@sphereon/ssi-sdk.siopv2-oid4vp-rp-auth 0.34.1-fix.80 → 0.34.1-next.278

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (12) hide show
  1. package/dist/index.cjs +481 -429
  2. package/dist/index.cjs.map +1 -1
  3. package/dist/index.d.cts +739 -67
  4. package/dist/index.d.ts +739 -67
  5. package/dist/index.js +472 -421
  6. package/dist/index.js.map +1 -1
  7. package/package.json +18 -18
  8. package/src/RPInstance.ts +14 -29
  9. package/src/agent/SIOPv2RP.ts +138 -66
  10. package/src/functions.ts +49 -52
  11. package/src/index.ts +1 -1
  12. package/src/types/ISIOPv2RP.ts +32 -59
package/dist/index.js CHANGED
@@ -1,363 +1,359 @@
1
1
  var __defProp = Object.defineProperty;
2
- var __getOwnPropNames = Object.getOwnPropertyNames;
3
2
  var __name = (target, value) => __defProp(target, "name", { value, configurable: true });
4
- var __commonJS = (cb, mod) => function __require() {
5
- return mod || (0, cb[__getOwnPropNames(cb)[0]])((mod = { exports: {} }).exports, mod), mod.exports;
6
- };
7
3
 
8
4
  // plugin.schema.json
9
- var require_plugin_schema = __commonJS({
10
- "plugin.schema.json"(exports, module) {
11
- module.exports = {
12
- IDidAuthSiopOpAuthenticator: {
13
- components: {
14
- schemas: {
15
- IGetSiopSessionArgs: {
16
- type: "object",
17
- properties: {
18
- sessionId: {
19
- type: "string"
20
- },
21
- additionalProperties: false
22
- },
23
- required: ["sessionId"],
24
- description: "Arguments needed for {@link DidAuthSiopOpAuthenticator.getSessionForSiop } "
5
+ var plugin_schema_default = {
6
+ IDidAuthSiopOpAuthenticator: {
7
+ components: {
8
+ schemas: {
9
+ IGetSiopSessionArgs: {
10
+ type: "object",
11
+ properties: {
12
+ sessionId: {
13
+ type: "string"
25
14
  },
26
- IRegisterSiopSessionArgs: {
15
+ additionalProperties: false
16
+ },
17
+ required: ["sessionId"],
18
+ description: "Arguments needed for {@link DidAuthSiopOpAuthenticator.getSessionForSiop } "
19
+ },
20
+ IRegisterSiopSessionArgs: {
21
+ type: "object",
22
+ properties: {
23
+ identifier: {
27
24
  type: "object",
28
25
  properties: {
29
- identifier: {
30
- type: "object",
31
- properties: {
32
- did: {
33
- type: "string"
34
- },
35
- alias: {
36
- type: "string"
37
- },
38
- provider: {
39
- type: "string"
40
- },
41
- controllerKeyId: {
42
- type: "string"
43
- },
44
- keys: {
45
- type: "array",
46
- items: {
47
- type: "object",
48
- properties: {
49
- additionalProperties: true
50
- }
51
- }
52
- },
53
- services: {
54
- type: "array",
55
- items: {
56
- type: "object",
57
- properties: {
58
- additionalProperties: true
59
- }
60
- }
61
- }
62
- },
63
- additionalProperties: false,
64
- required: ["did", "provider", "keys", "services"]
65
- },
66
- sessionId: {
26
+ did: {
67
27
  type: "string"
68
28
  },
69
- expiresIn: {
70
- type: "number"
71
- },
72
- additionalProperties: false
73
- },
74
- required: ["identifier"],
75
- description: "Arguments needed for {@link DidAuthSiopOpAuthenticator.registerSessionForSiop } "
76
- },
77
- IRemoveSiopSessionArgs: {
78
- type: "object",
79
- properties: {
80
- sessionId: {
29
+ alias: {
81
30
  type: "string"
82
31
  },
83
- additionalProperties: false
84
- },
85
- required: ["sessionId"],
86
- description: "Arguments needed for {@link DidAuthSiopOpAuthenticator.removeSessionForSiop } "
87
- },
88
- IAuthenticateWithSiopArgs: {
89
- type: "object",
90
- properties: {
91
- sessionId: {
32
+ provider: {
92
33
  type: "string"
93
34
  },
94
- stateId: {
35
+ controllerKeyId: {
95
36
  type: "string"
96
37
  },
97
- redirectUrl: {
98
- type: "string"
38
+ keys: {
39
+ type: "array",
40
+ items: {
41
+ type: "object",
42
+ properties: {
43
+ additionalProperties: true
44
+ }
45
+ }
99
46
  },
100
- additionalProperties: false
47
+ services: {
48
+ type: "array",
49
+ items: {
50
+ type: "object",
51
+ properties: {
52
+ additionalProperties: true
53
+ }
54
+ }
55
+ }
101
56
  },
102
- required: ["sessionId", "stateId", "redirectUrl"],
103
- description: "Arguments needed for {@link DidAuthSiopOpAuthenticator.authenticateWithSiop } "
57
+ additionalProperties: false,
58
+ required: ["did", "provider", "keys", "services"]
59
+ },
60
+ sessionId: {
61
+ type: "string"
104
62
  },
105
- IResponse: {
63
+ expiresIn: {
64
+ type: "number"
65
+ },
66
+ additionalProperties: false
67
+ },
68
+ required: ["identifier"],
69
+ description: "Arguments needed for {@link DidAuthSiopOpAuthenticator.registerSessionForSiop } "
70
+ },
71
+ IRemoveSiopSessionArgs: {
72
+ type: "object",
73
+ properties: {
74
+ sessionId: {
75
+ type: "string"
76
+ },
77
+ additionalProperties: false
78
+ },
79
+ required: ["sessionId"],
80
+ description: "Arguments needed for {@link DidAuthSiopOpAuthenticator.removeSessionForSiop } "
81
+ },
82
+ IAuthenticateWithSiopArgs: {
83
+ type: "object",
84
+ properties: {
85
+ sessionId: {
86
+ type: "string"
87
+ },
88
+ stateId: {
89
+ type: "string"
90
+ },
91
+ redirectUrl: {
92
+ type: "string"
93
+ },
94
+ additionalProperties: false
95
+ },
96
+ required: ["sessionId", "stateId", "redirectUrl"],
97
+ description: "Arguments needed for {@link DidAuthSiopOpAuthenticator.authenticateWithSiop } "
98
+ },
99
+ IResponse: {
100
+ type: "object",
101
+ properties: {
102
+ status: {
103
+ type: "number"
104
+ },
105
+ additionalProperties: true
106
+ },
107
+ required: ["status"],
108
+ description: "Result of {@link DidAuthSiopOpAuthenticator.authenticateWithSiop & DidAuthSiopOpAuthenticator.sendSiopAuthenticationResponse } "
109
+ },
110
+ IGetSiopAuthenticationRequestFromRpArgs: {
