@sphereon/ssi-sdk.siopv2-oid4vp-rp-auth 0.34.1-fix.147 → 0.34.1-fix.161
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.cjs +35 -30
- package/dist/index.cjs.map +1 -1
- package/dist/index.d.cts +19 -20
- package/dist/index.d.ts +19 -20
- package/dist/index.js +35 -30
- package/dist/index.js.map +1 -1
- package/package.json +17 -17
- package/src/RPInstance.ts +6 -4
- package/src/agent/SIOPv2RP.ts +29 -27
- package/src/functions.ts +5 -4
- package/src/types/ISIOPv2RP.ts +15 -17
package/dist/index.d.cts
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
import { IPluginMethodMap, IAgentContext, IResolver, IDIDManager, IKeyManager, ICredentialIssuer, ICredentialVerifier, IAgentPlugin } from '@veramo/core';
|
|
2
|
-
import { ResponseURIType, ClaimPayloadCommonOpts, AuthorizationRequestPayload, RequestObjectPayload, AuthorizationRequestState,
|
|
2
|
+
import { ResponseURIType, ClaimPayloadCommonOpts, CallbackOpts, AuthorizationRequestPayload, RequestObjectPayload, AuthorizationRequestState, AuthorizationResponseStateWithVerifiedData, AuthorizationResponsePayload, VerifiedAuthorizationResponse, ResponseMode, SupportedVersion, IRPSessionManager, ClientMetadataOpts, VerifyJwtCallback, PresentationVerificationCallback, RP, URI, AuthorizationRequest } from '@sphereon/did-auth-siop';
|
|
3
3
|
import { CheckLinkedDomain } from '@sphereon/did-auth-siop-adapter';
|
|
4
4
|
import { DIDDocument } from '@sphereon/did-uni-client';
|
|
5
5
|
import { JwtIssuer } from '@sphereon/oid4vc-common';
|
|
@@ -13,7 +13,7 @@ import { IPDManager, VersionControlMode } from '@sphereon/ssi-sdk.pd-manager';
|
|
|
13
13
|
import { IPresentationExchange } from '@sphereon/ssi-sdk.presentation-exchange';
|
|
14
14
|
import { ISDJwtPlugin } from '@sphereon/ssi-sdk.sd-jwt';
|
|
15
15
|
import { AuthorizationRequestStateStatus } from '@sphereon/ssi-sdk.siopv2-oid4vp-common';
|
|
16
|
-
import {
|
|
16
|
+
import { DcqlQueryPayload, HasherSync } from '@sphereon/ssi-types';
|
|
17
17
|
import { VerifyCallback } from '@sphereon/wellknown-dids-client';
|
|
18
18
|
import { Resolvable } from 'did-resolver';
|
|
19
19
|
import { EventEmitter } from 'events';
|
|
@@ -412,8 +412,9 @@ interface ISiopv2RPOpts {
|
|
|
412
412
|
interface IRPDefaultOpts extends IRPOptions {
|
|
413
413
|
}
|
|
414
414
|
interface ICreateAuthRequestArgs {
|
|
415
|
-
|
|
415
|
+
queryId: string;
|
|
416
416
|
correlationId: string;
|
|
417
|
+
useQueryIdInstance?: boolean;
|
|
417
418
|
responseURIType: ResponseURIType;
|
|
418
419
|
responseURI: string;
|
|
419
420
|
responseRedirectURI?: string;
|
|
@@ -422,32 +423,33 @@ interface ICreateAuthRequestArgs {
|
|
|
422
423
|
nonce?: string;
|
|
423
424
|
state?: string;
|
|
424
425
|
claims?: ClaimPayloadCommonOpts;
|
|
426
|
+
callback?: CallbackOpts;
|
|
425
427
|
}
|
|
426
428
|
interface IGetAuthRequestStateArgs {
|
|
427
429
|
correlationId: string;
|
|
428
|
-
|
|
430
|
+
queryId?: string;
|
|
429
431
|
errorOnNotFound?: boolean;
|
|
430
432
|
}
|
|
431
433
|
interface IGetAuthResponseStateArgs {
|
|
432
434
|
correlationId: string;
|
|
433
|
-
|
|
435
|
+
queryId?: string;
|
|
434
436
|
errorOnNotFound?: boolean;
|
|
435
437
|
progressRequestStateTo?: AuthorizationRequestStateStatus;
