@sphereon/ssi-sdk.siopv2-oid4vp-rp-auth 0.34.1-next.3 → 0.34.1-next.323

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (12) hide show
  1. package/dist/index.cjs +481 -432
  2. package/dist/index.cjs.map +1 -1
  3. package/dist/index.d.cts +739 -69
  4. package/dist/index.d.ts +739 -69
  5. package/dist/index.js +472 -424
  6. package/dist/index.js.map +1 -1
  7. package/package.json +19 -19
  8. package/src/RPInstance.ts +14 -29
  9. package/src/agent/SIOPv2RP.ts +138 -67
  10. package/src/functions.ts +49 -52
  11. package/src/index.ts +1 -1
  12. package/src/types/ISIOPv2RP.ts +32 -62
package/dist/index.cjs CHANGED
@@ -4,9 +4,6 @@ var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
4
4
  var __getOwnPropNames = Object.getOwnPropertyNames;
5
5
  var __hasOwnProp = Object.prototype.hasOwnProperty;
6
6
  var __name = (target, value) => __defProp(target, "name", { value, configurable: true });
7
- var __commonJS = (cb, mod) => function __require() {
8
- return mod || (0, cb[__getOwnPropNames(cb)[0]])((mod = { exports: {} }).exports, mod), mod.exports;
9
- };
10
7
  var __export = (target, all) => {
11
8
  for (var name in all)
12
9
  __defProp(target, name, { get: all[name], enumerable: true });
@@ -21,354 +18,352 @@ var __copyProps = (to, from, except, desc) => {
21
18
  };
22
19
  var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
23
20
 
21
+ // src/index.ts
22
+ var index_exports = {};
23
+ __export(index_exports, {
24
+ SIOPv2RP: () => SIOPv2RP,
25
+ schema: () => plugin_schema_default
26
+ });
27
+ module.exports = __toCommonJS(index_exports);
28
+
24
29
  // plugin.schema.json
25
- var require_plugin_schema = __commonJS({
26
- "plugin.schema.json"(exports, module2) {
27
- module2.exports = {
28
- IDidAuthSiopOpAuthenticator: {
29
- components: {
30
- schemas: {
31
- IGetSiopSessionArgs: {
32
- type: "object",
33
- properties: {
34
- sessionId: {
35
- type: "string"
36
- },
37
- additionalProperties: false
38
- },
39
- required: ["sessionId"],
40
- description: "Arguments needed for {@link DidAuthSiopOpAuthenticator.getSessionForSiop } "
30
+ var plugin_schema_default = {
31
+ IDidAuthSiopOpAuthenticator: {
32
+ components: {
33
+ schemas: {
34
+ IGetSiopSessionArgs: {
35
+ type: "object",
36
+ properties: {
37
+ sessionId: {
38
+ type: "string"
41
39
  },
42
- IRegisterSiopSessionArgs: {
40
+ additionalProperties: false
41
+ },
42
+ required: ["sessionId"],
43
+ description: "Arguments needed for {@link DidAuthSiopOpAuthenticator.getSessionForSiop } "
44
+ },
45
+ IRegisterSiopSessionArgs: {
46
+ type: "object",
47
+ properties: {
48
+ identifier: {
43
49
  type: "object",
44
50
  properties: {
45
- identifier: {
46
- type: "object",
47
- properties: {
48
- did: {
49
- type: "string"
50
- },
51
- alias: {
52
- type: "string"
53
- },
54
- provider: {
55
- type: "string"
56
- },
57
- controllerKeyId: {
58
- type: "string"
59
- },
60
- keys: {
61
- type: "array",
62
- items: {
63
- type: "object",
64
- properties: {
65
- additionalProperties: true
66
- }
67
- }
68
- },
69
- services: {
70
- type: "array",
71
- items: {
72
- type: "object",
73
- properties: {
74
- additionalProperties: true
75
- }
76
- }
77
- }
78
- },
79
- additionalProperties: false,
80
- required: ["did", "provider", "keys", "services"]
81
- },
82
- sessionId: {
51
+ did: {
83
52
  type: "string"
84
53
  },
85
- expiresIn: {
86
- type: "number"
87
- },
88
- additionalProperties: false
89
- },
90
- required: ["identifier"],
91
- description: "Arguments needed for {@link DidAuthSiopOpAuthenticator.registerSessionForSiop } "
92
- },
93
- IRemoveSiopSessionArgs: {
94
- type: "object",
95
- properties: {
96
- sessionId: {
54
+ alias: {
97
55
  type: "string"
98
56
  },
99
- additionalProperties: false
100
- },
101
- required: ["sessionId"],
102
- description: "Arguments needed for {@link DidAuthSiopOpAuthenticator.removeSessionForSiop } "
103
- },
104
- IAuthenticateWithSiopArgs: {
105
- type: "object",
106
- properties: {
107
- sessionId: {
57
+ provider: {
108
58
  type: "string"
109
59
  },
110
- stateId: {
60
+ controllerKeyId: {
111
61
  type: "string"
112
62
  },
113
- redirectUrl: {
114
- type: "string"
63
+ keys: {
64
+ type: "array",
65
+ items: {
66
+ type: "object",
67
+ properties: {
68
+ additionalProperties: true
69
+ }
70
+ }
115
71
  },
116
- additionalProperties: false
72
+ services: {
73
+ type: "array",
74
+ items: {
75
+ type: "object",
76
+ properties: {
77
+ additionalProperties: true
78
+ }
79
+ }
80
+ }
117
81
  },
118
- required: ["sessionId", "stateId", "redirectUrl"],
119
- description: "Arguments needed for {@link DidAuthSiopOpAuthenticator.authenticateWithSiop } "
82
+ additionalProperties: false,
83
+ required: ["did", "provider", "keys", "services"]
84
+ },
85
+ sessionId: {
86
+ type: "string"
87
+ },
88
+ expiresIn: {
89
+ type: "number"
90
+ },
91
+ additionalProperties: false
92
+ },
93
+ required: ["identifier"],
94
+ description: "Arguments needed for {@link DidAuthSiopOpAuthenticator.registerSessionForSiop } "
95
+ },
96
+ IRemoveSiopSessionArgs: {
97
+ type: "object",
98
+ properties: {
99
+ sessionId: {
100
+ type: "string"
101
+ },
102
+ additionalProperties: false
103
+ },
104
+ required: ["sessionId"],
105
+ description: "Arguments needed for {@link DidAuthSiopOpAuthenticator.removeSessionForSiop } "
106
+ },
107
+ IAuthenticateWithSiopArgs: {
108
+ type: "object",
109
+ properties: {
110
+ sessionId: {
111
+ type: "string"
112
+ },
