@sphereon/ssi-sdk.siopv2-oid4vp-rp-auth 0.34.1-next.3 → 0.34.1-next.322

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (12) hide show
  1. package/dist/index.cjs +481 -432
  2. package/dist/index.cjs.map +1 -1
  3. package/dist/index.d.cts +739 -69
  4. package/dist/index.d.ts +739 -69
  5. package/dist/index.js +472 -424
  6. package/dist/index.js.map +1 -1
  7. package/package.json +19 -19
  8. package/src/RPInstance.ts +14 -29
  9. package/src/agent/SIOPv2RP.ts +138 -67
  10. package/src/functions.ts +49 -52
  11. package/src/index.ts +1 -1
  12. package/src/types/ISIOPv2RP.ts +32 -62
package/dist/index.js CHANGED
@@ -1,363 +1,359 @@
1
1
  var __defProp = Object.defineProperty;
2
- var __getOwnPropNames = Object.getOwnPropertyNames;
3
2
  var __name = (target, value) => __defProp(target, "name", { value, configurable: true });
4
- var __commonJS = (cb, mod) => function __require() {
5
- return mod || (0, cb[__getOwnPropNames(cb)[0]])((mod = { exports: {} }).exports, mod), mod.exports;
6
- };
7
3
 
8
4
  // plugin.schema.json
9
- var require_plugin_schema = __commonJS({
10
- "plugin.schema.json"(exports, module) {
11
- module.exports = {
12
- IDidAuthSiopOpAuthenticator: {
13
- components: {
14
- schemas: {
15
- IGetSiopSessionArgs: {
16
- type: "object",
17
- properties: {
18
- sessionId: {
19
- type: "string"
20
- },
21
- additionalProperties: false
22
- },
23
- required: ["sessionId"],
24
- description: "Arguments needed for {@link DidAuthSiopOpAuthenticator.getSessionForSiop } "
5
+ var plugin_schema_default = {
6
+ IDidAuthSiopOpAuthenticator: {
7
+ components: {
8
+ schemas: {
9
+ IGetSiopSessionArgs: {
10
+ type: "object",
11
+ properties: {
12
+ sessionId: {
13
+ type: "string"
25
14
  },
26
- IRegisterSiopSessionArgs: {
15
+ additionalProperties: false
16
+ },
17
+ required: ["sessionId"],
18
+ description: "Arguments needed for {@link DidAuthSiopOpAuthenticator.getSessionForSiop } "
19
+ },
20
+ IRegisterSiopSessionArgs: {
21
+ type: "object",
22
+ properties: {
23
+ identifier: {
27
24
  type: "object",
28
25
  properties: {
29
- identifier: {
30
- type: "object",
31
- properties: {
32
- did: {
33
- type: "string"
34
- },
35
- alias: {
36
- type: "string"
37
- },
38
- provider: {
39
- type: "string"
40
- },
41
- controllerKeyId: {
42
- type: "string"
43
- },
44
- keys: {
45
- type: "array",
46
- items: {
47
- type: "object",
48
- properties: {
49
- additionalProperties: true
50
- }
51
- }
52
- },
53
- services: {
54
- type: "array",
55
- items: {
56
- type: "object",
57
- properties: {
58
- additionalProperties: true
59
- }
60
- }
61
- }
62
- },
63
- additionalProperties: false,
64
- required: ["did", "provider", "keys", "services"]
65
- },
66
- sessionId: {
26
+ did: {
67
27
  type: "string"
68
28
  },
69
- expiresIn: {
70
- type: "number"
71
- },
72
- additionalProperties: false
73
- },
74
- required: ["identifier"],
75
- description: "Arguments needed for {@link DidAuthSiopOpAuthenticator.registerSessionForSiop } "
76
- },
77
- IRemoveSiopSessionArgs: {
78
- type: "object",
79
- properties: {
80
- sessionId: {
29
+ alias: {
81
30
  type: "string"
82
31
  },
83
- additionalProperties: false
84
- },
85
- required: ["sessionId"],
86
- description: "Arguments needed for {@link DidAuthSiopOpAuthenticator.removeSessionForSiop } "
87
- },
88
- IAuthenticateWithSiopArgs: {
89
- type: "object",
90
- properties: {
91
- sessionId: {
32
+ provider: {
92
33
  type: "string"
93
34
  },
94
- stateId: {
35
+ controllerKeyId: {
95
36
  type: "string"
96
37
  },
97
- redirectUrl: {
98
- type: "string"
38
+ keys: {
39
+ type: "array",
40
+ items: {
41
+ type: "object",
42
+ properties: {
43
+ additionalProperties: true
44
+ }
45
+ }
99
46
  },
100
- additionalProperties: false
47
+ services: {
48
+ type: "array",
49
+ items: {
50
+ type: "object",
51
+ properties: {
52
+ additionalProperties: true
53
+ }
54
+ }
55
+ }
101
56
  },
102
- required: ["sessionId", "stateId", "redirectUrl"],
103
- description: "Arguments needed for {@link DidAuthSiopOpAuthenticator.authenticateWithSiop } "
57
+ additionalProperties: false,
58
+ required: ["did", "provider", "keys", "services"]
59
+ },
60
+ sessionId: {
61
+ type: "string"
104
62
  },
105
- IResponse: {
63
+ expiresIn: {
64
+ type: "number"
65
+ },
66
+ additionalProperties: false
67
+ },
68
+ required: ["identifier"],
69
+ description: "Arguments needed for {@link DidAuthSiopOpAuthenticator.registerSessionForSiop } "
70
+ },
71
+ IRemoveSiopSessionArgs: {
72
+ type: "object",
73
+ properties: {
74
+ sessionId: {
75
+ type: "string"
76
+ },
77
+ additionalProperties: false
78
+ },
79
+ required: ["sessionId"],
80
+ description: "Arguments needed for {@link DidAuthSiopOpAuthenticator.removeSessionForSiop } "
81
+ },
82
+ IAuthenticateWithSiopArgs: {
83
+ type: "object",
84
+ properties: {
85
+ sessionId: {
86
+ type: "string"
87
+ },
88
+ stateId: {
89
+ type: "string"
90
+ },
91
+ redirectUrl: {
92
+ type: "string"
93
+ },
94
+ additionalProperties: false
95
+ },
96
+ required: ["sessionId", "stateId", "redirectUrl"],
97
+ description: "Arguments needed for {@link DidAuthSiopOpAuthenticator.authenticateWithSiop } "
98
+ },
99
+ IResponse: {
100
+ type: "object",
101
+ properties: {
102
+ status: {
103
+ type: "number"
104
+ },
105
+ additionalProperties: true
106
+ },
107
+ required: ["status"],
108
+ description: "Result of {@link DidAuthSiopOpAuthenticator.authenticateWithSiop & DidAuthSiopOpAuthenticator.sendSiopAuthenticationResponse } "
109
+ },
110
+ IGetSiopAuthenticationRequestFromRpArgs: {
111