|
|
436
438
|
includeVerifiedData?: VerifiedDataMode;
|
|
437
439
|
}
|
|
438
440
|
interface IUpdateRequestStateArgs {
|
|
439
|
-
|
|
441
|
+
queryId: string;
|
|
440
442
|
correlationId: string;
|
|
441
443
|
state: AuthorizationRequestStateStatus;
|
|
442
444
|
error?: string;
|
|
443
445
|
}
|
|
444
446
|
interface IDeleteAuthStateArgs {
|
|
445
447
|
correlationId: string;
|
|
446
|
-
|
|
448
|
+
queryId?: string;
|
|
447
449
|
}
|
|
448
450
|
interface IVerifyAuthResponseStateArgs {
|
|
449
451
|
authorizationResponse: string | AuthorizationResponsePayload;
|
|
450
|
-
|
|
452
|
+
queryId?: string;
|
|
451
453
|
correlationId: string;
|
|
452
454
|
audience?: string;
|
|
453
455
|
dcqlQueryPayload?: DcqlQueryPayload;
|
|
@@ -457,14 +459,14 @@ interface IDefinitionPair {
|
|
|
457
459
|
dcqlPayload?: DcqlQueryPayload;
|
|
458
460
|
}
|
|
459
461
|
interface ImportDefinitionsArgs {
|
|
460
|
-
|
|
462
|
+
queries: Array<IDefinitionPair>;
|
|
461
463
|
tenantId?: string;
|
|
462
464
|
version?: string;
|
|
463
465
|
versionControlMode?: VersionControlMode;
|
|
464
466
|
}
|
|
465
467
|
interface IGetRedirectUriArgs {
|
|
466
468
|
correlationId: string;
|
|
467
|
-
|
|
469
|
+
queryId?: string;
|
|
468
470
|
state?: string;
|
|
469
471
|
}
|
|
470
472
|
interface IAuthorizationRequestPayloads {
|
|
@@ -477,7 +479,7 @@ interface IPEXDefinitionPersistArgs extends IPEXInstanceOptions {
|
|
|
477
479
|
ttl?: number;
|
|
478
480
|
}
|
|
479
481
|
interface ISiopRPInstanceArgs {
|
|
480
|
-
|
|
482
|
+
queryId?: string;
|
|
481
483
|
responseRedirectURI?: string;
|
|
482
484
|
}
|
|
483
485
|
interface IPEXInstanceOptions extends IPEXOptions {
|
|
@@ -498,7 +500,7 @@ interface IRPOptions {
|
|
|
498
500
|
}
|
|
499
501
|
interface IPEXOptions {
|
|
500
502
|
presentationVerifyCallback?: PresentationVerificationCallback;
|
|
501
|
-
|
|
503
|
+
queryId: string;
|
|
502
504
|
version?: string;
|
|
503
505
|
tenantId?: string;
|
|
504
506
|
}
|
|
@@ -523,9 +525,6 @@ interface ISIOPIdentifierOptions extends Omit<IDIDOptions, 'idOpts'> {
|
|
|
523
525
|
type CredentialOpts = {
|
|
524
526
|
hasher?: HasherSync;
|
|
525
527
|
};
|
|
526
|
-
interface AuthorizationResponseStateWithVerifiedData extends AuthorizationResponseState {
|
|
527
|
-
verifiedData?: AdditionalClaims;
|
|
528
|
-
}
|
|
529
528
|
type IRequiredContext = IAgentContext<IResolver & IDIDManager & IKeyManager & IIdentifierResolution & ICredentialIssuer & ICredentialValidation & ICredentialVerifier & IPresentationExchange & IPDManager & ISDJwtPlugin & IJwtService & ImDLMdoc>;
|
|
530
529
|
|
|
531
530
|
declare class RPInstance {
|
|
@@ -542,8 +541,8 @@ declare class RPInstance {
|
|
|
542
541
|
hasDefinition(): boolean;
|
|
543
542
|
get definitionId(): string | undefined;
|
|
544
543
|
getPresentationDefinition(context: IRequiredContext): Promise<IPresentationDefinition | undefined>;
|
|
545
|
-
createAuthorizationRequestURI(createArgs:
|
|
546
|
-
createAuthorizationRequest(createArgs: Omit<ICreateAuthRequestArgs, '
|
|
544
|
+
createAuthorizationRequestURI(createArgs: ICreateAuthRequestArgs, context: IRequiredContext): Promise<URI>;
|
|
545
|
+
