({
-      createWhenNotPresent: true,
       responseRedirectURI: createArgs.responseRedirectURI,
       ...createArgs.useQueryIdInstance === true && {
         queryId: createArgs.queryId
@@ -728,7 +735,6 @@ var SIOPv2RP = class _SIOPv2RP {
   }
   async createAuthorizationRequestPayloads(createArgs, context) {
     return await this.getRPInstance({
-      createWhenNotPresent: true,
       queryId: createArgs.queryId
     }, context).then((rp) => rp.createAuthorizationRequest(createArgs, context)).then(async (request) => {
       const authRequest = {
@@ -741,13 +747,11 @@ var SIOPv2RP = class _SIOPv2RP {
   }
   async siopGetRequestState(args, context) {
     return await this.getRPInstance({
-      createWhenNotPresent: false,
       queryId: args.queryId
     }, context).then((rp) => rp.get(context).then((rp2) => rp2.sessionManager.getRequestStateByCorrelationId(args.correlationId, args.errorOnNotFound)));
   }
   async siopGetResponseState(args, context) {
     const rpInstance = await this.getRPInstance({
-      createWhenNotPresent: false,
       queryId: args.queryId
     }, context);
     const authorizationResponseState = await rpInstance.get(context).then((rp) => rp.sessionManager.getResponseStateByCorrelationId(args.correlationId, args.errorOnNotFound));
@@ -805,7 +809,6 @@ var SIOPv2RP = class _SIOPv2RP {
       throw Error(`Only 'authorization_request_created' status is supported for this method at this point`);
     }
     return await this.getRPInstance({
-      createWhenNotPresent: false,
       queryId: args.queryId
     }, context).then((rp) => rp.get(context).then(async (rp2) => {
       await rp2.signalAuthRequestRetrieved({
@@ -817,7 +820,6 @@ var SIOPv2RP = class _SIOPv2RP {
   }
   async siopDeleteState(args, context) {
     return await this.getRPInstance({
-      createWhenNotPresent: false,
       queryId: args.queryId
     }, context).then((rp) => rp.get(context).then((rp2) => rp2.sessionManager.deleteStateForCorrelationId(args.correlationId))).then(() => true);
   }
@@ -827,7 +829,6 @@ var SIOPv2RP = class _SIOPv2RP {
     }
     const authResponse = typeof args.authorizationResponse === "string" ? decodeUriAsJson(args.authorizationResponse) : args.authorizationResponse;
     return await this.getRPInstance({
-      createWhenNotPresent: false,
       queryId: args.queryId
     }, context).then((rp) => rp.get(context).then((rp2) => rp2.verifyAuthorizationResponse(authResponse, {
       correlationId: args.correlationId,
@@ -872,37 +873,9 @@ var SIOPv2RP = class _SIOPv2RP {
     }
     return void 0;
   }
-  async getRPInstance({ createWhenNotPresent, queryId, responseRedirectURI }, context) {
-    let rpInstanceId = _SIOPv2RP._DEFAULT_OPTS_KEY;
-    let rpInstance;
-    if (queryId) {
-      if (this.instances.has(queryId)) {
-        rpInstanceId = queryId;
-        rpInstance = this.instances.get(rpInstanceId);
-      } else if (isValidUUID(queryId)) {
-        try {
-          const pd = await context.agent.pdmGetDefinition({
-            itemId: queryId
-          });
-          if (this.instances.has(pd.queryId)) {
-            rpInstanceId = pd.queryId;
-            rpInstance = this.instances.get(rpInstanceId);
-          }
-        } catch (ignore) {
-        }
-      }
-      if (createWhenNotPresent) {
-        rpInstanceId = queryId;
-      } else {
-        rpInstance = this.instances.get(rpInstanceId);
-      }
-    } else {
-      rpInstance = this.instances.get(rpInstanceId);
-    }
-    if (!rpInstance) {
-      if (!createWhenNotPresent) {
-        return Promise.reject(`No RP instance found for key ${rpInstanceId}`);
-      }
+  async getRPInstance({ queryId, responseRedirectURI }, context) {
+    const instanceId = queryId ?? _SIOPv2RP._DEFAULT_OPTS_KEY;
+    if (!this.instances.has(instanceId)) {
       const instanceOpts = this.getInstanceOpts(queryId);
       const rpOpts = await this.getRPOptions(context, {
         queryId,
@@ -924,12 +897,12 @@ var SIOPv2RP = class _SIOPv2RP {
           resolverResolution: true
         });
       }
-      rpInstance = new RPInstance({
+      this.instances.set(instanceId, new RPInstance({
         rpOpts,
         pexOpts: instanceOpts
-      });
-      this.instances.set(rpInstanceId, rpInstance);
+      }));
     }
+    const rpInstance = this.instances.get(instanceId);
     if (responseRedirectURI) {
       rpInstance.rpOptions.responseRedirectUri = responseRedirectURI;
     }
@@ -971,20 +944,20 @@ var SIOPv2RP = class _SIOPv2RP {
     }
     return options;
   }
-  getInstanceOpts(queryId) {
+  getInstanceOpts(definitionId) {
     if (!this.opts.instanceOpts) return void 0;
-    const instanceOpt = queryId ? this.opts.instanceOpts.find((i) => i.queryId === queryId) : void 0;
-    return instanceOpt ?? this.getDefaultOptions(queryId);
+    const instanceOpt = definitionId ? this.opts.instanceOpts.find((i) => i.queryId === definitionId) : void 0;
+    return instanceOpt ?? this.getDefaultOptions(definitionId);
   }
-  getDefaultOptions(queryId) {
+  getDefaultOptions(definitionId) {
     if (!this.opts.instanceOpts) return void 0;
     const defaultOptions = this.opts.instanceOpts.find((i) => i.queryId === "default");
     if (defaultOptions) {
       const clonedOptions = {
         ...defaultOptions
       };
-      if (queryId !== void 0) {
-        clonedOptions.queryId = queryId;
+      if (definitionId !== void 0) {
+        clonedOptions.queryId = definitionId;
       }
       return clonedOptions;
     }