111
+ type: "object",
112
+ properties: {
113
+ sessionId: {
114
+ type: "string"
115
+ },
116
+ stateId: {
117
+ type: "string"
118
+ },
119
+ redirectUrl: {
120
+ type: "string"
121
+ },
122
+ additionalProperties: false
123
+ },
124
+ required: ["sessionId", "stateId", "redirectUrl"],
125
+ description: "Arguments needed for {@link DidAuthSiopOpAuthenticator.getSiopAuthenticationRequestFromRP } "
126
+ },
127
+ ParsedAuthenticationRequestURI: {
128
+ type: "object",
129
+ properties: {
130
+ jwt: {
131
+ type: "string"
132
+ },
133
+ requestPayload: {
106
134
  type: "object",
107
135
  properties: {
108
- status: {
109
- type: "number"
110
- },
111
136
  additionalProperties: true
112
- },
113
- required: ["status"],
114
- description: "Result of {@link DidAuthSiopOpAuthenticator.authenticateWithSiop & DidAuthSiopOpAuthenticator.sendSiopAuthenticationResponse } "
137
+ }
115
138
  },
116
- IGetSiopAuthenticationRequestFromRpArgs: {
139
+ registration: {
117
140
  type: "object",
118
141
  properties: {
119
- sessionId: {
120
- type: "string"
121
- },
122
- stateId: {
123
- type: "string"
124
- },
125
- redirectUrl: {
126
- type: "string"
127
- },
128
- additionalProperties: false
129
- },
130
- required: ["sessionId", "stateId", "redirectUrl"],
131
- description: "Arguments needed for {@link DidAuthSiopOpAuthenticator.getSiopAuthenticationRequestFromRP } "
142
+ additionalProperties: true
143
+ }
132
144
  },
133
- ParsedAuthenticationRequestURI: {
145
+ additionalProperties: false
146
+ },
147
+ required: ["jwt", "requestPayload", "registration"],
148
+ description: "Result of {@link DidAuthSiopOpAuthenticator.getSiopAuthenticationRequestFromRP } "
149
+ },
150
+ IGetSiopAuthenticationRequestDetailsArgs: {
151
+ type: "object",
152
+ properties: {
153
+ sessionId: {
154
+ type: "string"
155
+ },
156
+ verifiedAuthenticationRequest: {
134
157
  type: "object",
135
158
  properties: {
136
- jwt: {
137
- type: "string"
138
- },
139
- requestPayload: {
140
- type: "object",
141
- properties: {
142
- additionalProperties: true
143
- }
144
- },
145
- registration: {
146
- type: "object",
147
- properties: {
148
- additionalProperties: true
149
- }
150
- },
151
- additionalProperties: false
152
- },
153
- required: ["jwt", "requestPayload", "registration"],
154
- description: "Result of {@link DidAuthSiopOpAuthenticator.getSiopAuthenticationRequestFromRP } "
159
+ additionalProperties: true
160
+ }
155
161
  },
156
- IGetSiopAuthenticationRequestDetailsArgs: {
162
+ credentialFilter: {
157
163
  type: "object",
158
164
  properties: {
159
- sessionId: {
160
- type: "string"
161
- },
162
- verifiedAuthenticationRequest: {
163
- type: "object",
164
- properties: {
165
- additionalProperties: true
166
- }
167
- },
168
- credentialFilter: {
169
- type: "object",
170
- properties: {
171
- additionalProperties: true
172
- }
173
- },
174
- additionalProperties: false
175
- },
176
- required: ["sessionId", "verifiedAuthenticationRequest"],
177
- description: "Arguments needed for {@link DidAuthSiopOpAuthenticator.getSiopAuthenticationRequestDetails } "
165
+ additionalProperties: true
166
+ }
167
+ },
168
+ additionalProperties: false
169
+ },
170
+ required: ["sessionId", "verifiedAuthenticationRequest"],
171
+ description: "Arguments needed for {@link DidAuthSiopOpAuthenticator.getSiopAuthenticationRequestDetails } "
172
+ },
173
+ IAuthRequestDetails: {
174
+ type: "object",
175
+ properties: {
176
+ id: {
177
+ type: "string"
178
+ },
179
+ alsoKnownAs: {
180
+ type: "array",
181
+ items: {
182
+ type: "string"
183
+ }
178
184
  },
179
- IAuthRequestDetails: {
185
+ vpResponseOpts: {
180
186
  type: "object",
181
187
  properties: {
182
- id: {
183
- type: "string"
184
- },
185
- alsoKnownAs: {
186
- type: "array",
187
- items: {
188
- type: "string"
189
- }
190
- },
191
- vpResponseOpts: {
192
- type: "object",
193
- properties: {
194
- additionalProperties: true
195
- }
196
- },
197
- additionalProperties: false
198
- },
199
- required: ["id", "vpResponseOpts"],
200
- description: "Result of {@link DidAuthSiopOpAuthenticator.getSiopAuthenticationRequestDetails } "
188
+ additionalProperties: true
189
+ }
190
+ },
191
+ additionalProperties: false
192
+ },
193
+ required: ["id", "vpResponseOpts"],
194
+ description: "Result of {@link DidAuthSiopOpAuthenticator.getSiopAuthenticationRequestDetails } "
195
+ },
196
+ IVerifySiopAuthenticationRequestUriArgs: {
197
+ type: "object",
198
+ properties: {
199
+ sessionId: {
200
+ type: "string"
201
201
  },
202
- IVerifySiopAuthenticationRequestUriArgs: {
202
+ ParsedAuthenticationRequestURI: {
203
203
  type: "object",
204
204
  properties: {
205
- sessionId: {
206
- type: "string"
207
- },
208
- ParsedAuthenticationRequestURI: {
209
- type: "object",
210
- properties: {
211
- additionalProperties: true
212
- }
213
- },
214
- additionalProperties: false
215
- },
216
- required: ["sessionId", "ParsedAuthenticationRequestURI"],
217
- description: "Arguments needed for {@link DidAuthSiopOpAuthenticator.verifySiopAuthenticationRequestURI } "
205
+ additionalProperties: true
206
+ }
218
207
  },
219
- VerifiedAuthorizationRequest: {
208
+ additionalProperties: false
209
+ },
210
+ required: ["sessionId", "ParsedAuthenticationRequestURI"],
211
+ description: "Arguments needed for {@link DidAuthSiopOpAuthenticator.verifySiopAuthenticationRequestURI } "
212
+ },
213
+ VerifiedAuthorizationRequest: {
214
+ type: "object",
215
+ properties: {
216
+ payload: {
220
217
  type: "object",
221
218