113
+ stateId: {
114
+ type: "string"
115
+ },
116
+ redirectUrl: {
117
+ type: "string"
118
+ },
119
+ additionalProperties: false
120
+ },
121
+ required: ["sessionId", "stateId", "redirectUrl"],
122
+ description: "Arguments needed for {@link DidAuthSiopOpAuthenticator.authenticateWithSiop } "
123
+ },
124
+ IResponse: {
125
+ type: "object",
126
+ properties: {
127
+ status: {
128
+ type: "number"
120
129
  },
121
- IResponse: {
130
+ additionalProperties: true
131
+ },
132
+ required: ["status"],
133
+ description: "Result of {@link DidAuthSiopOpAuthenticator.authenticateWithSiop & DidAuthSiopOpAuthenticator.sendSiopAuthenticationResponse } "
134
+ },
135
+ IGetSiopAuthenticationRequestFromRpArgs: {
136
+ type: "object",
137
+ properties: {
138
+ sessionId: {
139
+ type: "string"
140
+ },
141
+ stateId: {
142
+ type: "string"
143
+ },
144
+ redirectUrl: {
145
+ type: "string"
146
+ },
147
+ additionalProperties: false
148
+ },
149
+ required: ["sessionId", "stateId", "redirectUrl"],
150
+ description: "Arguments needed for {@link DidAuthSiopOpAuthenticator.getSiopAuthenticationRequestFromRP } "
151
+ },
152
+ ParsedAuthenticationRequestURI: {
153
+ type: "object",
154
+ properties: {
155
+ jwt: {
156
+ type: "string"
157
+ },
158
+ requestPayload: {
122
159
  type: "object",
123
160
  properties: {
124
- status: {
125
- type: "number"
126
- },
127
161
  additionalProperties: true
128
- },
129
- required: ["status"],
130
- description: "Result of {@link DidAuthSiopOpAuthenticator.authenticateWithSiop & DidAuthSiopOpAuthenticator.sendSiopAuthenticationResponse } "
162
+ }
131
163
  },
132
- IGetSiopAuthenticationRequestFromRpArgs: {
164
+ registration: {
133
165
  type: "object",
134
166
  properties: {
135
- sessionId: {
136
- type: "string"
137
- },
138
- stateId: {
139
- type: "string"
140
- },
141
- redirectUrl: {
142
- type: "string"
143
- },
144
- additionalProperties: false
145
- },
146
- required: ["sessionId", "stateId", "redirectUrl"],
147
- description: "Arguments needed for {@link DidAuthSiopOpAuthenticator.getSiopAuthenticationRequestFromRP } "
167
+ additionalProperties: true
168
+ }
148
169
  },
149
- ParsedAuthenticationRequestURI: {
170
+ additionalProperties: false
171
+ },
172
+ required: ["jwt", "requestPayload", "registration"],
173
+ description: "Result of {@link DidAuthSiopOpAuthenticator.getSiopAuthenticationRequestFromRP } "
174
+ },
175
+ IGetSiopAuthenticationRequestDetailsArgs: {
176
+ type: "object",
177
+ properties: {
178
+ sessionId: {
179
+ type: "string"
180
+ },
181
+ verifiedAuthenticationRequest: {
150
182
  type: "object",
151
183
  properties: {
152
- jwt: {
153
- type: "string"
154
- },
155
- requestPayload: {
156
- type: "object",
157
- properties: {
158
- additionalProperties: true
159
- }
160
- },
161
- registration: {
162
- type: "object",
163
- properties: {
164
- additionalProperties: true
165
- }
166
- },
167
- additionalProperties: false
168
- },
169
- required: ["jwt", "requestPayload", "registration"],
170
- description: "Result of {@link DidAuthSiopOpAuthenticator.getSiopAuthenticationRequestFromRP } "
184
+ additionalProperties: true
185
+ }
171
186
  },
172
- IGetSiopAuthenticationRequestDetailsArgs: {
187
+ credentialFilter: {
173
188
  type: "object",
174
189
  properties: {
175
- sessionId: {
176
- type: "string"
177
- },
178
- verifiedAuthenticationRequest: {
179
- type: "object",
180
- properties: {
181
- additionalProperties: true
182
- }
183
- },
184
- credentialFilter: {
185
- type: "object",
186
- properties: {
187
- additionalProperties: true
188
- }
189
- },
190
- additionalProperties: false
191
- },
192
- required: ["sessionId", "verifiedAuthenticationRequest"],
193
- description: "Arguments needed for {@link DidAuthSiopOpAuthenticator.getSiopAuthenticationRequestDetails } "
190
+ additionalProperties: true
191
+ }
192
+ },
193
+ additionalProperties: false
194
+ },
195
+ required: ["sessionId", "verifiedAuthenticationRequest"],
196
+ description: "Arguments needed for {@link DidAuthSiopOpAuthenticator.getSiopAuthenticationRequestDetails } "
197
+ },
198
+ IAuthRequestDetails: {
199
+ type: "object",
200
+ properties: {
201
+ id: {
202
+ type: "string"
203
+ },
204
+ alsoKnownAs: {
205
+ type: "array",
206
+ items: {
207
+ type: "string"
208
+ }
194
209
  },
195
- IAuthRequestDetails: {
210
+ vpResponseOpts: {
196
211
  type: "object",
197
212
  properties: {
198
- id: {
199
- type: "string"
200
- },
201
- alsoKnownAs: {
202
- type: "array",
203
- items: {
204
- type: "string"
205
- }
206
- },
207
- vpResponseOpts: {
208
- type: "object",
209
- properties: {
210
- additionalProperties: true
211
- }
212
- },
213
- additionalProperties: false
214
- },
215
- required: ["id", "vpResponseOpts"],
216
- description: "Result of {@link DidAuthSiopOpAuthenticator.getSiopAuthenticationRequestDetails } "
213
+ additionalProperties: true
214
+ }
217
215
  },
218
- IVerifySiopAuthenticationRequestUriArgs: {
216
+ additionalProperties: false
217
+ },
218
+ required: ["id", "vpResponseOpts"],
219
+ description: "Result of {@link DidAuthSiopOpAuthenticator.getSiopAuthenticationRequestDetails } "
220
+ },
221
+ IVerifySiopAuthenticationRequestUriArgs: {
222
+ type: "object",
223
+ properties: {
224
+ sessionId: {
225
+ type: "string"
226
+ },
227
+ ParsedAuthenticationRequestURI: {
219
228
  type: "object",
220
229
  properties: {
221
- sessionId: {
222
- type: "string"
223
- },
224
- ParsedAuthenticationRequestURI: {