+ type: "object",
112
+ properties: {
113
+ sessionId: {
114
+ type: "string"
115
+ },
116
+ stateId: {
117
+ type: "string"
118
+ },
119
+ redirectUrl: {
120
+ type: "string"
121
+ },
122
+ additionalProperties: false
123
+ },
124
+ required: ["sessionId", "stateId", "redirectUrl"],
125
+ description: "Arguments needed for {@link DidAuthSiopOpAuthenticator.getSiopAuthenticationRequestFromRP } "
126
+ },
127
+ ParsedAuthenticationRequestURI: {
128
+ type: "object",
129
+ properties: {
130
+ jwt: {
131
+ type: "string"
132
+ },
133
+ requestPayload: {
106
134
  type: "object",
107
135
  properties: {
108
- status: {
109
- type: "number"
110
- },
111
136
  additionalProperties: true
112
- },
113
- required: ["status"],
114
- description: "Result of {@link DidAuthSiopOpAuthenticator.authenticateWithSiop & DidAuthSiopOpAuthenticator.sendSiopAuthenticationResponse } "
137
+ }
115
138
  },
116
- IGetSiopAuthenticationRequestFromRpArgs: {
139
+ registration: {
117
140
  type: "object",
118
141
  properties: {
119
- sessionId: {
120
- type: "string"
121
- },
122
- stateId: {
123
- type: "string"
124
- },
125
- redirectUrl: {
126
- type: "string"
127
- },
128
- additionalProperties: false
129
- },
130
- required: ["sessionId", "stateId", "redirectUrl"],
131
- description: "Arguments needed for {@link DidAuthSiopOpAuthenticator.getSiopAuthenticationRequestFromRP } "
142
+ additionalProperties: true
143
+ }
132
144
  },
133
- ParsedAuthenticationRequestURI: {
145
+ additionalProperties: false
146
+ },
147
+ required: ["jwt", "requestPayload", "registration"],
148
+ description: "Result of {@link DidAuthSiopOpAuthenticator.getSiopAuthenticationRequestFromRP } "
149
+ },
150
+ IGetSiopAuthenticationRequestDetailsArgs: {
151
+ type: "object",
152
+ properties: {
153
+ sessionId: {
154
+ type: "string"
155
+ },
156
+ verifiedAuthenticationRequest: {
134
157
  type: "object",
135
158
  properties: {
136
- jwt: {
137
- type: "string"
138
- },
139
- requestPayload: {
140
- type: "object",
141
- properties: {
142
- additionalProperties: true
143
- }
144
- },
145
- registration: {
146
- type: "object",
147
- properties: {
148
- additionalProperties: true
149
- }
150
- },
151
- additionalProperties: false
152
- },
153
- required: ["jwt", "requestPayload", "registration"],
154
- description: "Result of {@link DidAuthSiopOpAuthenticator.getSiopAuthenticationRequestFromRP } "
159
+ additionalProperties: true
160
+ }
155
161
  },
156
- IGetSiopAuthenticationRequestDetailsArgs: {
162
+ credentialFilter: {
157
163
  type: "object",
158
164
  properties: {
159
- sessionId: {
160
- type: "string"
161
- },
162
- verifiedAuthenticationRequest: {
163
- type: "object",
164
- properties: {
165
- additionalProperties: true
166
- }
167
- },
168
- credentialFilter: {
169
- type: "object",
170
- properties: {
171
- additionalProperties: true
172
- }
173
- },
174
- additionalProperties: false
175
- },
176
- required: ["sessionId", "verifiedAuthenticationRequest"],
177
- description: "Arguments needed for {@link DidAuthSiopOpAuthenticator.getSiopAuthenticationRequestDetails } "
165
+ additionalProperties: true
166
+ }
167
+ },
168
+ additionalProperties: false
169
+ },
170
+ required: ["sessionId", "verifiedAuthenticationRequest"],
171
+ description: "Arguments needed for {@link DidAuthSiopOpAuthenticator.getSiopAuthenticationRequestDetails } "
172
+ },
173
+ IAuthRequestDetails: {
174
+ type: "object",
175
+ properties: {
176
+ id: {
177
+ type: "string"
178
+ },
179
+ alsoKnownAs: {
180
+ type: "array",
181
+ items: {
182
+ type: "string"
183
+ }
178
184
  },
179
- IAuthRequestDetails: {
185
+ vpResponseOpts: {
180
186
  type: "object",
181
187
  properties: {
182
- id: {
183
- type: "string"
184
- },
185
- alsoKnownAs: {
186
- type: "array",
187
- items: {
188
- type: "string"
189
- }
190
- },
191
- vpResponseOpts: {
192
- type: "object",
193
- properties: {
194
- additionalProperties: true
195
- }
196
- },
197
- additionalProperties: false
198
- },
199
- required: ["id", "vpResponseOpts"],
200
- description: "Result of {@link DidAuthSiopOpAuthenticator.getSiopAuthenticationRequestDetails } "
188
+ additionalProperties: true
189
+ }
190
+ },
191
+ additionalProperties: false
192
+ },
193
+ required: ["id", "vpResponseOpts"],
194
+ description: "Result of {@link DidAuthSiopOpAuthenticator.getSiopAuthenticationRequestDetails } "
195
+ },
196
+ IVerifySiopAuthenticationRequestUriArgs: {
197
+ type: "object",
198
+ properties: {
199
+ sessionId: {
200
+ type: "string"
201
201
  },
202
- IVerifySiopAuthenticationRequestUriArgs: {
202
+ ParsedAuthenticationRequestURI: {
203
203
  type: "object",
204
204
  properties: {
205
- sessionId: {
206
- type: "string"
207
- },
208
- ParsedAuthenticationRequestURI: {
209
- type: "object",
210
- properties: {
211
- additionalProperties: true
212
- }
213
- },
214
- additionalProperties: false
215
- },
216
- required: ["sessionId", "ParsedAuthenticationRequestURI"],
217
- description: "Arguments needed for {@link DidAuthSiopOpAuthenticator.verifySiopAuthenticationRequestURI } "
205
+ additionalProperties: true
206
+ }
218
207
  },
219
- VerifiedAuthorizationRequest: {
208
+ additionalProperties: false
209
+ },
210
+ required: ["sessionId", "ParsedAuthenticationRequestURI"],
211
+ description: "Arguments needed for {@link DidAuthSiopOpAuthenticator.verifySiopAuthenticationRequestURI } "
212
+ },
213
+ VerifiedAuthorizationRequest: {
214
+ type: "object",
215
+ properties: {
216
+ payload: {
220
217
  type: "object",
221
218
  properties: {
222
- payload: {
223