  properties: {
222
- payload: {
223
- type: "object",
224
- properties: {
225
- additionalProperties: true
226
- }
227
- },
228
- presentationDefinitions: {
229
- type: "object",
230
- properties: {
231
- additionalProperties: true
232
- }
233
- },
234
- verifyOpts: {
235
- type: "object",
236
- properties: {
237
- additionalProperties: true
238
- }
239
- },
240
- additionalProperties: false
241
- },
242
- required: ["payload", "verifyOpts"],
243
- description: "Result of {@link DidAuthSiopOpAuthenticator.verifySiopAuthenticationRequestURI } "
219
+ additionalProperties: true
220
+ }
244
221
  },
245
- ISendSiopAuthenticationResponseArgs: {
222
+ presentationDefinitions: {
246
223
  type: "object",
247
224
  properties: {
248
- sessionId: {
249
- type: "string"
250
- },
251
- verifiedAuthenticationRequest: {
252
- type: "object",
253
- properties: {
254
- additionalProperties: true
255
- }
256
- },
257
- verifiablePresentationResponse: {
258
- type: "object",
259
- properties: {
260
- additionalProperties: true
261
- }
262
- },
263
- additionalProperties: false
264
- },
265
- required: ["sessionId", "verifiedAuthenticationRequest"],
266
- description: "Arguments needed for {@link DidAuthSiopOpAuthenticator.sendSiopAuthenticationResponse } "
267
- }
268
- },
269
- methods: {
270
- getSessionForSiop: {
271
- description: "Get SIOP session",
272
- arguments: {
273
- $ref: "#/components/schemas/IGetSiopSessionArgs"
274
- },
275
- returnType: "object"
276
- },
277
- registerSessionForSiop: {
278
- description: "Register SIOP session",
279
- arguments: {
280
- $ref: "#/components/schemas/IRegisterSiopSessionArgs"
281
- },
282
- returnType: "object"
283
- },
284
- removeSessionForSiop: {
285
- description: "Remove SIOP session",
286
- arguments: {
287
- $ref: "#/components/schemas/IRemoveSiopSessionArgs"
288
- },
289
- returnType: "boolean"
290
- },
291
- authenticateWithSiop: {
292
- description: "Authenticate using DID Auth SIOP",
293
- arguments: {
294
- $ref: "#/components/schemas/IAuthenticateWithSiopArgs"
295
- },
296
- returnType: {
297
- $ref: "#/components/schemas/Response"
225
+ additionalProperties: true
298
226
  }
299
227
  },
300
- getSiopAuthenticationRequestFromRP: {
301
- description: "Get authentication request from RP",
302
- arguments: {
303
- $ref: "#/components/schemas/IGetSiopAuthenticationRequestFromRpArgs"
304
- },
305
- returnType: {
306
- $ref: "#/components/schemas/ParsedAuthenticationRequestURI"
228
+ verifyOpts: {
229
+ type: "object",
230
+ properties: {
231
+ additionalProperties: true
307
232
  }
308
233
  },
309
- getSiopAuthenticationRequestDetails: {
310
- description: "Get authentication request details",
311
- arguments: {
312
- $ref: "#/components/schemas/IGetSiopAuthenticationRequestDetailsArgs"
313
- },
314
- returnType: {
315
- $ref: "#/components/schemas/IAuthRequestDetails"
316
- }
234
+ additionalProperties: false
235
+ },
236
+ required: ["payload", "verifyOpts"],
237
+ description: "Result of {@link DidAuthSiopOpAuthenticator.verifySiopAuthenticationRequestURI } "
238
+ },
239
+ ISendSiopAuthenticationResponseArgs: {
240
+ type: "object",
241
+ properties: {
242
+ sessionId: {
243
+ type: "string"
317
244
  },
318
- verifySiopAuthenticationRequestURI: {
319
- description: "Verify authentication request URI",
320
- arguments: {
321
- $ref: "#/components/schemas/IVerifySiopAuthenticationRequestUriArgs"
322
- },
323
- returnType: {
324
- $ref: "#/components/schemas/VerifiedAuthorizationRequest"
245
+ verifiedAuthenticationRequest: {
246
+ type: "object",
247
+ properties: {
248
+ additionalProperties: true
325
249
  }
326
250
  },
327
- sendSiopAuthenticationResponse: {
328
- description: "Send authentication response",
329
- arguments: {
330
- $ref: "#/components/schemas/ISendSiopAuthenticationResponseArgs"
331
- },
332
- returnType: {
333
- $ref: "#/components/schemas/IRequiredContext"
251
+ verifiablePresentationResponse: {
252
+ type: "object",
253
+ properties: {
254
+ additionalProperties: true
334
255
  }
335
- }
256
+ },
257
+ additionalProperties: false
258
+ },
259
+ required: ["sessionId", "verifiedAuthenticationRequest"],
260
+ description: "Arguments needed for {@link DidAuthSiopOpAuthenticator.sendSiopAuthenticationResponse } "
261
+ }
262
+ },
263
+ methods: {
264
+ getSessionForSiop: {
265
+ description: "Get SIOP session",
266
+ arguments: {
267
+ $ref: "#/components/schemas/IGetSiopSessionArgs"
268
+ },
269
+ returnType: "object"
270
+ },
271
+ registerSessionForSiop: {
272
+ description: "Register SIOP session",
273
+ arguments: {
274
+ $ref: "#/components/schemas/IRegisterSiopSessionArgs"
275
+ },
276
+ returnType: "object"
277
+ },
278
+ removeSessionForSiop: {
279
+ description: "Remove SIOP session",
280
+ arguments: {
281
+ $ref: "#/components/schemas/IRemoveSiopSessionArgs"
282
+ },
283
+ returnType: "boolean"
284
+ },
285
+ authenticateWithSiop: {
286
+ description: "Authenticate using DID Auth SIOP",
287
+ arguments: {
288
+ $ref: "#/components/schemas/IAuthenticateWithSiopArgs"
289
+ },
290
+ returnType: {
291
+ $ref: "#/components/schemas/Response"
292
+ }
293
+ },
294
+ getSiopAuthenticationRequestFromRP: {
295
+ description: "Get authentication request from RP",
296
+ arguments: {
297
+ $ref: "#/components/schemas/IGetSiopAuthenticationRequestFromRpArgs"
298
+ },
299
+ returnType: {
300
+ $ref: "#/components/schemas/ParsedAuthenticationRequestURI"
301
+ }
302
+ },
303
+ getSiopAuthenticationRequestDetails: {
304
+ description: "Get authentication request details",
305