createAuthorizationRequest(createArgs: Omit<ICreateAuthRequestArgs, 'queryId'>, context: IRequiredContext): Promise<AuthorizationRequest>;
|
|
547
546
|
}
|
|
548
547
|
|
|
549
548
|
declare class SIOPv2RP implements IAgentPlugin {
|
|
@@ -890,13 +889,13 @@ declare class SIOPv2RP implements IAgentPlugin {
|
|
|
890
889
|
private siopVerifyAuthResponse;
|
|
891
890
|
private siopImportDefinitions;
|
|
892
891
|
private siopGetRedirectURI;
|
|
893
|
-
getRPInstance({
|
|
892
|
+
getRPInstance({ queryId, responseRedirectURI }: ISiopRPInstanceArgs, context: IRequiredContext): Promise<RPInstance>;
|
|
894
893
|
getRPOptions(context: IRequiredContext, opts: {
|
|
895
|
-
|
|
894
|
+
queryId?: string;
|
|
896
895
|
responseRedirectURI?: string;
|
|
897
896
|
}): Promise<IRPOptions>;
|
|
898
897
|
getInstanceOpts(definitionId?: string): IPEXInstanceOptions | undefined;
|
|
899
898
|
private getDefaultOptions;
|
|
900
899
|
}
|
|
901
900
|
|
|
902
|
-
export { type
|
|
901
|
+
export { type CredentialOpts, type IAuthRequestDetails, type IAuthorizationRequestPayloads, type ICreateAuthRequestArgs, type IDefinitionPair, type IDeleteAuthStateArgs, type IGetAuthRequestStateArgs, type IGetAuthResponseStateArgs, type IGetRedirectUriArgs, type IPEXDefinitionPersistArgs, type IPEXInstanceOptions, type IPEXOptions, type IRPDefaultOpts, type IRPOptions, type IRequiredContext, type ISIOPIdentifierOptions, type ISIOPv2RP, type ISiopRPInstanceArgs, type ISiopv2RPOpts, type IUpdateRequestStateArgs, type IVerifyAuthResponseStateArgs, type ImportDefinitionsArgs, type PerDidResolver, SIOPv2RP, type VerificationPolicies, VerifiedDataMode, plugin_schema as schema };
|
package/dist/index.d.ts
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
import { IPluginMethodMap, IAgentContext, IResolver, IDIDManager, IKeyManager, ICredentialIssuer, ICredentialVerifier, IAgentPlugin } from '@veramo/core';
|
|
2
|
-
import { ResponseURIType, ClaimPayloadCommonOpts, AuthorizationRequestPayload, RequestObjectPayload, AuthorizationRequestState,
|
|
2
|
+
import { ResponseURIType, ClaimPayloadCommonOpts, CallbackOpts, AuthorizationRequestPayload, RequestObjectPayload, AuthorizationRequestState, AuthorizationResponseStateWithVerifiedData, AuthorizationResponsePayload, VerifiedAuthorizationResponse, ResponseMode, SupportedVersion, IRPSessionManager, ClientMetadataOpts, VerifyJwtCallback, PresentationVerificationCallback, RP, URI, AuthorizationRequest } from '@sphereon/did-auth-siop';
|
|
3
3
|
import { CheckLinkedDomain } from '@sphereon/did-auth-siop-adapter';
|
|
4
4
|
import { DIDDocument } from '@sphereon/did-uni-client';
|
|
5
5
|
import { JwtIssuer } from '@sphereon/oid4vc-common';
|
|
@@ -13,7 +13,7 @@ import { IPDManager, VersionControlMode } from '@sphereon/ssi-sdk.pd-manager';
|
|
|
13
13
|
import { IPresentationExchange } from '@sphereon/ssi-sdk.presentation-exchange';
|
|
14
14
|
import { ISDJwtPlugin } from '@sphereon/ssi-sdk.sd-jwt';
|
|
15
15
|
import { AuthorizationRequestStateStatus } from '@sphereon/ssi-sdk.siopv2-oid4vp-common';
|
|
16
|
-
import {
|
|
16
|
+
import { DcqlQueryPayload, HasherSync } from '@sphereon/ssi-types';
|
|
17
17
|
import { VerifyCallback } from '@sphereon/wellknown-dids-client';
|
|
18
18
|
import { Resolvable } from 'did-resolver';
|
|