225
- type: "object",
226
- properties: {
227
- additionalProperties: true
228
- }
229
- },
230
- additionalProperties: false
231
- },
232
- required: ["sessionId", "ParsedAuthenticationRequestURI"],
233
- description: "Arguments needed for {@link DidAuthSiopOpAuthenticator.verifySiopAuthenticationRequestURI } "
230
+ additionalProperties: true
231
+ }
234
232
  },
235
- VerifiedAuthorizationRequest: {
233
+ additionalProperties: false
234
+ },
235
+ required: ["sessionId", "ParsedAuthenticationRequestURI"],
236
+ description: "Arguments needed for {@link DidAuthSiopOpAuthenticator.verifySiopAuthenticationRequestURI } "
237
+ },
238
+ VerifiedAuthorizationRequest: {
239
+ type: "object",
240
+ properties: {
241
+ payload: {
236
242
  type: "object",
237
243
  properties: {
238
- payload: {
239
- type: "object",
240
- properties: {
241
- additionalProperties: true
242
- }
243
- },
244
- presentationDefinitions: {
245
- type: "object",
246
- properties: {
247
- additionalProperties: true
248
- }
249
- },
250
- verifyOpts: {
251
- type: "object",
252
- properties: {
253
- additionalProperties: true
254
- }
255
- },
256
- additionalProperties: false
257
- },
258
- required: ["payload", "verifyOpts"],
259
- description: "Result of {@link DidAuthSiopOpAuthenticator.verifySiopAuthenticationRequestURI } "
244
+ additionalProperties: true
245
+ }
260
246
  },
261
- ISendSiopAuthenticationResponseArgs: {
247
+ presentationDefinitions: {
262
248
  type: "object",
263
249
  properties: {
264
- sessionId: {
265
- type: "string"
266
- },
267
- verifiedAuthenticationRequest: {
268
- type: "object",
269
- properties: {
270
- additionalProperties: true
271
- }
272
- },
273
- verifiablePresentationResponse: {
274
- type: "object",
275
- properties: {
276
- additionalProperties: true
277
- }
278
- },
279
- additionalProperties: false
280
- },
281
- required: ["sessionId", "verifiedAuthenticationRequest"],
282
- description: "Arguments needed for {@link DidAuthSiopOpAuthenticator.sendSiopAuthenticationResponse } "
283
- }
284
- },
285
- methods: {
286
- getSessionForSiop: {
287
- description: "Get SIOP session",
288
- arguments: {
289
- $ref: "#/components/schemas/IGetSiopSessionArgs"
290
- },
291
- returnType: "object"
292
- },
293
- registerSessionForSiop: {
294
- description: "Register SIOP session",
295
- arguments: {
296
- $ref: "#/components/schemas/IRegisterSiopSessionArgs"
297
- },
298
- returnType: "object"
299
- },
300
- removeSessionForSiop: {
301
- description: "Remove SIOP session",
302
- arguments: {
303
- $ref: "#/components/schemas/IRemoveSiopSessionArgs"
304
- },
305
- returnType: "boolean"
306
- },
307
- authenticateWithSiop: {
308
- description: "Authenticate using DID Auth SIOP",
309
- arguments: {
310
- $ref: "#/components/schemas/IAuthenticateWithSiopArgs"
311
- },
312
- returnType: {
313
- $ref: "#/components/schemas/Response"
250
+ additionalProperties: true
314
251
  }
315
252
  },
316
- getSiopAuthenticationRequestFromRP: {
317
- description: "Get authentication request from RP",
318
- arguments: {
319
- $ref: "#/components/schemas/IGetSiopAuthenticationRequestFromRpArgs"
320
- },
321
- returnType: {
322
- $ref: "#/components/schemas/ParsedAuthenticationRequestURI"
253
+ verifyOpts: {
254
+ type: "object",
255
+ properties: {
256
+ additionalProperties: true
323
257
  }
324
258
  },
325
- getSiopAuthenticationRequestDetails: {
326
- description: "Get authentication request details",
327
- arguments: {
328
- $ref: "#/components/schemas/IGetSiopAuthenticationRequestDetailsArgs"
329
- },
330
- returnType: {
331
- $ref: "#/components/schemas/IAuthRequestDetails"
332
- }
259
+ additionalProperties: false
260
+ },
261
+ required: ["payload", "verifyOpts"],
262
+ description: "Result of {@link DidAuthSiopOpAuthenticator.verifySiopAuthenticationRequestURI } "
263
+ },
264
+ ISendSiopAuthenticationResponseArgs: {
265
+ type: "object",
266
+ properties: {
267
+ sessionId: {
268
+ type: "string"
333
269
  },
334
- verifySiopAuthenticationRequestURI: {
335
- description: "Verify authentication request URI",
336
- arguments: {
337
- $ref: "#/components/schemas/IVerifySiopAuthenticationRequestUriArgs"
338
- },
339
- returnType: {
340
- $ref: "#/components/schemas/VerifiedAuthorizationRequest"
270
+ verifiedAuthenticationRequest: {
271
+ type: "object",
272
+ properties: {
273
+ additionalProperties: true
341
274
  }
342
275
  },
343
- sendSiopAuthenticationResponse: {
344
- description: "Send authentication response",
345
- arguments: {
346
- $ref: "#/components/schemas/ISendSiopAuthenticationResponseArgs"
347
- },
348
- returnType: {
349
- $ref: "#/components/schemas/IRequiredContext"
276
+ verifiablePresentationResponse: {
277
+ type: "object",
278
+ properties: {
279
+ additionalProperties: true
350
280
  }
351
- }
281
+ },
282
+ additionalProperties: false
283
+ },
284
+ required: ["sessionId", "verifiedAuthenticationRequest"],
285
+ description: "Arguments needed for {@link DidAuthSiopOpAuthenticator.sendSiopAuthenticationResponse } "
286
+ }
287
+ },
288
+ methods: {
289
+ getSessionForSiop: {
290
+ description: "Get SIOP session",
291
+ arguments: {
292
+ $ref: "#/components/schemas/IGetSiopSessionArgs"
293
+ },
294
+ returnType: "object"
295
+ },
296
+ registerSessionForSiop: {
297
+ description: "Register SIOP session",
298
+ arguments: {
299
+ $ref: "#/components/schemas/IRegisterSiopSessionArgs"
300
+ },
301
+ returnType: "object"
302
+ },
303