+ arguments: {
306
+ $ref: "#/components/schemas/IGetSiopAuthenticationRequestDetailsArgs"
307
+ },
308
+ returnType: {
309
+ $ref: "#/components/schemas/IAuthRequestDetails"
310
+ }
311
+ },
312
+ verifySiopAuthenticationRequestURI: {
313
+ description: "Verify authentication request URI",
314
+ arguments: {
315
+ $ref: "#/components/schemas/IVerifySiopAuthenticationRequestUriArgs"
316
+ },
317
+ returnType: {
318
+ $ref: "#/components/schemas/VerifiedAuthorizationRequest"
319
+ }
320
+ },
321
+ sendSiopAuthenticationResponse: {
322
+ description: "Send authentication response",
323
+ arguments: {
324
+ $ref: "#/components/schemas/ISendSiopAuthenticationResponseArgs"
325
+ },
326
+ returnType: {
327
+ $ref: "#/components/schemas/IRequiredContext"
336
328
  }
337
329
  }
338
330
  }
339
- };
331
+ }
340
332
  }
341
- });
333
+ };
342
334
 
343
335
  // src/agent/SIOPv2RP.ts
344
336
  import { AuthorizationResponseStateStatus, decodeUriAsJson } from "@sphereon/did-auth-siop";
345
337
  import { getAgentResolver as getAgentResolver2 } from "@sphereon/ssi-sdk-ext.did-utils";
338
+ import { shaHasher as defaultHasher2 } from "@sphereon/ssi-sdk.core";
339
+ import { validate as isValidUUID2 } from "uuid";
346
340
  import { CredentialMapper as CredentialMapper2 } from "@sphereon/ssi-types";
341
+ import { DcqlQuery } from "dcql";
347
342
 
348
343
  // src/functions.ts
349
- import { InMemoryRPSessionManager, PassBy, PropertyTarget, ResponseMode, ResponseType, RevocationVerification, RP, Scope, SubjectType, SupportedVersion } from "@sphereon/did-auth-siop";
344
+ import { ClientIdentifierPrefix, InMemoryRPSessionManager, PassBy, PropertyTarget, ResponseMode, ResponseType, RevocationVerification, RP, Scope, SubjectType, SupportedVersion } from "@sphereon/did-auth-siop";
350
345
  import { SigningAlgo } from "@sphereon/oid4vc-common";
351
346
  import { getAgentDIDMethods, getAgentResolver } from "@sphereon/ssi-sdk-ext.did-utils";
352
347
  import { isExternalIdentifierOIDFEntityIdOpts, isManagedIdentifierDidOpts, isManagedIdentifierDidResult, isManagedIdentifierX5cOpts } from "@sphereon/ssi-sdk-ext.identifier-resolution";
353
348
  import { CredentialMapper } from "@sphereon/ssi-types";
354
349
  import { EventEmitter } from "events";
350
+ import { validate as isValidUUID } from "uuid";
355
351
  import { defaultHasher } from "@sphereon/ssi-sdk.core";
356
352
  function getRequestVersion(rpOptions) {
357
353
  if (Array.isArray(rpOptions.supportedVersions) && rpOptions.supportedVersions.length > 0) {
358
354
  return rpOptions.supportedVersions[0];
359
355
  }
360
- return SupportedVersion.JWT_VC_PRESENTATION_PROFILE_v1;
356
+ return SupportedVersion.OID4VP_v1;
361
357
  }
362
358
  __name(getRequestVersion, "getRequestVersion");
363
359
  function getWellKnownDIDVerifyCallback(siopIdentifierOpts, context) {
@@ -372,12 +368,40 @@ function getWellKnownDIDVerifyCallback(siopIdentifierOpts, context) {
372
368
  };
373
369
  }
374
370
  __name(getWellKnownDIDVerifyCallback, "getWellKnownDIDVerifyCallback");
371
+ function getDcqlQueryLookupCallback(context) {
372
+ async function dcqlQueryLookup(queryId, version, tenantId) {
373
+ const result = await context.agent.pdmGetDefinitions({
374
+ filter: [
375
+ {
376
+ queryId,
377
+ ...tenantId && {
378
+ tenantId
379
+ },
380
+ ...version && {
381
+ version
382
+ }
383
+ },
384
+ ...isValidUUID(queryId) ? [
385
+ {
386
+ id: queryId
387
+ }
388
+ ] : []
389
+ ]
390
+ });
391
+ if (result && result.length > 0) {
392
+ return result[0].query;
393
+ }
394
+ return Promise.reject(Error(`No dcql query found for queryId ${queryId}`));
395
+ }
396
+ __name(dcqlQueryLookup, "dcqlQueryLookup");
397
+ return dcqlQueryLookup;
398
+ }
399
+ __name(getDcqlQueryLookupCallback, "getDcqlQueryLookupCallback");
375
400
  function getPresentationVerificationCallback(idOpts, context) {
376
401
  async function presentationVerificationCallback(args, presentationSubmission) {
377
402
  if (CredentialMapper.isSdJwtEncoded(args)) {
378
403
  const result2 = await context.agent.verifySdJwtPresentation({
379
- presentation: args,
380
- kb: true
404
+ presentation: args
381
405
  });
382
406
  return {
383
407
  verified: !!result2.payload
@@ -412,28 +436,8 @@ function getPresentationVerificationCallback(idOpts, context) {
412
436
  }
413
437
  __name(getPresentationVerificationCallback, "getPresentationVerificationCallback");
414
438
  async function createRPBuilder(args) {
415
- const { rpOpts, pexOpts, context } = args;
439
+ const { rpOpts, context } = args;
416
440
  const { identifierOpts } = rpOpts;
417
- let definition = args.definition;
418
- let dcqlQuery = args.dcql;
419
- if (!definition && pexOpts && pexOpts.definitionId) {
420
- const presentationDefinitionItems = await context.agent.pdmGetDefinitions({
421
- filter: [
422
- {
423
- definitionId: pexOpts.definitionId,
424
- version: pexOpts.version,
425
- tenantId: pexOpts.tenantId
426
- }
427
- ]
428
- });
429
- if (presentationDefinitionItems.length > 0) {
430
- const presentationDefinitionItem = presentationDefinitionItems[0];
431
- definition = presentationDefinitionItem.definitionPayload;
432
- if (!dcqlQuery && presentationDefinitionItem.dcqlPayload) {
433
- dcqlQuery = presentationDefinitionItem.dcqlPayload;
434
- }
435
- }
436
- }
437
441
  const didMethods = identifierOpts.supportedDIDMethods ?? await getAgentDIDMethods(context);
438
442
  const eventEmitter = rpOpts.eventEmitter ?? new EventEmitter();
439
443
  const defaultClientMetadata = {