19
19
|
import { EventEmitter } from 'events';
|
|
@@ -412,8 +412,9 @@ interface ISiopv2RPOpts {
|
|
|
412
412
|
interface IRPDefaultOpts extends IRPOptions {
|
|
413
413
|
}
|
|
414
414
|
interface ICreateAuthRequestArgs {
|
|
415
|
-
|
|
415
|
+
queryId: string;
|
|
416
416
|
correlationId: string;
|
|
417
|
+
useQueryIdInstance?: boolean;
|
|
417
418
|
responseURIType: ResponseURIType;
|
|
418
419
|
responseURI: string;
|
|
419
420
|
responseRedirectURI?: string;
|
|
@@ -422,32 +423,33 @@ interface ICreateAuthRequestArgs {
|
|
|
422
423
|
nonce?: string;
|
|
423
424
|
state?: string;
|
|
424
425
|
claims?: ClaimPayloadCommonOpts;
|
|
426
|
+
callback?: CallbackOpts;
|
|
425
427
|
}
|
|
426
428
|
interface IGetAuthRequestStateArgs {
|
|
427
429
|
correlationId: string;
|
|
428
|
-
|
|
430
|
+
queryId?: string;
|
|
429
431
|
errorOnNotFound?: boolean;
|
|
430
432
|
}
|
|
431
433
|
interface IGetAuthResponseStateArgs {
|
|
432
434
|
correlationId: string;
|
|
433
|
-
|
|
435
|
+
queryId?: string;
|
|
434
436
|
errorOnNotFound?: boolean;
|
|
435
437
|
progressRequestStateTo?: AuthorizationRequestStateStatus;
|
|
436
438
|
includeVerifiedData?: VerifiedDataMode;
|
|
437
439
|
}
|
|
438
440
|
interface IUpdateRequestStateArgs {
|
|
439
|
-
|
|
441
|
+
queryId: string;
|
|
440
442
|
correlationId: string;
|
|
441
443
|
state: AuthorizationRequestStateStatus;
|
|
442
444
|
error?: string;
|
|
443
445
|
}
|
|
444
446
|
interface IDeleteAuthStateArgs {
|
|
445
447
|
correlationId: string;
|
|
446
|
-
|
|
448
|
+
queryId?: string;
|
|
447
449
|
}
|
|
448
450
|
interface IVerifyAuthResponseStateArgs {
|
|
449
451
|
authorizationResponse: string | AuthorizationResponsePayload;
|
|
450
|
-
|
|
452
|
+
queryId?: string;
|
|
451
453
|
correlationId: string;
|
|
452
454
|
audience?: string;
|
|
453
455
|
dcqlQueryPayload?: DcqlQueryPayload;
|
|
@@ -457,14 +459,14 @@ interface IDefinitionPair {
|
|
|
457
459
|
dcqlPayload?: DcqlQueryPayload;
|
|
458
460
|
}
|
|
459
461
|
interface ImportDefinitionsArgs {
|
|
460
|
-
|
|
462
|
+
queries: Array<IDefinitionPair>;
|
|
461
463
|
tenantId?: string;
|
|
462
464
|
version?: string;
|
|
463
465
|
versionControlMode?: VersionControlMode;
|
|
464
466
|
}
|
|
465
467
|
interface IGetRedirectUriArgs {
|
|
466
468
|
correlationId: string;
|
|
467
|
-
|
|
469
|
+
queryId?: string;
|
|
468
470
|
state?: string;
|
|
469
471
|
}
|
|
470
472
|
interface IAuthorizationRequestPayloads {
|
|
@@ -477,7 +479,7 @@ interface IPEXDefinitionPersistArgs extends IPEXInstanceOptions {
|
|
|
477
479
|
ttl?: number;
|
|
478
480
|
}
|
|
479
481
|
interface ISiopRPInstanceArgs {
|
|
480
|
-
|
|
482
|
+
queryId?: string;
|
|
481
483
|
responseRedirectURI?: string;
|
|
482
484
|
}
|
|
483
485
|
interface IPEXInstanceOptions extends IPEXOptions {
|
|
@@ -498,7 +500,7 @@ interface IRPOptions {
|
|
|
498
500
|
}
|
|
499
501
|
interface IPEXOptions {
|
|
500
502
|
presentationVerifyCallback?: PresentationVerificationCallback;
|
|
501
|
-
|
|
503
|
+
queryId: string;
|
|
502
504
|
version?: string;
|
|
503
505
|
tenantId?: string;
|
|
504
506
|
}
|
|
@@ -523,9 +525,6 @@ interface ISIOPIdentifierOptions extends Omit<IDIDOptions, 'idOpts'> {
|
|
|
523
525
|
type CredentialOpts = {
|