- type: "object",
224
- properties: {
225
- additionalProperties: true
226
- }
227
- },
228
- presentationDefinitions: {
229
- type: "object",
230
- properties: {
231
- additionalProperties: true
232
- }
233
- },
234
- verifyOpts: {
235
- type: "object",
236
- properties: {
237
- additionalProperties: true
238
- }
239
- },
240
- additionalProperties: false
241
- },
242
- required: ["payload", "verifyOpts"],
243
- description: "Result of {@link DidAuthSiopOpAuthenticator.verifySiopAuthenticationRequestURI } "
219
+ additionalProperties: true
220
+ }
244
221
  },
245
- ISendSiopAuthenticationResponseArgs: {
222
+ presentationDefinitions: {
246
223
  type: "object",
247
224
  properties: {
248
- sessionId: {
249
- type: "string"
250
- },
251
- verifiedAuthenticationRequest: {
252
- type: "object",
253
- properties: {
254
- additionalProperties: true
255
- }
256
- },
257
- verifiablePresentationResponse: {
258
- type: "object",
259
- properties: {
260
- additionalProperties: true
261
- }
262
- },
263
- additionalProperties: false
264
- },
265
- required: ["sessionId", "verifiedAuthenticationRequest"],
266
- description: "Arguments needed for {@link DidAuthSiopOpAuthenticator.sendSiopAuthenticationResponse } "
267
- }
268
- },
269
- methods: {
270
- getSessionForSiop: {
271
- description: "Get SIOP session",
272
- arguments: {
273
- $ref: "#/components/schemas/IGetSiopSessionArgs"
274
- },
275
- returnType: "object"
276
- },
277
- registerSessionForSiop: {
278
- description: "Register SIOP session",
279
- arguments: {
280
- $ref: "#/components/schemas/IRegisterSiopSessionArgs"
281
- },
282
- returnType: "object"
283
- },
284
- removeSessionForSiop: {
285
- description: "Remove SIOP session",
286
- arguments: {
287
- $ref: "#/components/schemas/IRemoveSiopSessionArgs"
288
- },
289
- returnType: "boolean"
290
- },
291
- authenticateWithSiop: {
292
- description: "Authenticate using DID Auth SIOP",
293
- arguments: {
294
- $ref: "#/components/schemas/IAuthenticateWithSiopArgs"
295
- },
296
- returnType: {
297
- $ref: "#/components/schemas/Response"
225
+ additionalProperties: true
298
226
  }
299
227
  },
300
- getSiopAuthenticationRequestFromRP: {
301
- description: "Get authentication request from RP",
302
- arguments: {
303
- $ref: "#/components/schemas/IGetSiopAuthenticationRequestFromRpArgs"
304
- },
305
- returnType: {
306
- $ref: "#/components/schemas/ParsedAuthenticationRequestURI"
228
+ verifyOpts: {
229
+ type: "object",
230
+ properties: {
231
+ additionalProperties: true
307
232
  }
308
233
  },
309
- getSiopAuthenticationRequestDetails: {
310
- description: "Get authentication request details",
311
- arguments: {
312
- $ref: "#/components/schemas/IGetSiopAuthenticationRequestDetailsArgs"
313
- },
314
- returnType: {
315
- $ref: "#/components/schemas/IAuthRequestDetails"
316
- }
234
+ additionalProperties: false
235
+ },
236
+ required: ["payload", "verifyOpts"],
237
+ description: "Result of {@link DidAuthSiopOpAuthenticator.verifySiopAuthenticationRequestURI } "
238
+ },
239
+ ISendSiopAuthenticationResponseArgs: {
240
+ type: "object",
241
+ properties: {
242
+ sessionId: {
243
+ type: "string"
317
244
  },
318
- verifySiopAuthenticationRequestURI: {
319
- description: "Verify authentication request URI",
320
- arguments: {
321
- $ref: "#/components/schemas/IVerifySiopAuthenticationRequestUriArgs"
322
- },
323
- returnType: {
324
- $ref: "#/components/schemas/VerifiedAuthorizationRequest"
245
+ verifiedAuthenticationRequest: {
246
+ type: "object",
247
+ properties: {
248
+ additionalProperties: true
325
249
  }
326
250
  },
327
- sendSiopAuthenticationResponse: {
328
- description: "Send authentication response",
329
- arguments: {
330
- $ref: "#/components/schemas/ISendSiopAuthenticationResponseArgs"
331
- },
332
- returnType: {
333
- $ref: "#/components/schemas/IRequiredContext"
251
+ verifiablePresentationResponse: {
252
+ type: "object",
253
+ properties: {
254
+ additionalProperties: true
334
255
  }
335
- }
256
+ },
257
+ additionalProperties: false
258
+ },
259
+ required: ["sessionId", "verifiedAuthenticationRequest"],
260
+ description: "Arguments needed for {@link DidAuthSiopOpAuthenticator.sendSiopAuthenticationResponse } "
261
+ }
262
+ },
263
+ methods: {
264
+ getSessionForSiop: {
265
+ description: "Get SIOP session",
266
+ arguments: {
267
+ $ref: "#/components/schemas/IGetSiopSessionArgs"
268
+ },
269
+ returnType: "object"
270
+ },
271
+ registerSessionForSiop: {
272
+ description: "Register SIOP session",
273
+ arguments: {
274
+ $ref: "#/components/schemas/IRegisterSiopSessionArgs"
275
+ },
276
+ returnType: "object"
277
+ },
278
+ removeSessionForSiop: {
279
+ description: "Remove SIOP session",
280
+ arguments: {
281
+ $ref: "#/components/schemas/IRemoveSiopSessionArgs"
282
+ },
283
+ returnType: "boolean"
284
+ },
285
+ authenticateWithSiop: {
286
+ description: "Authenticate using DID Auth SIOP",
287
+ arguments: {
288
+ $ref: "#/components/schemas/IAuthenticateWithSiopArgs"
289
+ },
290
+ returnType: {
291
+ $ref: "#/components/schemas/Response"
292
+ }
293
+ },
294
+ getSiopAuthenticationRequestFromRP: {
295
+ description: "Get authentication request from RP",
296
+ arguments: {
297
+ $ref: "#/components/schemas/IGetSiopAuthenticationRequestFromRpArgs"
298
+ },
299
+ returnType: {
300
+ $ref: "#/components/schemas/ParsedAuthenticationRequestURI"
301
+ }
302
+ },
303
+ getSiopAuthenticationRequestDetails: {
304
+ description: "Get authentication request details",
305
+ arguments: {
306