@@ -488,34 +492,27 @@ async function createRPBuilder(args) {
488
492
  const builder = RP.builder({
489
493
  requestVersion: getRequestVersion(rpOpts)
490
494
  }).withScope("openid", PropertyTarget.REQUEST_OBJECT).withResponseMode(rpOpts.responseMode ?? ResponseMode.POST).withResponseType(ResponseType.VP_TOKEN, PropertyTarget.REQUEST_OBJECT).withSupportedVersions(rpOpts.supportedVersions ?? [
491
- SupportedVersion.JWT_VC_PRESENTATION_PROFILE_v1,
492
- SupportedVersion.SIOPv2_ID1,
493
- SupportedVersion.SIOPv2_D11
495
+ SupportedVersion.OID4VP_v1,
496
+ SupportedVersion.SIOPv2_OID4VP_D28
494
497
  ]).withEventEmitter(eventEmitter).withSessionManager(rpOpts.sessionManager ?? new InMemoryRPSessionManager(eventEmitter)).withClientMetadata(rpOpts.clientMetadataOpts ?? defaultClientMetadata, PropertyTarget.REQUEST_OBJECT).withVerifyJwtCallback(rpOpts.verifyJwtCallback ? rpOpts.verifyJwtCallback : getVerifyJwtCallback({
495
498
  resolver,
496
499
  verifyOpts: {
497
500
  wellknownDIDVerifyCallback: getWellKnownDIDVerifyCallback(rpOpts.identifierOpts, context),
498
501
  checkLinkedDomain: "if_present"
499
502
  }
500
- }, context)).withRevocationVerification(RevocationVerification.NEVER).withPresentationVerification(getPresentationVerificationCallback(identifierOpts.idOpts, context));
503
+ }, context)).withDcqlQueryLookup(getDcqlQueryLookupCallback(context)).withRevocationVerification(RevocationVerification.NEVER).withPresentationVerification(getPresentationVerificationCallback(identifierOpts.idOpts, context));
501
504
  const oidfOpts = identifierOpts.oidfOpts;
502
505
  if (oidfOpts && isExternalIdentifierOIDFEntityIdOpts(oidfOpts)) {
503
- builder.withEntityId(oidfOpts.identifier, PropertyTarget.REQUEST_OBJECT).withClientIdScheme("entity_id", PropertyTarget.REQUEST_OBJECT);
506
+ builder.withEntityId(oidfOpts.identifier, PropertyTarget.REQUEST_OBJECT);
504
507
  } else {
505
508
  const resolution = await context.agent.identifierManagedGet(identifierOpts.idOpts);
506
- builder.withClientId(resolution.issuer ?? (isManagedIdentifierDidResult(resolution) ? resolution.did : resolution.jwkThumbprint), PropertyTarget.REQUEST_OBJECT).withClientIdScheme(resolution.clientIdScheme ?? identifierOpts.idOpts.clientIdScheme, PropertyTarget.REQUEST_OBJECT);
509
+ const clientId = rpOpts.clientMetadataOpts?.client_id ?? resolution.issuer ?? (isManagedIdentifierDidResult(resolution) ? resolution.did : resolution.jwkThumbprint);
510
+ const clientIdPrefixed = prefixClientId(clientId);
511
+ builder.withClientId(clientIdPrefixed, PropertyTarget.REQUEST_OBJECT);
507
512
  }
508
513
  if (hasher) {
509
514
  builder.withHasher(hasher);
510
515
  }
511
- if (definition) {
512
- builder.withPresentationDefinition({
513
- definition
514
- }, PropertyTarget.REQUEST_OBJECT);
515
- }
516
- if (dcqlQuery) {
517
- builder.withDcqlQuery(dcqlQuery);
518
- }
519
516
  if (rpOpts.responseRedirectUri) {
520
517
  builder.withResponseRedirectUri(rpOpts.responseRedirectUri);
521
518
  }
@@ -572,6 +569,13 @@ function getSigningAlgo(type) {
572
569
  }
573
570
  }
574
571
  __name(getSigningAlgo, "getSigningAlgo");
572
+ function prefixClientId(clientId) {
573
+ if (clientId.startsWith("did:")) {
574
+ return `${ClientIdentifierPrefix.DECENTRALIZED_IDENTIFIER}:${clientId}`;
575
+ }
576
+ return clientId;
577
+ }
578
+ __name(prefixClientId, "prefixClientId");
575
579
 
576
580
  // src/RPInstance.ts
577
581
  import { v4 as uuidv4 } from "uuid";
@@ -581,17 +585,16 @@ var RPInstance = class {
581
585
  __name(this, "RPInstance");
582
586
  }
583
587
  _rp;
584
- _pexOptions;
588
+ _presentationOptions;
585
589
  _rpOptions;
586
590
  constructor({ rpOpts, pexOpts }) {
587
591
  this._rpOptions = rpOpts;
588
- this._pexOptions = pexOpts;
592
+ this._presentationOptions = pexOpts;
589
593
  }
590
594
  async get(context) {
591
595
  if (!this._rp) {
592
596
  const builder = await createRPBuilder({
593
597
  rpOpts: this._rpOptions,
594
- pexOpts: this._pexOptions,
595
598
  context
596
599
  });
597
600
  this._rp = builder.build();
@@ -601,23 +604,11 @@ var RPInstance = class {
601
604
  get rpOptions() {
602
605
  return this._rpOptions;
603
606
  }
604
- get pexOptions() {
605
- return this._pexOptions;
606
- }
607
- hasDefinition() {
608
- return this.definitionId !== void 0;
609
- }
610
- get definitionId() {
611
- return this.pexOptions?.definitionId;
612
- }
613
- async getPresentationDefinition(context) {
614
- return this.definitionId ? await context.agent.pexStoreGetDefinition({
615
- definitionId: this.definitionId,
616
- tenantId: this.pexOptions?.tenantId
617
- }) : void 0;
607
+ get presentationOptions() {
608
+ return this._presentationOptions;
618
609
  }
619
610
  async createAuthorizationRequestURI(createArgs, context) {
620
- const { correlationId, claims, requestByReferenceURI, responseURI, responseURIType } = createArgs;
611
+ const { correlationId, queryId, claims, requestByReferenceURI, responseURI, responseURIType, callback, responseRedirectURI } = createArgs;
621
612
  const nonce = createArgs.nonce ?? uuidv4();
622
613
  const state = createArgs.state ?? correlationId;
623
614
  let jwtIssuer;
@@ -645,17 +636,20 @@ var RPInstance = class {
645
636
  return await this.get(context).then((rp) => rp.createAuthorizationRequestURI({
646
637
  version: getRequestVersion(this.rpOptions),
647
638
  correlationId,
639
+ queryId,
648
640
  nonce,
649
641
  state,
650
642
  claims,
651
643
  requestByReferenceURI,
652
644
  responseURI,
653
645
  responseURIType,
654