|
524
526
|
hasher?: HasherSync;
|
|
525
527
|
};
|
|
526
|
-
interface AuthorizationResponseStateWithVerifiedData extends AuthorizationResponseState {
|
|
527
|
-
verifiedData?: AdditionalClaims;
|
|
528
|
-
}
|
|
529
528
|
type IRequiredContext = IAgentContext<IResolver & IDIDManager & IKeyManager & IIdentifierResolution & ICredentialIssuer & ICredentialValidation & ICredentialVerifier & IPresentationExchange & IPDManager & ISDJwtPlugin & IJwtService & ImDLMdoc>;
|
|
530
529
|
|
|
531
530
|
declare class RPInstance {
|
|
@@ -542,8 +541,8 @@ declare class RPInstance {
|
|
|
542
541
|
hasDefinition(): boolean;
|
|
543
542
|
get definitionId(): string | undefined;
|
|
544
543
|
getPresentationDefinition(context: IRequiredContext): Promise<IPresentationDefinition | undefined>;
|
|
545
|
-
createAuthorizationRequestURI(createArgs:
|
|
546
|
-
createAuthorizationRequest(createArgs: Omit<ICreateAuthRequestArgs, '
|
|
544
|
+
createAuthorizationRequestURI(createArgs: ICreateAuthRequestArgs, context: IRequiredContext): Promise<URI>;
|
|
545
|
+
createAuthorizationRequest(createArgs: Omit<ICreateAuthRequestArgs, 'queryId'>, context: IRequiredContext): Promise<AuthorizationRequest>;
|
|
547
546
|
}
|
|
548
547
|
|
|
549
548
|
declare class SIOPv2RP implements IAgentPlugin {
|
|
@@ -890,13 +889,13 @@ declare class SIOPv2RP implements IAgentPlugin {
|
|
|
890
889
|
private siopVerifyAuthResponse;
|
|
891
890
|
private siopImportDefinitions;
|
|
892
891
|
private siopGetRedirectURI;
|
|
893
|
-
getRPInstance({
|
|
892
|
+
getRPInstance({ queryId, responseRedirectURI }: ISiopRPInstanceArgs, context: IRequiredContext): Promise<RPInstance>;
|
|
894
893
|
getRPOptions(context: IRequiredContext, opts: {
|
|
895
|
-
|
|
894
|
+
queryId?: string;
|
|
896
895
|
responseRedirectURI?: string;
|
|
897
896
|
}): Promise<IRPOptions>;
|
|
898
897
|
getInstanceOpts(definitionId?: string): IPEXInstanceOptions | undefined;
|
|
899
898
|
private getDefaultOptions;
|
|
900
899
|
}
|
|
901
900
|
|
|
902
|
-
export { type
|
|
901
|
+
export { type CredentialOpts, type IAuthRequestDetails, type IAuthorizationRequestPayloads, type ICreateAuthRequestArgs, type IDefinitionPair, type IDeleteAuthStateArgs, type IGetAuthRequestStateArgs, type IGetAuthResponseStateArgs, type IGetRedirectUriArgs, type IPEXDefinitionPersistArgs, type IPEXInstanceOptions, type IPEXOptions, type IRPDefaultOpts, type IRPOptions, type IRequiredContext, type ISIOPIdentifierOptions, type ISIOPv2RP, type ISiopRPInstanceArgs, type ISiopv2RPOpts, type IUpdateRequestStateArgs, type IVerifyAuthResponseStateArgs, type ImportDefinitionsArgs, type PerDidResolver, SIOPv2RP, type VerificationPolicies, VerifiedDataMode, plugin_schema as schema };
|
package/dist/index.js
CHANGED
|
@@ -409,11 +409,11 @@ async function createRPBuilder(args) {
|
|
|
409
409
|
const { identifierOpts } = rpOpts;
|
|
410
410
|
let definition = args.definition;
|
|
411
411
|
let dcqlQuery = args.dcql;
|
|
412
|
-
if (!definition && pexOpts && pexOpts.
|
|
412
|
+
if (!definition && pexOpts && pexOpts.queryId) {
|
|
413
413
|
const presentationDefinitionItems = await context.agent.pdmGetDefinitions({
|
|
414
414
|
filter: [
|
|
415
415
|
{
|
|
416
|
-
definitionId: pexOpts.