+ $ref: "#/components/schemas/IGetSiopAuthenticationRequestDetailsArgs"
307
+ },
308
+ returnType: {
309
+ $ref: "#/components/schemas/IAuthRequestDetails"
310
+ }
311
+ },
312
+ verifySiopAuthenticationRequestURI: {
313
+ description: "Verify authentication request URI",
314
+ arguments: {
315
+ $ref: "#/components/schemas/IVerifySiopAuthenticationRequestUriArgs"
316
+ },
317
+ returnType: {
318
+ $ref: "#/components/schemas/VerifiedAuthorizationRequest"
319
+ }
320
+ },
321
+ sendSiopAuthenticationResponse: {
322
+ description: "Send authentication response",
323
+ arguments: {
324
+ $ref: "#/components/schemas/ISendSiopAuthenticationResponseArgs"
325
+ },
326
+ returnType: {
327
+ $ref: "#/components/schemas/IRequiredContext"
336
328
  }
337
329
  }
338
330
  }
339
- };
331
+ }
340
332
  }
341
- });
333
+ };
342
334
 
343
335
  // src/agent/SIOPv2RP.ts
344
336
  import { AuthorizationResponseStateStatus, decodeUriAsJson } from "@sphereon/did-auth-siop";
345
337
  import { getAgentResolver as getAgentResolver2 } from "@sphereon/ssi-sdk-ext.did-utils";
338
+ import { shaHasher as defaultHasher2 } from "@sphereon/ssi-sdk.core";
339
+ import { validate as isValidUUID2 } from "uuid";
346
340
  import { CredentialMapper as CredentialMapper2 } from "@sphereon/ssi-types";
341
+ import { DcqlQuery } from "dcql";
347
342
 
348
343
  // src/functions.ts
349
- import { InMemoryRPSessionManager, PassBy, PropertyTarget, ResponseMode, ResponseType, RevocationVerification, RP, Scope, SubjectType, SupportedVersion } from "@sphereon/did-auth-siop";
344
+ import { ClientIdentifierPrefix, InMemoryRPSessionManager, PassBy, PropertyTarget, ResponseMode, ResponseType, RevocationVerification, RP, Scope, SubjectType, SupportedVersion } from "@sphereon/did-auth-siop";
350
345
  import { SigningAlgo } from "@sphereon/oid4vc-common";
351
346
  import { getAgentDIDMethods, getAgentResolver } from "@sphereon/ssi-sdk-ext.did-utils";
352
347
  import { isExternalIdentifierOIDFEntityIdOpts, isManagedIdentifierDidOpts, isManagedIdentifierDidResult, isManagedIdentifierX5cOpts } from "@sphereon/ssi-sdk-ext.identifier-resolution";
353
348
  import { CredentialMapper } from "@sphereon/ssi-types";
354
349
  import { EventEmitter } from "events";
350
+ import { validate as isValidUUID } from "uuid";
355
351
  import { defaultHasher } from "@sphereon/ssi-sdk.core";
356
352
  function getRequestVersion(rpOptions) {
357
353
  if (Array.isArray(rpOptions.supportedVersions) && rpOptions.supportedVersions.length > 0) {
358
354
  return rpOptions.supportedVersions[0];
359
355
  }
360
- return SupportedVersion.JWT_VC_PRESENTATION_PROFILE_v1;
356
+ return SupportedVersion.OID4VP_v1;
361
357
  }
362
358
  __name(getRequestVersion, "getRequestVersion");
363
359
  function getWellKnownDIDVerifyCallback(siopIdentifierOpts, context) {
@@ -372,12 +368,40 @@ function getWellKnownDIDVerifyCallback(siopIdentifierOpts, context) {
372
368
  };
373
369
  }
374
370
  __name(getWellKnownDIDVerifyCallback, "getWellKnownDIDVerifyCallback");
371
+ function getDcqlQueryLookupCallback(context) {
372
+ async function dcqlQueryLookup(queryId, version, tenantId) {
373
+ const result = await context.agent.pdmGetDefinitions({
374
+ filter: [
375
+ {
376
+ queryId,
377
+ ...tenantId && {
378
+ tenantId
379
+ },
380
+ ...version && {
381
+ version
382
+ }
383
+ },
384
+ ...isValidUUID(queryId) ? [
385
+ {
386
+ id: queryId
387
+ }
388
+ ] : []
389
+ ]
390
+ });
391
+ if (result && result.length > 0) {
392
+ return result[0].query;
393
+ }
394
+ return Promise.reject(Error(`No dcql query found for queryId ${queryId}`));
395
+ }
396
+ __name(dcqlQueryLookup, "dcqlQueryLookup");
397
+ return dcqlQueryLookup;
398
+ }
399
+ __name(getDcqlQueryLookupCallback, "getDcqlQueryLookupCallback");
375
400
  function getPresentationVerificationCallback(idOpts, context) {
376
401
  async function presentationVerificationCallback(args, presentationSubmission) {
377
402
  if (CredentialMapper.isSdJwtEncoded(args)) {
378
403
  const result2 = await context.agent.verifySdJwtPresentation({
379
- presentation: args,
380
- kb: true
404
+ presentation: args
381
405
  });
382
406
  return {
383
407
  verified: !!result2.payload
@@ -412,28 +436,8 @@ function getPresentationVerificationCallback(idOpts, context) {
412
436
  }
413
437
  __name(getPresentationVerificationCallback, "getPresentationVerificationCallback");
414
438
  async function createRPBuilder(args) {
415
- const { rpOpts, pexOpts, context } = args;
439
+ const { rpOpts, context } = args;
416
440
  const { identifierOpts } = rpOpts;
417
- let definition = args.definition;
418
- let dcqlQuery = args.dcql;
419
- if (!definition && pexOpts && pexOpts.definitionId) {
420
- const presentationDefinitionItems = await context.agent.pdmGetDefinitions({
421
- filter: [
422
- {
423
- definitionId: pexOpts.definitionId,
424
- version: pexOpts.version,
425
- tenantId: pexOpts.tenantId
426
- }
427
- ]
428
- });
429
- if (presentationDefinitionItems.length > 0) {
430
- const presentationDefinitionItem = presentationDefinitionItems[0];
431
- definition = presentationDefinitionItem.definitionPayload;
432
- if (!dcqlQuery && presentationDefinitionItem.dcqlPayload) {
433
- dcqlQuery = presentationDefinitionItem.dcqlPayload;
434
- }
435
- }
436
- }
437
441
  const didMethods = identifierOpts.supportedDIDMethods ?? await getAgentDIDMethods(context);
438
442
  const eventEmitter = rpOpts.eventEmitter ?? new EventEmitter();
439
443
  const defaultClientMetadata = {
@@ -488,34 +492,27 @@ async function createRPBuilder(args) {
488
492