- jwtIssuer
646
+ jwtIssuer,
647
+ callback,
648
+ responseRedirectURI
655
649
  }));
656
650
  }
657
651
  async createAuthorizationRequest(createArgs, context) {
658
- const { correlationId, claims, requestByReferenceURI, responseURI, responseURIType } = createArgs;
652
+ const { correlationId, claims, requestByReferenceURI, responseURI, responseURIType, responseRedirectURI } = createArgs;
659
653
  const nonce = createArgs.nonce ?? uuidv4();
660
654
  const state = createArgs.state ?? correlationId;
661
655
  const idOpts = this.rpOptions.identifierOpts.idOpts;
@@ -686,13 +680,13 @@ var RPInstance = class {
686
680
  requestByReferenceURI,
687
681
  responseURIType,
688
682
  responseURI,
689
- jwtIssuer
683
+ jwtIssuer,
684
+ responseRedirectURI
690
685
  }));
691
686
  }
692
687
  };
693
688
 
694
689
  // src/agent/SIOPv2RP.ts
695
- import { shaHasher as defaultHasher2 } from "@sphereon/ssi-sdk.core";
696
690
  var SIOPv2RP = class _SIOPv2RP {
697
691
  static {
698
692
  __name(this, "SIOPv2RP");
@@ -700,7 +694,7 @@ var SIOPv2RP = class _SIOPv2RP {
700
694
  opts;
701
695
  static _DEFAULT_OPTS_KEY = "_default";
702
696
  instances = /* @__PURE__ */ new Map();
703
- schema = schema.IDidAuthSiopOpAuthenticator;
697
+ schema = plugin_schema_default.IDidAuthSiopOpAuthenticator;
704
698
  methods = {
705
699
  siopCreateAuthRequestURI: this.createAuthorizationRequestURI.bind(this),
706
700
  siopCreateAuthRequestPayloads: this.createAuthorizationRequestPayloads.bind(this),
@@ -730,53 +724,72 @@ var SIOPv2RP = class _SIOPv2RP {
730
724
  }
731
725
  async createAuthorizationRequestURI(createArgs, context) {
732
726
  return await this.getRPInstance({
733
- definitionId: createArgs.definitionId,
734
- responseRedirectURI: createArgs.responseRedirectURI
727
+ createWhenNotPresent: true,
728
+ responseRedirectURI: createArgs.responseRedirectURI,
729
+ ...createArgs.useQueryIdInstance === true && {
730
+ queryId: createArgs.queryId
731
+ }
735
732
  }, context).then((rp) => rp.createAuthorizationRequestURI(createArgs, context)).then((URI) => URI.encodedUri);
736
733
  }
737
734
  async createAuthorizationRequestPayloads(createArgs, context) {
738
735
  return await this.getRPInstance({
739
- definitionId: createArgs.definitionId
736
+ createWhenNotPresent: true,
737
+ queryId: createArgs.queryId
740
738
  }, context).then((rp) => rp.createAuthorizationRequest(createArgs, context)).then(async (request) => {
741
739
  const authRequest = {
742
740
  authorizationRequest: request.payload,
743
741
  requestObject: await request.requestObjectJwt(),
744
- requestObjectDecoded: await request.requestObject?.getPayload()
742
+ requestObjectDecoded: request.requestObject?.getPayload()
745
743
  };
746
744
  return authRequest;
747
745
  });
748
746
  }
749
747
  async siopGetRequestState(args, context) {
750
748
  return await this.getRPInstance({
751
- definitionId: args.definitionId
749
+ createWhenNotPresent: false,
750
+ queryId: args.queryId
752
751
  }, context).then((rp) => rp.get(context).then((rp2) => rp2.sessionManager.getRequestStateByCorrelationId(args.correlationId, args.errorOnNotFound)));
753
752
  }
754
753
  async siopGetResponseState(args, context) {
755
754
  const rpInstance = await this.getRPInstance({
756
- definitionId: args.definitionId
755
+ createWhenNotPresent: false,
756
+ queryId: args.queryId
757
757
  }, context);
758
758
  const authorizationResponseState = await rpInstance.get(context).then((rp) => rp.sessionManager.getResponseStateByCorrelationId(args.correlationId, args.errorOnNotFound));
759
759
  if (authorizationResponseState === void 0) {
760
760
  return void 0;
761
761
  }
762
762
  const responseState = authorizationResponseState;
763
- if (responseState.status === AuthorizationResponseStateStatus.VERIFIED && args.includeVerifiedData && args.includeVerifiedData !== VerifiedDataMode.NONE) {
763
+ if (responseState.status === AuthorizationResponseStateStatus.VERIFIED) {
764
764
  let hasher;
765
765
  if (CredentialMapper2.isSdJwtEncoded(responseState.response.payload.vp_token) && (!rpInstance.rpOptions.credentialOpts?.hasher || typeof rpInstance.rpOptions.credentialOpts?.hasher !== "function")) {
766
766
  hasher = defaultHasher2;
767
767
  }
768
- const presentationDecoded = CredentialMapper2.decodeVerifiablePresentation(
769
- responseState.response.payload.vp_token,
770
- //todo: later we want to conditionally pass in options for mdl-mdoc here
771
- hasher
772
- );
773
- switch (args.includeVerifiedData) {
774
- case VerifiedDataMode.VERIFIED_PRESENTATION:
775
- responseState.response.payload.verifiedData = this.presentationOrClaimsFrom(presentationDecoded);
776
- break;
777
- case VerifiedDataMode.CREDENTIAL_SUBJECT_FLATTENED:
778
- const allClaims = {};
779
- for (const credential of this.presentationOrClaimsFrom(presentationDecoded).verifiableCredential || []) {
768
+ const vpToken = responseState.response.payload.vp_token && JSON.parse(responseState.response.payload.vp_token);
769
+ const claims = [];
770
+ for (const [credentialQueryId, presentationValue] of Object.entries(vpToken)) {
771
+ let singleVP;
772
+ if (Array.isArray(presentationValue)) {
773
+ if (presentationValue.length === 0) {
774
+ throw Error(`DCQL query '${credentialQueryId}' has empty array of presentations`);
775
+ }
776
+ if (presentationValue.length > 1) {
777
+ throw Error(`DCQL query '${credentialQueryId}' has multiple presentations (${presentationValue.length}), but only one is supported atm`);
778
+ }
779