|
|
416
|
+
definitionId: pexOpts.queryId,
|
|
417
417
|
version: pexOpts.version,
|
|
418
418
|
tenantId: pexOpts.tenantId
|
|
419
419
|
}
|
|
@@ -496,7 +496,8 @@ async function createRPBuilder(args) {
|
|
|
496
496
|
} else {
|
|
497
497
|
const resolution = await context.agent.identifierManagedGet(identifierOpts.idOpts);
|
|
498
498
|
const clientId = rpOpts.clientMetadataOpts?.client_id ?? resolution.issuer ?? (isManagedIdentifierDidResult(resolution) ? resolution.did : resolution.jwkThumbprint);
|
|
499
|
-
|
|
499
|
+
const clientIdPrefixed = prefixClientId(clientId);
|
|
500
|
+
builder.withClientId(clientIdPrefixed, PropertyTarget.REQUEST_OBJECT);
|
|
500
501
|
}
|
|
501
502
|
if (hasher) {
|
|
502
503
|
builder.withHasher(hasher);
|
|
@@ -603,7 +604,7 @@ var RPInstance = class {
|
|
|
603
604
|
return this.definitionId !== void 0;
|
|
604
605
|
}
|
|
605
606
|
get definitionId() {
|
|
606
|
-
return this.pexOptions?.
|
|
607
|
+
return this.pexOptions?.queryId;
|
|
607
608
|
}
|
|
608
609
|
async getPresentationDefinition(context) {
|
|
609
610
|
return this.definitionId ? await context.agent.pexStoreGetDefinition({
|
|
@@ -612,7 +613,7 @@ var RPInstance = class {
|
|
|
612
613
|
}) : void 0;
|
|
613
614
|
}
|
|
614
615
|
async createAuthorizationRequestURI(createArgs, context) {
|
|
615
|
-
const { correlationId, claims, requestByReferenceURI, responseURI, responseURIType } = createArgs;
|
|
616
|
+
const { correlationId, queryId, claims, requestByReferenceURI, responseURI, responseURIType, callback } = createArgs;
|
|
616
617
|
const nonce = createArgs.nonce ?? uuidv4();
|
|
617
618
|
const state = createArgs.state ?? correlationId;
|
|
618
619
|
let jwtIssuer;
|
|
@@ -640,13 +641,15 @@ var RPInstance = class {
|
|
|
640
641
|
return await this.get(context).then((rp) => rp.createAuthorizationRequestURI({
|
|
641
642
|
version: getRequestVersion(this.rpOptions),
|
|
642
643
|
correlationId,
|
|
644
|
+
queryId,
|
|
643
645
|
nonce,
|
|
644
646
|
state,
|
|
645
647
|
claims,
|
|
646
648
|
requestByReferenceURI,
|
|
647
649
|
responseURI,
|
|
648
650
|
responseURIType,
|
|
649
|
-
jwtIssuer
|
|
651
|
+
jwtIssuer,
|
|
652
|
+
callback
|
|
650
653
|
}));
|
|
651
654
|
}
|
|
652
655
|
async createAuthorizationRequest(createArgs, context) {
|
|
@@ -724,13 +727,15 @@ var SIOPv2RP = class _SIOPv2RP {
|
|
|
724
727
|
}
|
|
725
728
|
async createAuthorizationRequestURI(createArgs, context) {
|
|
726
729
|
return await this.getRPInstance({
|
|
727
|
-
|
|
728
|
-
|
|
730
|
+
responseRedirectURI: createArgs.responseRedirectURI,
|
|
731
|
+
...createArgs.useQueryIdInstance === true && {
|
|
732
|
+
queryId: createArgs.queryId
|
|
733
|
+
}
|
|
729
734
|
}, context).then((rp) => rp.createAuthorizationRequestURI(createArgs, context)).then((URI) => URI.encodedUri);
|
|
730
735
|
}
|
|
731
736
|
async createAuthorizationRequestPayloads(createArgs, context) {
|
|
732
737
|
return await this.getRPInstance({
|
|
733
|
-
|
|
738
|
+
queryId: createArgs.queryId
|
|
734
739
|
}, context).then((rp) => rp.createAuthorizationRequest(createArgs, context)).then(async (request) => {
|
|
735
740
|
const authRequest = {
|
|
736
741
|
authorizationRequest: request.payload,
|
|
@@ -742,12 +747,12 @@ var SIOPv2RP = class _SIOPv2RP {
|
|
|
742
747
|
}
|
|
743
748
|
async siopGetRequestState(args, context) {
|
|
744
749
|
return await this.getRPInstance({
|