  const builder = RP.builder({
489
493
  requestVersion: getRequestVersion(rpOpts)
490
494
  }).withScope("openid", PropertyTarget.REQUEST_OBJECT).withResponseMode(rpOpts.responseMode ?? ResponseMode.POST).withResponseType(ResponseType.VP_TOKEN, PropertyTarget.REQUEST_OBJECT).withSupportedVersions(rpOpts.supportedVersions ?? [
491
- SupportedVersion.JWT_VC_PRESENTATION_PROFILE_v1,
492
- SupportedVersion.SIOPv2_ID1,
493
- SupportedVersion.SIOPv2_D11
495
+ SupportedVersion.OID4VP_v1,
496
+ SupportedVersion.SIOPv2_OID4VP_D28
494
497
  ]).withEventEmitter(eventEmitter).withSessionManager(rpOpts.sessionManager ?? new InMemoryRPSessionManager(eventEmitter)).withClientMetadata(rpOpts.clientMetadataOpts ?? defaultClientMetadata, PropertyTarget.REQUEST_OBJECT).withVerifyJwtCallback(rpOpts.verifyJwtCallback ? rpOpts.verifyJwtCallback : getVerifyJwtCallback({
495
498
  resolver,
496
499
  verifyOpts: {
497
500
  wellknownDIDVerifyCallback: getWellKnownDIDVerifyCallback(rpOpts.identifierOpts, context),
498
501
  checkLinkedDomain: "if_present"
499
502
  }
500
- }, context)).withRevocationVerification(RevocationVerification.NEVER).withPresentationVerification(getPresentationVerificationCallback(identifierOpts.idOpts, context));
503
+ }, context)).withDcqlQueryLookup(getDcqlQueryLookupCallback(context)).withRevocationVerification(RevocationVerification.NEVER).withPresentationVerification(getPresentationVerificationCallback(identifierOpts.idOpts, context));
501
504
  const oidfOpts = identifierOpts.oidfOpts;
502
505
  if (oidfOpts && isExternalIdentifierOIDFEntityIdOpts(oidfOpts)) {
503
- builder.withEntityId(oidfOpts.identifier, PropertyTarget.REQUEST_OBJECT).withClientIdScheme("entity_id", PropertyTarget.REQUEST_OBJECT);
506
+ builder.withEntityId(oidfOpts.identifier, PropertyTarget.REQUEST_OBJECT);
504
507
  } else {
505
508
  const resolution = await context.agent.identifierManagedGet(identifierOpts.idOpts);
506
- builder.withClientId(resolution.issuer ?? (isManagedIdentifierDidResult(resolution) ? resolution.did : resolution.jwkThumbprint), PropertyTarget.REQUEST_OBJECT).withClientIdScheme(resolution.clientIdScheme ?? identifierOpts.idOpts.clientIdScheme, PropertyTarget.REQUEST_OBJECT);
509
+ const clientId = rpOpts.clientMetadataOpts?.client_id ?? resolution.issuer ?? (isManagedIdentifierDidResult(resolution) ? resolution.did : resolution.jwkThumbprint);
510
+ const clientIdPrefixed = prefixClientId(clientId);
511
+ builder.withClientId(clientIdPrefixed, PropertyTarget.REQUEST_OBJECT);
507
512
  }
508
513
  if (hasher) {
509
514
  builder.withHasher(hasher);
510
515
  }
511
- if (definition) {
512
- builder.withPresentationDefinition({
513
- definition
514
- }, PropertyTarget.REQUEST_OBJECT);
515
- }
516
- if (dcqlQuery) {
517
- builder.withDcqlQuery(dcqlQuery);
518
- }
519
516
  if (rpOpts.responseRedirectUri) {
520
517
  builder.withResponseRedirectUri(rpOpts.responseRedirectUri);
521
518
  }
@@ -572,6 +569,13 @@ function getSigningAlgo(type) {
572
569
  }
573
570
  }
574
571
  __name(getSigningAlgo, "getSigningAlgo");
572
+ function prefixClientId(clientId) {
573
+ if (clientId.startsWith("did:")) {
574
+ return `${ClientIdentifierPrefix.DECENTRALIZED_IDENTIFIER}:${clientId}`;
575
+ }
576
+ return clientId;
577
+ }
578
+ __name(prefixClientId, "prefixClientId");
575
579
 
576
580
  // src/RPInstance.ts
577
581
  import { v4 as uuidv4 } from "uuid";
@@ -581,17 +585,16 @@ var RPInstance = class {
581
585
  __name(this, "RPInstance");
582
586
  }
583
587
  _rp;
584
- _pexOptions;
588
+ _presentationOptions;
585
589
  _rpOptions;
586
590
  constructor({ rpOpts, pexOpts }) {
587
591
  this._rpOptions = rpOpts;
588
- this._pexOptions = pexOpts;
592
+ this._presentationOptions = pexOpts;
589
593
  }
590
594
  async get(context) {
591
595
  if (!this._rp) {
592
596
  const builder = await createRPBuilder({
593
597
  rpOpts: this._rpOptions,
594
- pexOpts: this._pexOptions,
595
598
  context
596
599
  });
597
600
  this._rp = builder.build();
@@ -601,23 +604,11 @@ var RPInstance = class {
601
604
  get rpOptions() {
602
605
  return this._rpOptions;
603
606
  }
604
- get pexOptions() {
605
- return this._pexOptions;
606
- }
607
- hasDefinition() {
608
- return this.definitionId !== void 0;
609
- }
610
- get definitionId() {
611
- return this.pexOptions?.definitionId;
612
- }
613
- async getPresentationDefinition(context) {
614
- return this.definitionId ? await context.agent.pexStoreGetDefinition({
615
- definitionId: this.definitionId,
616
- tenantId: this.pexOptions?.tenantId
617
- }) : void 0;
607
+ get presentationOptions() {
608
+ return this._presentationOptions;
618
609
  }
619
610
  async createAuthorizationRequestURI(createArgs, context) {
620
- const { correlationId, claims, requestByReferenceURI, responseURI, responseURIType } = createArgs;
611
+ const { correlationId, queryId, claims, requestByReferenceURI, responseURI, responseURIType, callback, responseRedirectURI } = createArgs;
621
612
  const nonce = createArgs.nonce ?? uuidv4();
622
613
  const state = createArgs.state ?? correlationId;
623
614
  let jwtIssuer;
@@ -645,17 +636,20 @@ var RPInstance = class {
645
636
  return await this.get(context).then((rp) => rp.createAuthorizationRequestURI({
646
637
  version: getRequestVersion(this.rpOptions),
647
638
  correlationId,
639
+ queryId,
648
640
  nonce,
649
641
  state,
650
642
  claims,
651
643
  requestByReferenceURI,
652
644
  responseURI,
653
645
  responseURIType,
654
- jwtIssuer
646
+ jwtIssuer,
647
+ callback,
648
+ responseRedirectURI
655
649
  }));