+ removeSessionForSiop: {
304
+ description: "Remove SIOP session",
305
+ arguments: {
306
+ $ref: "#/components/schemas/IRemoveSiopSessionArgs"
307
+ },
308
+ returnType: "boolean"
309
+ },
310
+ authenticateWithSiop: {
311
+ description: "Authenticate using DID Auth SIOP",
312
+ arguments: {
313
+ $ref: "#/components/schemas/IAuthenticateWithSiopArgs"
314
+ },
315
+ returnType: {
316
+ $ref: "#/components/schemas/Response"
317
+ }
318
+ },
319
+ getSiopAuthenticationRequestFromRP: {
320
+ description: "Get authentication request from RP",
321
+ arguments: {
322
+ $ref: "#/components/schemas/IGetSiopAuthenticationRequestFromRpArgs"
323
+ },
324
+ returnType: {
325
+ $ref: "#/components/schemas/ParsedAuthenticationRequestURI"
326
+ }
327
+ },
328
+ getSiopAuthenticationRequestDetails: {
329
+ description: "Get authentication request details",
330
+ arguments: {
331
+ $ref: "#/components/schemas/IGetSiopAuthenticationRequestDetailsArgs"
332
+ },
333
+ returnType: {
334
+ $ref: "#/components/schemas/IAuthRequestDetails"
335
+ }
336
+ },
337
+ verifySiopAuthenticationRequestURI: {
338
+ description: "Verify authentication request URI",
339
+ arguments: {
340
+ $ref: "#/components/schemas/IVerifySiopAuthenticationRequestUriArgs"
341
+ },
342
+ returnType: {
343
+ $ref: "#/components/schemas/VerifiedAuthorizationRequest"
344
+ }
345
+ },
346
+ sendSiopAuthenticationResponse: {
347
+ description: "Send authentication response",
348
+ arguments: {
349
+ $ref: "#/components/schemas/ISendSiopAuthenticationResponseArgs"
350
+ },
351
+ returnType: {
352
+ $ref: "#/components/schemas/IRequiredContext"
352
353
  }
353
354
  }
354
355
  }
355
- };
356
+ }
356
357
  }
357
- });
358
-
359
- // src/index.ts
360
- var index_exports = {};
361
- __export(index_exports, {
362
- SIOPv2RP: () => SIOPv2RP,
363
- VerifiedDataMode: () => VerifiedDataMode,
364
- schema: () => schema
365
- });
366
- module.exports = __toCommonJS(index_exports);
358
+ };
367
359
 
368
360
  // src/agent/SIOPv2RP.ts
369
361
  var import_did_auth_siop2 = require("@sphereon/did-auth-siop");
370
362
  var import_ssi_sdk_ext4 = require("@sphereon/ssi-sdk-ext.did-utils");
363
+ var import_ssi_sdk2 = require("@sphereon/ssi-sdk.core");
364
+ var import_uuid3 = require("uuid");
371
365
  var import_ssi_types2 = require("@sphereon/ssi-types");
366
+ var import_dcql = require("dcql");
372
367
 
373
368
  // src/functions.ts
374
369
  var import_did_auth_siop = require("@sphereon/did-auth-siop");
@@ -377,12 +372,13 @@ var import_ssi_sdk_ext = require("@sphereon/ssi-sdk-ext.did-utils");
377
372
  var import_ssi_sdk_ext2 = require("@sphereon/ssi-sdk-ext.identifier-resolution");
378
373
  var import_ssi_types = require("@sphereon/ssi-types");
379
374
  var import_events = require("events");
375
+ var import_uuid = require("uuid");
380
376
  var import_ssi_sdk = require("@sphereon/ssi-sdk.core");
381
377
  function getRequestVersion(rpOptions) {
382
378
  if (Array.isArray(rpOptions.supportedVersions) && rpOptions.supportedVersions.length > 0) {
383
379
  return rpOptions.supportedVersions[0];
384
380
  }
385
- return import_did_auth_siop.SupportedVersion.JWT_VC_PRESENTATION_PROFILE_v1;
381
+ return import_did_auth_siop.SupportedVersion.OID4VP_v1;
386
382
  }
387
383
  __name(getRequestVersion, "getRequestVersion");
388
384
  function getWellKnownDIDVerifyCallback(siopIdentifierOpts, context) {
@@ -397,12 +393,40 @@ function getWellKnownDIDVerifyCallback(siopIdentifierOpts, context) {
397
393
  };
398
394
  }
399
395
  __name(getWellKnownDIDVerifyCallback, "getWellKnownDIDVerifyCallback");
396
+ function getDcqlQueryLookupCallback(context) {
397
+ async function dcqlQueryLookup(queryId, version, tenantId) {
398
+ const result = await context.agent.pdmGetDefinitions({
399
+ filter: [
400
+ {
401
+ queryId,
402
+ ...tenantId && {
403
+ tenantId
404
+ },
405
+ ...version && {
406
+ version
407
+ }
408
+ },
409
+ ...(0, import_uuid.validate)(queryId) ? [
410
+ {
411
+ id: queryId
412
+ }
413
+ ] : []
414
+ ]
415
+ });
416
+ if (result && result.length > 0) {
417
+ return result[0].query;
418
+ }
419
+ return Promise.reject(Error(`No dcql query found for queryId ${queryId}`));
420
+ }
421
+ __name(dcqlQueryLookup, "dcqlQueryLookup");
422
+ return dcqlQueryLookup;
423
+ }
424
+ __name(getDcqlQueryLookupCallback, "getDcqlQueryLookupCallback");
400
425
  function getPresentationVerificationCallback(idOpts, context) {
401
426
  async function presentationVerificationCallback(args, presentationSubmission) {
402
427
  if (import_ssi_types.CredentialMapper.isSdJwtEncoded(args)) {
403
428
  const result2 = await context.agent.verifySdJwtPresentation({
404
- presentation: args,
405
- kb: true
429
+ presentation: args
406
430
  });
407
431
  return {
408
432
  verified: !!result2.payload
@@ -437,28 +461,8 @@ function getPresentationVerificationCallback(idOpts, context) {
437
461
  }
438
462
  __name(getPresentationVerificationCallback, "getPresentationVerificationCallback");
439
463
  async function createRPBuilder(args) {
440
- const { rpOpts, pexOpts, context } = args;
464
+ const { rpOpts, context } = args;
441
465
  const { identifierOpts } = rpOpts;
442
- let definition = args.definition;
443
- let dcqlQuery = args.dcql;
444
- if (!definition && pexOpts && pexOpts.definitionId) {
445
- const presentationDefinitionItems = await context.agent.pdmGetDefinitions({
446
- filter: [
447
- {
448
- definitionId: pexOpts.definitionId,
449