|
745
|
-
|
|
750
|
+
queryId: args.queryId
|
|
746
751
|
}, context).then((rp) => rp.get(context).then((rp2) => rp2.sessionManager.getRequestStateByCorrelationId(args.correlationId, args.errorOnNotFound)));
|
|
747
752
|
}
|
|
748
753
|
async siopGetResponseState(args, context) {
|
|
749
754
|
const rpInstance = await this.getRPInstance({
|
|
750
|
-
|
|
755
|
+
queryId: args.queryId
|
|
751
756
|
}, context);
|
|
752
757
|
const authorizationResponseState = await rpInstance.get(context).then((rp) => rp.sessionManager.getResponseStateByCorrelationId(args.correlationId, args.errorOnNotFound));
|
|
753
758
|
if (authorizationResponseState === void 0) {
|
|
@@ -800,11 +805,11 @@ var SIOPv2RP = class _SIOPv2RP {
|
|
|
800
805
|
}
|
|
801
806
|
presentationOrClaimsFrom = /* @__PURE__ */ __name((presentationDecoded) => CredentialMapper2.isSdJwtDecodedCredential(presentationDecoded) ? presentationDecoded.decodedPayload : CredentialMapper2.toUniformPresentation(presentationDecoded), "presentationOrClaimsFrom");
|
|
802
807
|
async siopUpdateRequestState(args, context) {
|
|
803
|
-
if (args.state !== "
|
|
804
|
-
throw Error(`Only '
|
|
808
|
+
if (args.state !== "authorization_request_created") {
|
|
809
|
+
throw Error(`Only 'authorization_request_created' status is supported for this method at this point`);
|
|
805
810
|
}
|
|
806
811
|
return await this.getRPInstance({
|
|
807
|
-
|
|
812
|
+
queryId: args.queryId
|
|
808
813
|
}, context).then((rp) => rp.get(context).then(async (rp2) => {
|
|
809
814
|
await rp2.signalAuthRequestRetrieved({
|
|
810
815
|
correlationId: args.correlationId,
|
|
@@ -815,7 +820,7 @@ var SIOPv2RP = class _SIOPv2RP {
|
|
|
815
820
|
}
|
|
816
821
|
async siopDeleteState(args, context) {
|
|
817
822
|
return await this.getRPInstance({
|
|
818
|
-
|
|
823
|
+
queryId: args.queryId
|
|
819
824
|
}, context).then((rp) => rp.get(context).then((rp2) => rp2.sessionManager.deleteStateForCorrelationId(args.correlationId))).then(() => true);
|
|
820
825
|
}
|
|
821
826
|
async siopVerifyAuthResponse(args, context) {
|
|
@@ -824,7 +829,7 @@ var SIOPv2RP = class _SIOPv2RP {
|
|
|
824
829
|
}
|
|
825
830
|
const authResponse = typeof args.authorizationResponse === "string" ? decodeUriAsJson(args.authorizationResponse) : args.authorizationResponse;
|
|
826
831
|
return await this.getRPInstance({
|
|
827
|
-
|
|
832
|
+
queryId: args.queryId
|
|
828
833
|
}, context).then((rp) => rp.get(context).then((rp2) => rp2.verifyAuthorizationResponse(authResponse, {
|
|
829
834
|
correlationId: args.correlationId,
|
|
830
835
|
...args.dcqlQueryPayload ? {
|
|
@@ -834,8 +839,8 @@ var SIOPv2RP = class _SIOPv2RP {
|
|
|
834
839
|
})));
|
|
835
840
|
}
|
|
836
841
|
async siopImportDefinitions(args, context) {
|
|
837
|
-
const {
|
|
838
|
-
await Promise.all(
|
|
842
|
+
const { queries, tenantId, version, versionControlMode } = args;
|
|
843
|
+
await Promise.all(queries.map(async (definitionPair) => {
|
|
839
844
|
const definitionPayload = definitionPair.definitionPayload;
|
|
840
845
|
if (!definitionPayload && !definitionPair.dcqlPayload) {
|
|
841
846
|
return Promise.reject(Error("Either dcqlPayload or definitionPayload must be suppplied"));
|
|
@@ -868,7 +873,7 @@ var SIOPv2RP = class _SIOPv2RP {
|
|
|
868
873
|
}));
|
|
869
874
|
}
|
|
870
875
|
async siopGetRedirectURI(args, context) {
|
|
871
|
-
const instanceId = args.