656
650
  }
657
651
  async createAuthorizationRequest(createArgs, context) {
658
- const { correlationId, claims, requestByReferenceURI, responseURI, responseURIType } = createArgs;
652
+ const { correlationId, claims, requestByReferenceURI, responseURI, responseURIType, responseRedirectURI } = createArgs;
659
653
  const nonce = createArgs.nonce ?? uuidv4();
660
654
  const state = createArgs.state ?? correlationId;
661
655
  const idOpts = this.rpOptions.identifierOpts.idOpts;
@@ -686,13 +680,13 @@ var RPInstance = class {
686
680
  requestByReferenceURI,
687
681
  responseURIType,
688
682
  responseURI,
689
- jwtIssuer
683
+ jwtIssuer,
684
+ responseRedirectURI
690
685
  }));
691
686
  }
692
687
  };
693
688
 
694
689
  // src/agent/SIOPv2RP.ts
695
- import { shaHasher as defaultHasher2 } from "@sphereon/ssi-sdk.core";
696
690
  var SIOPv2RP = class _SIOPv2RP {
697
691
  static {
698
692
  __name(this, "SIOPv2RP");
@@ -700,7 +694,7 @@ var SIOPv2RP = class _SIOPv2RP {
700
694
  opts;
701
695
  static _DEFAULT_OPTS_KEY = "_default";
702
696
  instances = /* @__PURE__ */ new Map();
703
- schema = schema.IDidAuthSiopOpAuthenticator;
697
+ schema = plugin_schema_default.IDidAuthSiopOpAuthenticator;
704
698
  methods = {
705
699
  siopCreateAuthRequestURI: this.createAuthorizationRequestURI.bind(this),
706
700
  siopCreateAuthRequestPayloads: this.createAuthorizationRequestPayloads.bind(this),
@@ -730,53 +724,72 @@ var SIOPv2RP = class _SIOPv2RP {
730
724
  }
731
725
  async createAuthorizationRequestURI(createArgs, context) {
732
726
  return await this.getRPInstance({
733
- definitionId: createArgs.definitionId,
734
- responseRedirectURI: createArgs.responseRedirectURI
727
+ createWhenNotPresent: true,
728
+ responseRedirectURI: createArgs.responseRedirectURI,
729
+ ...createArgs.useQueryIdInstance === true && {
730
+ queryId: createArgs.queryId
731
+ }
735
732
  }, context).then((rp) => rp.createAuthorizationRequestURI(createArgs, context)).then((URI) => URI.encodedUri);
736
733
  }
737
734
  async createAuthorizationRequestPayloads(createArgs, context) {
738
735
  return await this.getRPInstance({
739
- definitionId: createArgs.definitionId
736
+ createWhenNotPresent: true,
737
+ queryId: createArgs.queryId
740
738
  }, context).then((rp) => rp.createAuthorizationRequest(createArgs, context)).then(async (request) => {
741
739
  const authRequest = {
742
740
  authorizationRequest: request.payload,
743
741
  requestObject: await request.requestObjectJwt(),
744
- requestObjectDecoded: await request.requestObject?.getPayload()
742
+ requestObjectDecoded: request.requestObject?.getPayload()
745
743
  };
746
744
  return authRequest;
747
745
  });
748
746
  }
749
747
  async siopGetRequestState(args, context) {
750
748
  return await this.getRPInstance({
751
- definitionId: args.definitionId
749
+ createWhenNotPresent: false,
750
+ queryId: args.queryId
752
751
  }, context).then((rp) => rp.get(context).then((rp2) => rp2.sessionManager.getRequestStateByCorrelationId(args.correlationId, args.errorOnNotFound)));
753
752
  }
754
753
  async siopGetResponseState(args, context) {
755
754
  const rpInstance = await this.getRPInstance({
756
- definitionId: args.definitionId
755
+ createWhenNotPresent: false,
756
+ queryId: args.queryId
757
757
  }, context);
758
758
  const authorizationResponseState = await rpInstance.get(context).then((rp) => rp.sessionManager.getResponseStateByCorrelationId(args.correlationId, args.errorOnNotFound));
759
759
  if (authorizationResponseState === void 0) {
760
760
  return void 0;
761
761
  }
762
762
  const responseState = authorizationResponseState;
763
- if (responseState.status === AuthorizationResponseStateStatus.VERIFIED && args.includeVerifiedData && args.includeVerifiedData !== VerifiedDataMode.NONE) {
763
+ if (responseState.status === AuthorizationResponseStateStatus.VERIFIED) {
764
764
  let hasher;
765
765
  if (CredentialMapper2.isSdJwtEncoded(responseState.response.payload.vp_token) && (!rpInstance.rpOptions.credentialOpts?.hasher || typeof rpInstance.rpOptions.credentialOpts?.hasher !== "function")) {
766
766
  hasher = defaultHasher2;
767
767
  }
768
- const presentationDecoded = CredentialMapper2.decodeVerifiablePresentation(
769
- responseState.response.payload.vp_token,
770
- //todo: later we want to conditionally pass in options for mdl-mdoc here
771
- hasher
772
- );
773
- switch (args.includeVerifiedData) {
774
- case VerifiedDataMode.VERIFIED_PRESENTATION:
775
- responseState.response.payload.verifiedData = this.presentationOrClaimsFrom(presentationDecoded);
776
- break;
777
- case VerifiedDataMode.CREDENTIAL_SUBJECT_FLATTENED:
778
- const allClaims = {};
779
- for (const credential of this.presentationOrClaimsFrom(presentationDecoded).verifiableCredential || []) {
768
+ const vpToken = responseState.response.payload.vp_token && JSON.parse(responseState.response.payload.vp_token);
769
+ const claims = [];
770
+ for (const [credentialQueryId, presentationValue] of Object.entries(vpToken)) {
771
+ let singleVP;
772
+ if (Array.isArray(presentationValue)) {
773
+ if (presentationValue.length === 0) {
774
+ throw Error(`DCQL query '${credentialQueryId}' has empty array of presentations`);
775
+ }
776
+ if (presentationValue.length > 1) {
777
+ throw Error(`DCQL query '${credentialQueryId}' has multiple presentations (${presentationValue.length}), but only one is supported atm`);
778
+ }
779
+ singleVP = presentationValue[0];
780
+ } else {
781
+ singleVP = presentationValue;
782
+ }
783