- version: pexOpts.version,
450
- tenantId: pexOpts.tenantId
451
- }
452
- ]
453
- });
454
- if (presentationDefinitionItems.length > 0) {
455
- const presentationDefinitionItem = presentationDefinitionItems[0];
456
- definition = presentationDefinitionItem.definitionPayload;
457
- if (!dcqlQuery && presentationDefinitionItem.dcqlPayload) {
458
- dcqlQuery = presentationDefinitionItem.dcqlPayload;
459
- }
460
- }
461
- }
462
466
  const didMethods = identifierOpts.supportedDIDMethods ?? await (0, import_ssi_sdk_ext.getAgentDIDMethods)(context);
463
467
  const eventEmitter = rpOpts.eventEmitter ?? new import_events.EventEmitter();
464
468
  const defaultClientMetadata = {
@@ -513,34 +517,27 @@ async function createRPBuilder(args) {
513
517
  const builder = import_did_auth_siop.RP.builder({
514
518
  requestVersion: getRequestVersion(rpOpts)
515
519
  }).withScope("openid", import_did_auth_siop.PropertyTarget.REQUEST_OBJECT).withResponseMode(rpOpts.responseMode ?? import_did_auth_siop.ResponseMode.POST).withResponseType(import_did_auth_siop.ResponseType.VP_TOKEN, import_did_auth_siop.PropertyTarget.REQUEST_OBJECT).withSupportedVersions(rpOpts.supportedVersions ?? [
516
- import_did_auth_siop.SupportedVersion.JWT_VC_PRESENTATION_PROFILE_v1,
517
- import_did_auth_siop.SupportedVersion.SIOPv2_ID1,
518
- import_did_auth_siop.SupportedVersion.SIOPv2_D11
520
+ import_did_auth_siop.SupportedVersion.OID4VP_v1,
521
+ import_did_auth_siop.SupportedVersion.SIOPv2_OID4VP_D28
519
522
  ]).withEventEmitter(eventEmitter).withSessionManager(rpOpts.sessionManager ?? new import_did_auth_siop.InMemoryRPSessionManager(eventEmitter)).withClientMetadata(rpOpts.clientMetadataOpts ?? defaultClientMetadata, import_did_auth_siop.PropertyTarget.REQUEST_OBJECT).withVerifyJwtCallback(rpOpts.verifyJwtCallback ? rpOpts.verifyJwtCallback : getVerifyJwtCallback({
520
523
  resolver,
521
524
  verifyOpts: {
522
525
  wellknownDIDVerifyCallback: getWellKnownDIDVerifyCallback(rpOpts.identifierOpts, context),
523
526
  checkLinkedDomain: "if_present"
524
527
  }
525
- }, context)).withRevocationVerification(import_did_auth_siop.RevocationVerification.NEVER).withPresentationVerification(getPresentationVerificationCallback(identifierOpts.idOpts, context));
528
+ }, context)).withDcqlQueryLookup(getDcqlQueryLookupCallback(context)).withRevocationVerification(import_did_auth_siop.RevocationVerification.NEVER).withPresentationVerification(getPresentationVerificationCallback(identifierOpts.idOpts, context));
526
529
  const oidfOpts = identifierOpts.oidfOpts;
527
530
  if (oidfOpts && (0, import_ssi_sdk_ext2.isExternalIdentifierOIDFEntityIdOpts)(oidfOpts)) {
528
- builder.withEntityId(oidfOpts.identifier, import_did_auth_siop.PropertyTarget.REQUEST_OBJECT).withClientIdScheme("entity_id", import_did_auth_siop.PropertyTarget.REQUEST_OBJECT);
531
+ builder.withEntityId(oidfOpts.identifier, import_did_auth_siop.PropertyTarget.REQUEST_OBJECT);
529
532
  } else {
530
533
  const resolution = await context.agent.identifierManagedGet(identifierOpts.idOpts);
531
- builder.withClientId(resolution.issuer ?? ((0, import_ssi_sdk_ext2.isManagedIdentifierDidResult)(resolution) ? resolution.did : resolution.jwkThumbprint), import_did_auth_siop.PropertyTarget.REQUEST_OBJECT).withClientIdScheme(resolution.clientIdScheme ?? identifierOpts.idOpts.clientIdScheme, import_did_auth_siop.PropertyTarget.REQUEST_OBJECT);
534
+ const clientId = rpOpts.clientMetadataOpts?.client_id ?? resolution.issuer ?? ((0, import_ssi_sdk_ext2.isManagedIdentifierDidResult)(resolution) ? resolution.did : resolution.jwkThumbprint);
535
+ const clientIdPrefixed = prefixClientId(clientId);
536
+ builder.withClientId(clientIdPrefixed, import_did_auth_siop.PropertyTarget.REQUEST_OBJECT);
532
537
  }
533
538
  if (hasher) {
534
539
  builder.withHasher(hasher);
535
540
  }
536
- if (definition) {
537
- builder.withPresentationDefinition({
538
- definition
539
- }, import_did_auth_siop.PropertyTarget.REQUEST_OBJECT);
540
- }
541
- if (dcqlQuery) {
542
- builder.withDcqlQuery(dcqlQuery);
543
- }
544
541
  if (rpOpts.responseRedirectUri) {
545
542
  builder.withResponseRedirectUri(rpOpts.responseRedirectUri);
546
543
  }
@@ -597,26 +594,32 @@ function getSigningAlgo(type) {
597
594
  }
598
595
  }
599
596
  __name(getSigningAlgo, "getSigningAlgo");
597
+ function prefixClientId(clientId) {
598
+ if (clientId.startsWith("did:")) {
599
+ return `${import_did_auth_siop.ClientIdentifierPrefix.DECENTRALIZED_IDENTIFIER}:${clientId}`;
600
+ }
601
+ return clientId;
602
+ }
603
+ __name(prefixClientId, "prefixClientId");
600
604
 
601
605
  // src/RPInstance.ts
602
- var import_uuid = require("uuid");
606
+ var import_uuid2 = require("uuid");
603
607
  var import_ssi_sdk_ext3 = require("@sphereon/ssi-sdk-ext.identifier-resolution");
604
608
  var RPInstance = class {
605
609
  static {
606
610
  __name(this, "RPInstance");
607
611
  }
608
612
  _rp;
609
- _pexOptions;
613
+ _presentationOptions;
610
614
  _rpOptions;
611
615
  constructor({ rpOpts, pexOpts }) {
612
616
  this._rpOptions = rpOpts;
613
- this._pexOptions = pexOpts;
617
+ this._presentationOptions = pexOpts;
614
618
  }
615
619
  async get(context) {
616
620
  if (!this._rp) {
617
621
  const builder = await createRPBuilder({
618
622
  rpOpts: this._rpOptions,
619
- pexOpts: this._pexOptions,
620
623
  context
621
624
  });
622
625
  this._rp = builder.build();
@@ -626,24 +629,12 @@ var RPInstance = class {