|
|
876
|
+
const instanceId = args.queryId ?? _SIOPv2RP._DEFAULT_OPTS_KEY;
|
|
872
877
|
if (this.instances.has(instanceId)) {
|
|
873
878
|
const rpInstance = this.instances.get(instanceId);
|
|
874
879
|
if (rpInstance !== void 0) {
|
|
@@ -884,12 +889,12 @@ var SIOPv2RP = class _SIOPv2RP {
|
|
|
884
889
|
}
|
|
885
890
|
return void 0;
|
|
886
891
|
}
|
|
887
|
-
async getRPInstance({
|
|
888
|
-
const instanceId =
|
|
892
|
+
async getRPInstance({ queryId, responseRedirectURI }, context) {
|
|
893
|
+
const instanceId = queryId ?? _SIOPv2RP._DEFAULT_OPTS_KEY;
|
|
889
894
|
if (!this.instances.has(instanceId)) {
|
|
890
|
-
const instanceOpts = this.getInstanceOpts(
|
|
895
|
+
const instanceOpts = this.getInstanceOpts(queryId);
|
|
891
896
|
const rpOpts = await this.getRPOptions(context, {
|
|
892
|
-
|
|
897
|
+
queryId,
|
|
893
898
|
responseRedirectURI
|
|
894
899
|
});
|
|
895
900
|
if (!rpOpts.identifierOpts.resolveOpts?.resolver || typeof rpOpts.identifierOpts.resolveOpts.resolver.resolve !== "function") {
|
|
@@ -901,7 +906,7 @@ var SIOPv2RP = class _SIOPv2RP {
|
|
|
901
906
|
...rpOpts.identifierOpts.resolveOpts
|
|
902
907
|
};
|
|
903
908
|
}
|
|
904
|
-
console.log("Using agent DID resolver for RP instance with definition id " +
|
|
909
|
+
console.log("Using agent DID resolver for RP instance with definition id " + queryId);
|
|
905
910
|
rpOpts.identifierOpts.resolveOpts.resolver = getAgentResolver2(context, {
|
|
906
911
|
uniresolverResolution: true,
|
|
907
912
|
localResolution: true,
|
|
@@ -920,10 +925,10 @@ var SIOPv2RP = class _SIOPv2RP {
|
|
|
920
925
|
return rpInstance;
|
|
921
926
|
}
|
|
922
927
|
async getRPOptions(context, opts) {
|
|
923
|
-
const {
|
|
924
|
-
const options = this.getInstanceOpts(
|
|
928
|
+
const { queryId, responseRedirectURI } = opts;
|
|
929
|
+
const options = this.getInstanceOpts(queryId)?.rpOpts ?? this.opts.defaultOpts;
|
|
925
930
|
if (!options) {
|
|
926
|
-
throw Error(`Could not get specific nor default options for definition ${
|
|
931
|
+
throw Error(`Could not get specific nor default options for definition ${queryId}`);
|
|
927
932
|
}
|
|
928
933
|
if (this.opts.defaultOpts) {
|
|
929
934
|
if (!options.identifierOpts) {
|
|
@@ -957,18 +962,18 @@ var SIOPv2RP = class _SIOPv2RP {
|
|
|
957
962
|
}
|
|
958
963
|
getInstanceOpts(definitionId) {
|
|
959
964
|
if (!this.opts.instanceOpts) return void 0;
|
|
960
|
-
const instanceOpt = definitionId ? this.opts.instanceOpts.find((i) => i.
|
|
965
|
+
const instanceOpt = definitionId ? this.opts.instanceOpts.find((i) => i.queryId === definitionId) : void 0;
|
|
961
966
|
return instanceOpt ?? this.getDefaultOptions(definitionId);
|
|
962
967
|
}
|
|
963
968
|
getDefaultOptions(definitionId) {
|
|
964
969
|
if (!this.opts.instanceOpts) return void 0;
|
|
965
|
-
const defaultOptions = this.opts.instanceOpts.find((i) => i.
|
|
970
|
+
const defaultOptions = this.opts.instanceOpts.find((i) => i.queryId === "default");
|
|
966
971
|
if (defaultOptions) {
|
|
967
972
|
const clonedOptions = {
|
|
968
973
|
...defaultOptions
|
|
969
974
|
};
|
|
970
975
|
if (definitionId !== void 0) {
|
|
971
|
-
clonedOptions.
|
|
976
|
+
clonedOptions.queryId = definitionId;
|
|
972
977
|
}
|
|
973
978
|
return clonedOptions;
|
|
974
979
|
}
|