+ singleVP = presentationValue[0];
780
+ } else {
781
+ singleVP = presentationValue;
782
+ }
783
+ const presentationDecoded = CredentialMapper2.decodeVerifiablePresentation(
784
+ singleVP,
785
+ //todo: later we want to conditionally pass in options for mdl-mdoc here
786
+ hasher
787
+ );
788
+ console.log(`presentationDecoded: ${JSON.stringify(presentationDecoded)}`);
789
+ const allClaims = {};
790
+ const presentationOrClaims = this.presentationOrClaimsFrom(presentationDecoded);
791
+ if ("verifiableCredential" in presentationOrClaims) {
792
+ for (const credential of presentationOrClaims.verifiableCredential) {
780
793
  const vc = credential;
781
794
  const schemaValidationResult = await context.agent.cvVerifySchema({
782
795
  credential,
@@ -797,20 +810,43 @@ var SIOPv2RP = class _SIOPv2RP {
797
810
  allClaims[key] = value;
798
811
  }
799
812
  });
813
+ claims.push({
814
+ id: credentialQueryId,
815
+ type: vc.type[0],
816
+ claims: allClaims
817
+ });
800
818
  }
801
- responseState.verifiedData = allClaims;
802
- break;
819
+ } else {
820
+ claims.push({
821
+ id: credentialQueryId,
822
+ type: presentationDecoded.decodedPayload.vct,
823
+ claims: presentationOrClaims
824
+ });
825
+ }
803
826
  }
827
+ responseState.verifiedData = {
828
+ ...responseState.response.payload.vp_token && {
829
+ authorization_response: {
830
+ vp_token: typeof responseState.response.payload.vp_token === "string" ? JSON.parse(responseState.response.payload.vp_token) : responseState.response.payload.vp_token
831
+ }
832
+ },
833
+ ...claims.length > 0 && {
834
+ credential_claims: claims
835
+ }
836
+ };
804
837
  }
805
838
  return responseState;
806
839
  }
807
- presentationOrClaimsFrom = /* @__PURE__ */ __name((presentationDecoded) => CredentialMapper2.isSdJwtDecodedCredential(presentationDecoded) ? presentationDecoded.decodedPayload : CredentialMapper2.toUniformPresentation(presentationDecoded), "presentationOrClaimsFrom");
840
+ presentationOrClaimsFrom = /* @__PURE__ */ __name((presentationDecoded) => {
841
+ return CredentialMapper2.isSdJwtDecodedCredential(presentationDecoded) ? presentationDecoded.decodedPayload : CredentialMapper2.toUniformPresentation(presentationDecoded);
842
+ }, "presentationOrClaimsFrom");
808
843
  async siopUpdateRequestState(args, context) {
809
- if (args.state !== "sent") {
810
- throw Error(`Only 'sent' status is supported for this method at this point`);
844
+ if (args.state !== "authorization_request_created") {
845
+ throw Error(`Only 'authorization_request_created' status is supported for this method at this point`);
811
846
  }
812
847
  return await this.getRPInstance({
813
- definitionId: args.definitionId
848
+ createWhenNotPresent: false,
849
+ queryId: args.queryId
814
850
  }, context).then((rp) => rp.get(context).then(async (rp2) => {
815
851
  await rp2.signalAuthRequestRetrieved({
816
852
  correlationId: args.correlationId,
@@ -821,7 +857,8 @@ var SIOPv2RP = class _SIOPv2RP {
821
857
  }
822
858
  async siopDeleteState(args, context) {
823
859
  return await this.getRPInstance({
824
- definitionId: args.definitionId
860
+ createWhenNotPresent: false,
861
+ queryId: args.queryId
825
862
  }, context).then((rp) => rp.get(context).then((rp2) => rp2.sessionManager.deleteStateForCorrelationId(args.correlationId))).then(() => true);
826
863
  }
827
864
  async siopVerifyAuthResponse(args, context) {
@@ -830,29 +867,27 @@ var SIOPv2RP = class _SIOPv2RP {
830
867
  }
831
868
  const authResponse = typeof args.authorizationResponse === "string" ? decodeUriAsJson(args.authorizationResponse) : args.authorizationResponse;
832
869
  return await this.getRPInstance({
833
- definitionId: args.definitionId
870
+ createWhenNotPresent: false,
871
+ queryId: args.queryId
834
872
  }, context).then((rp) => rp.get(context).then((rp2) => rp2.verifyAuthorizationResponse(authResponse, {
835
873
  correlationId: args.correlationId,
836
- ...args.dcqlQuery ? {
874
+ ...args.dcqlQuery && {
837
875
  dcqlQuery: args.dcqlQuery
838
- } : {},
876
+ },
839
877
  audience: args.audience
840
878
  })));
841
879
  }
842
880
  async siopImportDefinitions(args, context) {
843
- const { definitions, tenantId, version, versionControlMode } = args;
844
- await Promise.all(definitions.map(async (definitionPair) => {
845
- const definitionPayload = definitionPair.definitionPayload;
846
- await context.agent.pexValidateDefinition({
847
- definition: definitionPayload
848
- });
849
- console.log(`persisting definition ${definitionPayload.id} / ${definitionPayload.name} with versionControlMode ${versionControlMode}`);
881
+ const { importItems, tenantId, version, versionControlMode } = args;
882
+ await Promise.all(importItems.map(async (importItem) => {
883
+ DcqlQuery.validate(importItem.query);
884
+ console.log(`persisting DCQL definition ${importItem.queryId} with versionControlMode ${versionControlMode}`);
850
885
  return context.agent.pdmPersistDefinition({
851
886
  definitionItem: {
887
+ queryId: importItem.queryId,
852
888
  tenantId,
853
889
  version,
854
- definitionPayload,
855
- dcqlPayload: definitionPair.dcqlPayload
890
+ query: importItem.query
856
891
  },
857
892
  opts: {
858
893
  versionControlMode
@@ -861,12 +896,12 @@ var SIOPv2RP = class _SIOPv2RP {
861
896
  }));
862
897
  }
863
898
  async siopGetRedirectURI(args, context) {
864
- const instanceId = args.definitionId ?? _SIOPv2RP._DEFAULT_OPTS_KEY;
899
+ const instanceId = args.queryId ?? _SIOPv2RP._DEFAULT_OPTS_KEY;
865
900
  if (this.instances.has(instanceId)) {
866