626
629
  get rpOptions() {
627
630
  return this._rpOptions;
628
631
  }
629
- get pexOptions() {
630
- return this._pexOptions;
631
- }
632
- hasDefinition() {
633
- return this.definitionId !== void 0;
634
- }
635
- get definitionId() {
636
- return this.pexOptions?.definitionId;
637
- }
638
- async getPresentationDefinition(context) {
639
- return this.definitionId ? await context.agent.pexStoreGetDefinition({
640
- definitionId: this.definitionId,
641
- tenantId: this.pexOptions?.tenantId
642
- }) : void 0;
632
+ get presentationOptions() {
633
+ return this._presentationOptions;
643
634
  }
644
635
  async createAuthorizationRequestURI(createArgs, context) {
645
- const { correlationId, claims, requestByReferenceURI, responseURI, responseURIType } = createArgs;
646
- const nonce = createArgs.nonce ?? (0, import_uuid.v4)();
636
+ const { correlationId, queryId, claims, requestByReferenceURI, responseURI, responseURIType, callback, responseRedirectURI } = createArgs;
637
+ const nonce = createArgs.nonce ?? (0, import_uuid2.v4)();
647
638
  const state = createArgs.state ?? correlationId;
648
639
  let jwtIssuer;
649
640
  const idOpts = this.rpOptions.identifierOpts.idOpts;
@@ -670,18 +661,21 @@ var RPInstance = class {
670
661
  return await this.get(context).then((rp) => rp.createAuthorizationRequestURI({
671
662
  version: getRequestVersion(this.rpOptions),
672
663
  correlationId,
664
+ queryId,
673
665
  nonce,
674
666
  state,
675
667
  claims,
676
668
  requestByReferenceURI,
677
669
  responseURI,
678
670
  responseURIType,
679
- jwtIssuer
671
+ jwtIssuer,
672
+ callback,
673
+ responseRedirectURI
680
674
  }));
681
675
  }
682
676
  async createAuthorizationRequest(createArgs, context) {
683
- const { correlationId, claims, requestByReferenceURI, responseURI, responseURIType } = createArgs;
684
- const nonce = createArgs.nonce ?? (0, import_uuid.v4)();
677
+ const { correlationId, claims, requestByReferenceURI, responseURI, responseURIType, responseRedirectURI } = createArgs;
678
+ const nonce = createArgs.nonce ?? (0, import_uuid2.v4)();
685
679
  const state = createArgs.state ?? correlationId;
686
680
  const idOpts = this.rpOptions.identifierOpts.idOpts;
687
681
  const resolution = await (0, import_ssi_sdk_ext3.ensureManagedIdentifierResult)(idOpts, context);
@@ -711,13 +705,13 @@ var RPInstance = class {
711
705
  requestByReferenceURI,
712
706
  responseURIType,
713
707
  responseURI,
714
- jwtIssuer
708
+ jwtIssuer,
709
+ responseRedirectURI
715
710
  }));
716
711
  }
717
712
  };
718
713
 
719
714
  // src/agent/SIOPv2RP.ts
720
- var import_ssi_sdk2 = require("@sphereon/ssi-sdk.core");
721
715
  var SIOPv2RP = class _SIOPv2RP {
722
716
  static {
723
717
  __name(this, "SIOPv2RP");
@@ -725,7 +719,7 @@ var SIOPv2RP = class _SIOPv2RP {
725
719
  opts;
726
720
  static _DEFAULT_OPTS_KEY = "_default";
727
721
  instances = /* @__PURE__ */ new Map();
728
- schema = schema.IDidAuthSiopOpAuthenticator;
722
+ schema = plugin_schema_default.IDidAuthSiopOpAuthenticator;
729
723
  methods = {
730
724
  siopCreateAuthRequestURI: this.createAuthorizationRequestURI.bind(this),
731
725
  siopCreateAuthRequestPayloads: this.createAuthorizationRequestPayloads.bind(this),
@@ -755,53 +749,72 @@ var SIOPv2RP = class _SIOPv2RP {
755
749
  }
756
750
  async createAuthorizationRequestURI(createArgs, context) {
757
751
  return await this.getRPInstance({
758
- definitionId: createArgs.definitionId,
759
- responseRedirectURI: createArgs.responseRedirectURI
752
+ createWhenNotPresent: true,
753
+ responseRedirectURI: createArgs.responseRedirectURI,
754
+ ...createArgs.useQueryIdInstance === true && {
755
+ queryId: createArgs.queryId
756
+ }
760
757
  }, context).then((rp) => rp.createAuthorizationRequestURI(createArgs, context)).then((URI) => URI.encodedUri);
761
758
  }
762
759
  async createAuthorizationRequestPayloads(createArgs, context) {
763
760
  return await this.getRPInstance({
764
- definitionId: createArgs.definitionId
761
+ createWhenNotPresent: true,
762
+ queryId: createArgs.queryId
765
763
  }, context).then((rp) => rp.createAuthorizationRequest(createArgs, context)).then(async (request) => {
766
764
  const authRequest = {
767
765
  authorizationRequest: request.payload,
768
766
  requestObject: await request.requestObjectJwt(),
769
- requestObjectDecoded: await request.requestObject?.getPayload()
767
+ requestObjectDecoded: request.requestObject?.getPayload()
770
768
  };
771
769
  return authRequest;
772
770
  });
773
771
  }
774
772
  async siopGetRequestState(args, context) {
775
773
  return await this.getRPInstance({
776
- definitionId: args.definitionId
774
+ createWhenNotPresent: false,
775
+ queryId: args.queryId
777
776
  }, context).then((rp) => rp.get(context).then((rp2) => rp2.sessionManager.getRequestStateByCorrelationId(args.correlationId, args.errorOnNotFound)));
778
777
  }
779
778
  async siopGetResponseState(args, context) {
780
779
  const rpInstance = await this.getRPInstance({
781
- definitionId: args.definitionId
780
+ createWhenNotPresent: false,
781
+ queryId: args.queryId
782
782
  }, context);
783
783
  const authorizationResponseState = await rpInstance.get(context).then((rp) => rp.sessionManager.getResponseStateByCorrelationId(args.correlationId, args.errorOnNotFound));
784
784
  if (authorizationResponseState === void 0) {
785
785
  return void 0;
786
786
  }
787
787
  const responseState = authorizationResponseState;