+ const presentationDecoded = CredentialMapper2.decodeVerifiablePresentation(
784
+ singleVP,
785
+ //todo: later we want to conditionally pass in options for mdl-mdoc here
786
+ hasher
787
+ );
788
+ console.log(`presentationDecoded: ${JSON.stringify(presentationDecoded)}`);
789
+ const allClaims = {};
790
+ const presentationOrClaims = this.presentationOrClaimsFrom(presentationDecoded);
791
+ if ("verifiableCredential" in presentationOrClaims) {
792
+ for (const credential of presentationOrClaims.verifiableCredential) {
780
793
  const vc = credential;
781
794
  const schemaValidationResult = await context.agent.cvVerifySchema({
782
795
  credential,
@@ -797,20 +810,43 @@ var SIOPv2RP = class _SIOPv2RP {
797
810
  allClaims[key] = value;
798
811
  }
799
812
  });
813
+ claims.push({
814
+ id: credentialQueryId,
815
+ type: vc.type[0],
816
+ claims: allClaims
817
+ });
800
818
  }
801
- responseState.verifiedData = allClaims;
802
- break;
819
+ } else {
820
+ claims.push({
821
+ id: credentialQueryId,
822
+ type: presentationDecoded.decodedPayload.vct,
823
+ claims: presentationOrClaims
824
+ });
825
+ }
803
826
  }
827
+ responseState.verifiedData = {
828
+ ...responseState.response.payload.vp_token && {
829
+ authorization_response: {
830
+ vp_token: typeof responseState.response.payload.vp_token === "string" ? JSON.parse(responseState.response.payload.vp_token) : responseState.response.payload.vp_token
831
+ }
832
+ },
833
+ ...claims.length > 0 && {
834
+ credential_claims: claims
835
+ }
836
+ };
804
837
  }
805
838
  return responseState;
806
839
  }
807
- presentationOrClaimsFrom = /* @__PURE__ */ __name((presentationDecoded) => CredentialMapper2.isSdJwtDecodedCredential(presentationDecoded) ? presentationDecoded.decodedPayload : CredentialMapper2.toUniformPresentation(presentationDecoded), "presentationOrClaimsFrom");
840
+ presentationOrClaimsFrom = /* @__PURE__ */ __name((presentationDecoded) => {
841
+ return CredentialMapper2.isSdJwtDecodedCredential(presentationDecoded) ? presentationDecoded.decodedPayload : CredentialMapper2.toUniformPresentation(presentationDecoded);
842
+ }, "presentationOrClaimsFrom");
808
843
  async siopUpdateRequestState(args, context) {
809
- if (args.state !== "sent") {
810
- throw Error(`Only 'sent' status is supported for this method at this point`);
844
+ if (args.state !== "authorization_request_created") {
845
+ throw Error(`Only 'authorization_request_created' status is supported for this method at this point`);
811
846
  }
812
847
  return await this.getRPInstance({
813
- definitionId: args.definitionId
848
+ createWhenNotPresent: false,
849
+ queryId: args.queryId
814
850
  }, context).then((rp) => rp.get(context).then(async (rp2) => {
815
851
  await rp2.signalAuthRequestRetrieved({
816
852
  correlationId: args.correlationId,
@@ -821,7 +857,8 @@ var SIOPv2RP = class _SIOPv2RP {
821
857
  }
822
858
  async siopDeleteState(args, context) {
823
859
  return await this.getRPInstance({
824
- definitionId: args.definitionId
860
+ createWhenNotPresent: false,
861
+ queryId: args.queryId
825
862
  }, context).then((rp) => rp.get(context).then((rp2) => rp2.sessionManager.deleteStateForCorrelationId(args.correlationId))).then(() => true);
826
863
  }
827
864
  async siopVerifyAuthResponse(args, context) {
@@ -830,32 +867,27 @@ var SIOPv2RP = class _SIOPv2RP {
830
867
  }
831
868
  const authResponse = typeof args.authorizationResponse === "string" ? decodeUriAsJson(args.authorizationResponse) : args.authorizationResponse;
832
869
  return await this.getRPInstance({
833
- definitionId: args.definitionId
870
+ createWhenNotPresent: false,
871
+ queryId: args.queryId
834
872
  }, context).then((rp) => rp.get(context).then((rp2) => rp2.verifyAuthorizationResponse(authResponse, {
835
873
  correlationId: args.correlationId,
836
- ...args.presentationDefinitions && !args.dcqlQuery ? {
837
- presentationDefinitions: args.presentationDefinitions
838
- } : {},
839
- ...args.dcqlQuery ? {
874
+ ...args.dcqlQuery && {
840
875
  dcqlQuery: args.dcqlQuery
841
- } : {},
876
+ },
842
877
  audience: args.audience
843
878
  })));
844
879
  }
845
880
  async siopImportDefinitions(args, context) {
846
- const { definitions, tenantId, version, versionControlMode } = args;
847
- await Promise.all(definitions.map(async (definitionPair) => {
848
- const definitionPayload = definitionPair.definitionPayload;
849
- await context.agent.pexValidateDefinition({
850
- definition: definitionPayload
851
- });
852
- console.log(`persisting definition ${definitionPayload.id} / ${definitionPayload.name} with versionControlMode ${versionControlMode}`);
881
+ const { importItems, tenantId, version, versionControlMode } = args;
882
+ await Promise.all(importItems.map(async (importItem) => {
883
+ DcqlQuery.validate(importItem.query);
884
+ console.log(`persisting DCQL definition ${importItem.queryId} with versionControlMode ${versionControlMode}`);
853
885
  return context.agent.pdmPersistDefinition({
854
886
  definitionItem: {
887
+ queryId: importItem.queryId,
855
888
  tenantId,
856
889
  version,
857
- definitionPayload,
858
- dcqlPayload: definitionPair.dcqlPayload
890
+ query: importItem.query
859
891
  },
860
892
  opts: {
861
893
  versionControlMode
@@ -864,12 +896,12 @@ var SIOPv2RP = class _SIOPv2RP {
864
896
  }));
865
897
  }
866
898
  async siopGetRedirectURI(args, context) {
867
- const instanceId = args.definitionId ?? _SIOPv2RP._DEFAULT_OPTS_KEY;
899
+ const instanceId = args.queryId ?? _SIOPv2RP._DEFAULT_OPTS_KEY;
868
900
  if (this.instances.has(instanceId)) {