901
  const rpInstance = this.instances.get(instanceId);
867
902
  if (rpInstance !== void 0) {
868
903
  const rp = await rpInstance.get(context);
869
- return rp.getResponseRedirectUri({
904
+ return await rp.getResponseRedirectUri({
870
905
  correlation_id: args.correlationId,
871
906
  correlationId: args.correlationId,
872
907
  ...args.state && {
@@ -877,12 +912,40 @@ var SIOPv2RP = class _SIOPv2RP {
877
912
  }
878
913
  return void 0;
879
914
  }
880
- async getRPInstance({ definitionId, responseRedirectURI }, context) {
881
- const instanceId = definitionId ?? _SIOPv2RP._DEFAULT_OPTS_KEY;
882
- if (!this.instances.has(instanceId)) {
883
- const instanceOpts = this.getInstanceOpts(definitionId);
915
+ async getRPInstance({ createWhenNotPresent, queryId, responseRedirectURI }, context) {
916
+ let rpInstanceId = _SIOPv2RP._DEFAULT_OPTS_KEY;
917
+ let rpInstance;
918
+ if (queryId) {
919
+ if (this.instances.has(queryId)) {
920
+ rpInstanceId = queryId;
921
+ rpInstance = this.instances.get(rpInstanceId);
922
+ } else if (isValidUUID2(queryId)) {
923
+ try {
924
+ const pd = await context.agent.pdmGetDefinition({
925
+ itemId: queryId
926
+ });
927
+ if (this.instances.has(pd.queryId)) {
928
+ rpInstanceId = pd.queryId;
929
+ rpInstance = this.instances.get(rpInstanceId);
930
+ }
931
+ } catch (ignore) {
932
+ }
933
+ }
934
+ if (createWhenNotPresent) {
935
+ rpInstanceId = queryId;
936
+ } else {
937
+ rpInstance = this.instances.get(rpInstanceId);
938
+ }
939
+ } else {
940
+ rpInstance = this.instances.get(rpInstanceId);
941
+ }
942
+ if (!rpInstance) {
943
+ if (!createWhenNotPresent) {
944
+ return Promise.reject(`No RP instance found for key ${rpInstanceId}`);
945
+ }
946
+ const instanceOpts = this.getInstanceOpts(queryId);
884
947
  const rpOpts = await this.getRPOptions(context, {
885
- definitionId,
948
+ queryId,
886
949
  responseRedirectURI
887
950
  });
888
951
  if (!rpOpts.identifierOpts.resolveOpts?.resolver || typeof rpOpts.identifierOpts.resolveOpts.resolver.resolve !== "function") {
@@ -894,29 +957,29 @@ var SIOPv2RP = class _SIOPv2RP {
894
957
  ...rpOpts.identifierOpts.resolveOpts
895
958
  };
896
959
  }
897
- console.log("Using agent DID resolver for RP instance with definition id " + definitionId);
960
+ console.log("Using agent DID resolver for RP instance with definition id " + queryId);
898
961
  rpOpts.identifierOpts.resolveOpts.resolver = getAgentResolver2(context, {
899
962
  uniresolverResolution: true,
900
963
  localResolution: true,
901
964
  resolverResolution: true
902
965
  });
903
966
  }
904
- this.instances.set(instanceId, new RPInstance({
967
+ rpInstance = new RPInstance({
905
968
  rpOpts,
906
969
  pexOpts: instanceOpts
907
- }));
970
+ });
971
+ this.instances.set(rpInstanceId, rpInstance);
908
972
  }
909
- const rpInstance = this.instances.get(instanceId);
910
973
  if (responseRedirectURI) {
911
974
  rpInstance.rpOptions.responseRedirectUri = responseRedirectURI;
912
975
  }
913
976
  return rpInstance;
914
977
  }
915
978
  async getRPOptions(context, opts) {
916
- const { definitionId, responseRedirectURI } = opts;
917
- const options = this.getInstanceOpts(definitionId)?.rpOpts ?? this.opts.defaultOpts;
979
+ const { queryId, responseRedirectURI } = opts;
980
+ const options = this.getInstanceOpts(queryId)?.rpOpts ?? this.opts.defaultOpts;
918
981
  if (!options) {
919
- throw Error(`Could not get specific nor default options for definition ${definitionId}`);
982
+ throw Error(`Could not get specific nor default options for definition ${queryId}`);
920
983
  }
921
984
  if (this.opts.defaultOpts) {
922
985
  if (!options.identifierOpts) {
@@ -948,40 +1011,28 @@ var SIOPv2RP = class _SIOPv2RP {
948
1011
  }
949
1012
  return options;
950
1013
  }
951
- getInstanceOpts(definitionId) {
1014
+ getInstanceOpts(queryId) {
952
1015
  if (!this.opts.instanceOpts) return void 0;
953
- const instanceOpt = definitionId ? this.opts.instanceOpts.find((i) => i.definitionId === definitionId) : void 0;
954
- return instanceOpt ?? this.getDefaultOptions(definitionId);
1016
+ const instanceOpt = queryId ? this.opts.instanceOpts.find((i) => i.queryId === queryId) : void 0;
1017
+ return instanceOpt ?? this.getDefaultOptions(queryId);
955
1018
  }
956
- getDefaultOptions(definitionId) {
1019
+ getDefaultOptions(queryId) {
957
1020
  if (!this.opts.instanceOpts) return void 0;
958
- const defaultOptions = this.opts.instanceOpts.find((i) => i.definitionId === "default");
1021
+ const defaultOptions = this.opts.instanceOpts.find((i) => i.queryId === "default");
959
1022
  if (defaultOptions) {
960
1023
  const clonedOptions = {
961
1024
  ...defaultOptions
962
1025
  };
963
- if (definitionId !== void 0) {
964
- clonedOptions.definitionId = definitionId;
1026
+ if (queryId !== void 0) {
1027
+ clonedOptions.queryId = queryId;
965
1028
  }
966
1029
  return clonedOptions;
967
1030
  }
968
1031
  return void 0;
969
1032
  }
970
1033
  };
971
-
972
- // src/types/ISIOPv2RP.ts
973
- var VerifiedDataMode = /* @__PURE__ */ function(VerifiedDataMode2) {
974
- VerifiedDataMode2["NONE"] = "none";
975
- VerifiedDataMode2["VERIFIED_PRESENTATION"] = "vp";
976
- VerifiedDataMode2["CREDENTIAL_SUBJECT_FLATTENED"] = "cs-flat";
977
- return VerifiedDataMode2;
978
- }({});
979
-
980
- // src/index.ts
981
- var schema = require_plugin_schema();
982
1034
  export {
983
1035
  SIOPv2RP,
984
- VerifiedDataMode,
985
- schema
1036
+ plugin_schema_default as schema
986
1037
  };
987
1038
  //# sourceMappingURL=index.js.map