788
- if (responseState.status === import_did_auth_siop2.AuthorizationResponseStateStatus.VERIFIED && args.includeVerifiedData && args.includeVerifiedData !== VerifiedDataMode.NONE) {
788
+ if (responseState.status === import_did_auth_siop2.AuthorizationResponseStateStatus.VERIFIED) {
789
789
  let hasher;
790
790
  if (import_ssi_types2.CredentialMapper.isSdJwtEncoded(responseState.response.payload.vp_token) && (!rpInstance.rpOptions.credentialOpts?.hasher || typeof rpInstance.rpOptions.credentialOpts?.hasher !== "function")) {
791
791
  hasher = import_ssi_sdk2.shaHasher;
792
792
  }
793
- const presentationDecoded = import_ssi_types2.CredentialMapper.decodeVerifiablePresentation(
794
- responseState.response.payload.vp_token,
795
- //todo: later we want to conditionally pass in options for mdl-mdoc here
796
- hasher
797
- );
798
- switch (args.includeVerifiedData) {
799
- case VerifiedDataMode.VERIFIED_PRESENTATION:
800
- responseState.response.payload.verifiedData = this.presentationOrClaimsFrom(presentationDecoded);
801
- break;
802
- case VerifiedDataMode.CREDENTIAL_SUBJECT_FLATTENED:
803
- const allClaims = {};
804
- for (const credential of this.presentationOrClaimsFrom(presentationDecoded).verifiableCredential || []) {
793
+ const vpToken = responseState.response.payload.vp_token && JSON.parse(responseState.response.payload.vp_token);
794
+ const claims = [];
795
+ for (const [credentialQueryId, presentationValue] of Object.entries(vpToken)) {
796
+ let singleVP;
797
+ if (Array.isArray(presentationValue)) {
798
+ if (presentationValue.length === 0) {
799
+ throw Error(`DCQL query '${credentialQueryId}' has empty array of presentations`);
800
+ }
801
+ if (presentationValue.length > 1) {
802
+ throw Error(`DCQL query '${credentialQueryId}' has multiple presentations (${presentationValue.length}), but only one is supported atm`);
803
+ }
804
+ singleVP = presentationValue[0];
805
+ } else {
806
+ singleVP = presentationValue;
807
+ }
808
+ const presentationDecoded = import_ssi_types2.CredentialMapper.decodeVerifiablePresentation(
809
+ singleVP,
810
+ //todo: later we want to conditionally pass in options for mdl-mdoc here
811
+ hasher
812
+ );
813
+ console.log(`presentationDecoded: ${JSON.stringify(presentationDecoded)}`);
814
+ const allClaims = {};
815
+ const presentationOrClaims = this.presentationOrClaimsFrom(presentationDecoded);
816
+ if ("verifiableCredential" in presentationOrClaims) {
817
+ for (const credential of presentationOrClaims.verifiableCredential) {
805
818
  const vc = credential;
806
819
  const schemaValidationResult = await context.agent.cvVerifySchema({
807
820
  credential,
@@ -822,20 +835,43 @@ var SIOPv2RP = class _SIOPv2RP {
822
835
  allClaims[key] = value;
823
836
  }
824
837
  });
838
+ claims.push({
839
+ id: credentialQueryId,
840
+ type: vc.type[0],
841
+ claims: allClaims
842
+ });
825
843
  }
826
- responseState.verifiedData = allClaims;
827
- break;
844
+ } else {
845
+ claims.push({
846
+ id: credentialQueryId,
847
+ type: presentationDecoded.decodedPayload.vct,
848
+ claims: presentationOrClaims
849
+ });
850
+ }
828
851
  }
852
+ responseState.verifiedData = {
853
+ ...responseState.response.payload.vp_token && {
854
+ authorization_response: {
855
+ vp_token: typeof responseState.response.payload.vp_token === "string" ? JSON.parse(responseState.response.payload.vp_token) : responseState.response.payload.vp_token
856
+ }
857
+ },
858
+ ...claims.length > 0 && {
859
+ credential_claims: claims
860
+ }
861
+ };
829
862
  }
830
863
  return responseState;
831
864
  }
832
- presentationOrClaimsFrom = /* @__PURE__ */ __name((presentationDecoded) => import_ssi_types2.CredentialMapper.isSdJwtDecodedCredential(presentationDecoded) ? presentationDecoded.decodedPayload : import_ssi_types2.CredentialMapper.toUniformPresentation(presentationDecoded), "presentationOrClaimsFrom");
865
+ presentationOrClaimsFrom = /* @__PURE__ */ __name((presentationDecoded) => {
866
+ return import_ssi_types2.CredentialMapper.isSdJwtDecodedCredential(presentationDecoded) ? presentationDecoded.decodedPayload : import_ssi_types2.CredentialMapper.toUniformPresentation(presentationDecoded);
867
+ }, "presentationOrClaimsFrom");
833
868
  async siopUpdateRequestState(args, context) {
834
- if (args.state !== "sent") {
835
- throw Error(`Only 'sent' status is supported for this method at this point`);
869
+ if (args.state !== "authorization_request_created") {
870
+ throw Error(`Only 'authorization_request_created' status is supported for this method at this point`);
836
871
  }
837
872
  return await this.getRPInstance({
838
- definitionId: args.definitionId
873
+ createWhenNotPresent: false,
874
+ queryId: args.queryId
839
875
  }, context).then((rp) => rp.get(context).then(async (rp2) => {
840
876
  await rp2.signalAuthRequestRetrieved({
841
877
  correlationId: args.correlationId,
@@ -846,7 +882,8 @@ var SIOPv2RP = class _SIOPv2RP {
846
882
  }
847
883
  async siopDeleteState(args, context) {
848
884
  return await this.getRPInstance({
849
- definitionId: args.definitionId
885
+ createWhenNotPresent: false,
886
+ queryId: args.queryId
850
887
  }, context).then((rp) => rp.get(context).then((rp2) => rp2.sessionManager.deleteStateForCorrelationId(args.correlationId))).then(() => true);
851
888
  }
852
889
  async siopVerifyAuthResponse(args, context) {
@@ -855,32 +892,27 @@ var SIOPv2RP = class _SIOPv2RP {
855
892
  }
856
893