869
901
  const rpInstance = this.instances.get(instanceId);
870
902
  if (rpInstance !== void 0) {
871
903
  const rp = await rpInstance.get(context);
872
- return rp.getResponseRedirectUri({
904
+ return await rp.getResponseRedirectUri({
873
905
  correlation_id: args.correlationId,
874
906
  correlationId: args.correlationId,
875
907
  ...args.state && {
@@ -880,12 +912,40 @@ var SIOPv2RP = class _SIOPv2RP {
880
912
  }
881
913
  return void 0;
882
914
  }
883
- async getRPInstance({ definitionId, responseRedirectURI }, context) {
884
- const instanceId = definitionId ?? _SIOPv2RP._DEFAULT_OPTS_KEY;
885
- if (!this.instances.has(instanceId)) {
886
- const instanceOpts = this.getInstanceOpts(definitionId);
915
+ async getRPInstance({ createWhenNotPresent, queryId, responseRedirectURI }, context) {
916
+ let rpInstanceId = _SIOPv2RP._DEFAULT_OPTS_KEY;
917
+ let rpInstance;
918
+ if (queryId) {
919
+ if (this.instances.has(queryId)) {
920
+ rpInstanceId = queryId;
921
+ rpInstance = this.instances.get(rpInstanceId);
922
+ } else if (isValidUUID2(queryId)) {
923
+ try {
924
+ const pd = await context.agent.pdmGetDefinition({
925
+ itemId: queryId
926
+ });
927
+ if (this.instances.has(pd.queryId)) {
928
+ rpInstanceId = pd.queryId;
929
+ rpInstance = this.instances.get(rpInstanceId);
930
+ }
931
+ } catch (ignore) {
932
+ }
933
+ }
934
+ if (createWhenNotPresent) {
935
+ rpInstanceId = queryId;
936
+ } else {
937
+ rpInstance = this.instances.get(rpInstanceId);
938
+ }
939
+ } else {
940
+ rpInstance = this.instances.get(rpInstanceId);
941
+ }
942
+ if (!rpInstance) {
943
+ if (!createWhenNotPresent) {
944
+ return Promise.reject(`No RP instance found for key ${rpInstanceId}`);
945
+ }
946
+ const instanceOpts = this.getInstanceOpts(queryId);
887
947
  const rpOpts = await this.getRPOptions(context, {
888
- definitionId,
948
+ queryId,
889
949
  responseRedirectURI
890
950
  });
891
951
  if (!rpOpts.identifierOpts.resolveOpts?.resolver || typeof rpOpts.identifierOpts.resolveOpts.resolver.resolve !== "function") {
@@ -897,29 +957,29 @@ var SIOPv2RP = class _SIOPv2RP {
897
957
  ...rpOpts.identifierOpts.resolveOpts
898
958
  };
899
959
  }
900
- console.log("Using agent DID resolver for RP instance with definition id " + definitionId);
960
+ console.log("Using agent DID resolver for RP instance with definition id " + queryId);
901
961
  rpOpts.identifierOpts.resolveOpts.resolver = getAgentResolver2(context, {
902
962
  uniresolverResolution: true,
903
963
  localResolution: true,
904
964
  resolverResolution: true
905
965
  });
906
966
  }
907
- this.instances.set(instanceId, new RPInstance({
967
+ rpInstance = new RPInstance({
908
968
  rpOpts,
909
969
  pexOpts: instanceOpts
910
- }));
970
+ });
971
+ this.instances.set(rpInstanceId, rpInstance);
911
972
  }
912
- const rpInstance = this.instances.get(instanceId);
913
973
  if (responseRedirectURI) {
914
974
  rpInstance.rpOptions.responseRedirectUri = responseRedirectURI;
915
975
  }
916
976
  return rpInstance;
917
977
  }
918
978
  async getRPOptions(context, opts) {
919
- const { definitionId, responseRedirectURI } = opts;
920
- const options = this.getInstanceOpts(definitionId)?.rpOpts ?? this.opts.defaultOpts;
979
+ const { queryId, responseRedirectURI } = opts;
980
+ const options = this.getInstanceOpts(queryId)?.rpOpts ?? this.opts.defaultOpts;
921
981
  if (!options) {
922
- throw Error(`Could not get specific nor default options for definition ${definitionId}`);
982
+ throw Error(`Could not get specific nor default options for definition ${queryId}`);
923
983
  }
924
984
  if (this.opts.defaultOpts) {
925
985
  if (!options.identifierOpts) {
@@ -951,40 +1011,28 @@ var SIOPv2RP = class _SIOPv2RP {
951
1011
  }
952
1012
  return options;
953
1013
  }
954
- getInstanceOpts(definitionId) {
1014
+ getInstanceOpts(queryId) {
955
1015
  if (!this.opts.instanceOpts) return void 0;
956
- const instanceOpt = definitionId ? this.opts.instanceOpts.find((i) => i.definitionId === definitionId) : void 0;
957
- return instanceOpt ?? this.getDefaultOptions(definitionId);
1016
+ const instanceOpt = queryId ? this.opts.instanceOpts.find((i) => i.queryId === queryId) : void 0;
1017
+ return instanceOpt ?? this.getDefaultOptions(queryId);
958
1018
  }
959
- getDefaultOptions(definitionId) {
1019
+ getDefaultOptions(queryId) {
960
1020
  if (!this.opts.instanceOpts) return void 0;
961
- const defaultOptions = this.opts.instanceOpts.find((i) => i.definitionId === "default");
1021
+ const defaultOptions = this.opts.instanceOpts.find((i) => i.queryId === "default");
962
1022
  if (defaultOptions) {
963
1023
  const clonedOptions = {
964
1024
  ...defaultOptions
965
1025
  };
966
- if (definitionId !== void 0) {
967
- clonedOptions.definitionId = definitionId;
1026
+ if (queryId !== void 0) {
1027
+ clonedOptions.queryId = queryId;
968
1028
  }
969
1029
  return clonedOptions;
970
1030
  }
971
1031
  return void 0;
972
1032
  }
973
1033
  };
974
-
975
- // src/types/ISIOPv2RP.ts
976
- var VerifiedDataMode = /* @__PURE__ */ function(VerifiedDataMode2) {
977
- VerifiedDataMode2["NONE"] = "none";
978
- VerifiedDataMode2["VERIFIED_PRESENTATION"] = "vp";
979
- VerifiedDataMode2["CREDENTIAL_SUBJECT_FLATTENED"] = "cs-flat";
980
- return VerifiedDataMode2;
981
- }({});
982
-
983
- // src/index.ts
984
- var schema = require_plugin_schema();
985
1034
  export {
986
1035
  SIOPv2RP,
987
- VerifiedDataMode,
988
- schema
1036
+ plugin_schema_default as schema
989
1037
  };
990
1038
  //# sourceMappingURL=index.js.map