  const authResponse = typeof args.authorizationResponse === "string" ? (0, import_did_auth_siop2.decodeUriAsJson)(args.authorizationResponse) : args.authorizationResponse;
857
894
  return await this.getRPInstance({
858
- definitionId: args.definitionId
895
+ createWhenNotPresent: false,
896
+ queryId: args.queryId
859
897
  }, context).then((rp) => rp.get(context).then((rp2) => rp2.verifyAuthorizationResponse(authResponse, {
860
898
  correlationId: args.correlationId,
861
- ...args.presentationDefinitions && !args.dcqlQuery ? {
862
- presentationDefinitions: args.presentationDefinitions
863
- } : {},
864
- ...args.dcqlQuery ? {
899
+ ...args.dcqlQuery && {
865
900
  dcqlQuery: args.dcqlQuery
866
- } : {},
901
+ },
867
902
  audience: args.audience
868
903
  })));
869
904
  }
870
905
  async siopImportDefinitions(args, context) {
871
- const { definitions, tenantId, version, versionControlMode } = args;
872
- await Promise.all(definitions.map(async (definitionPair) => {
873
- const definitionPayload = definitionPair.definitionPayload;
874
- await context.agent.pexValidateDefinition({
875
- definition: definitionPayload
876
- });
877
- console.log(`persisting definition ${definitionPayload.id} / ${definitionPayload.name} with versionControlMode ${versionControlMode}`);
906
+ const { importItems, tenantId, version, versionControlMode } = args;
907
+ await Promise.all(importItems.map(async (importItem) => {
908
+ import_dcql.DcqlQuery.validate(importItem.query);
909
+ console.log(`persisting DCQL definition ${importItem.queryId} with versionControlMode ${versionControlMode}`);
878
910
  return context.agent.pdmPersistDefinition({
879
911
  definitionItem: {
912
+ queryId: importItem.queryId,
880
913
  tenantId,
881
914
  version,
882
- definitionPayload,
883
- dcqlPayload: definitionPair.dcqlPayload
915
+ query: importItem.query
884
916
  },
885
917
  opts: {
886
918
  versionControlMode
@@ -889,12 +921,12 @@ var SIOPv2RP = class _SIOPv2RP {
889
921
  }));
890
922
  }
891
923
  async siopGetRedirectURI(args, context) {
892
- const instanceId = args.definitionId ?? _SIOPv2RP._DEFAULT_OPTS_KEY;
924
+ const instanceId = args.queryId ?? _SIOPv2RP._DEFAULT_OPTS_KEY;
893
925
  if (this.instances.has(instanceId)) {
894
926
  const rpInstance = this.instances.get(instanceId);
895
927
  if (rpInstance !== void 0) {
896
928
  const rp = await rpInstance.get(context);
897
- return rp.getResponseRedirectUri({
929
+ return await rp.getResponseRedirectUri({
898
930
  correlation_id: args.correlationId,
899
931
  correlationId: args.correlationId,
900
932
  ...args.state && {
@@ -905,12 +937,40 @@ var SIOPv2RP = class _SIOPv2RP {
905
937
  }
906
938
  return void 0;
907
939
  }
908
- async getRPInstance({ definitionId, responseRedirectURI }, context) {
909
- const instanceId = definitionId ?? _SIOPv2RP._DEFAULT_OPTS_KEY;
910
- if (!this.instances.has(instanceId)) {
911
- const instanceOpts = this.getInstanceOpts(definitionId);
940
+ async getRPInstance({ createWhenNotPresent, queryId, responseRedirectURI }, context) {
941
+ let rpInstanceId = _SIOPv2RP._DEFAULT_OPTS_KEY;
942
+ let rpInstance;
943
+ if (queryId) {
944
+ if (this.instances.has(queryId)) {
945
+ rpInstanceId = queryId;
946
+ rpInstance = this.instances.get(rpInstanceId);
947
+ } else if ((0, import_uuid3.validate)(queryId)) {
948
+ try {
949
+ const pd = await context.agent.pdmGetDefinition({
950
+ itemId: queryId
951
+ });
952
+ if (this.instances.has(pd.queryId)) {
953
+ rpInstanceId = pd.queryId;
954
+ rpInstance = this.instances.get(rpInstanceId);
955
+ }
956
+ } catch (ignore) {
957
+ }
958
+ }
959
+ if (createWhenNotPresent) {
960
+ rpInstanceId = queryId;
961
+ } else {
962
+ rpInstance = this.instances.get(rpInstanceId);
963
+ }
964
+ } else {
965
+ rpInstance = this.instances.get(rpInstanceId);
966
+ }
967
+ if (!rpInstance) {
968
+ if (!createWhenNotPresent) {
969
+ return Promise.reject(`No RP instance found for key ${rpInstanceId}`);
970
+ }
971
+ const instanceOpts = this.getInstanceOpts(queryId);
912
972
  const rpOpts = await this.getRPOptions(context, {
913
- definitionId,
973
+ queryId,
914
974
  responseRedirectURI
915
975
  });
916
976
  if (!rpOpts.identifierOpts.resolveOpts?.resolver || typeof rpOpts.identifierOpts.resolveOpts.resolver.resolve !== "function") {
@@ -922,29 +982,29 @@ var SIOPv2RP = class _SIOPv2RP {
922
982
  ...rpOpts.identifierOpts.resolveOpts
923
983
  };
924
984
  }
925
- console.log("Using agent DID resolver for RP instance with definition id " + definitionId);
985
+ console.log("Using agent DID resolver for RP instance with definition id " + queryId);
926
986
  rpOpts.identifierOpts.resolveOpts.resolver = (0, import_ssi_sdk_ext4.getAgentResolver)(context, {
927
987
  uniresolverResolution: true,
928
988
  localResolution: true,
929
989
  resolverResolution: true
930
990
  });
931
991
  }
932
- this.instances.set(instanceId, new RPInstance({
992
+ rpInstance = new RPInstance({
933
993
  rpOpts,
934
994
  pexOpts: instanceOpts
935
- }));
995
+ });
996
+ this.instances.set(rpInstanceId, rpInstance);
936
997
  }
937
- const rpInstance = this.instances.get(instanceId);
938
998
  if (responseRedirectURI) {
939
999
  rpInstance.rpOptions.responseRedirectUri = responseRedirectURI;
940
1000
  }
941
1001
  return rpInstance;
942
1002
  }
943
1003
  async getRPOptions(context, opts) {
944
- const { definitionId, responseRedirectURI } = opts;
945
- const options = this.getInstanceOpts(definitionId)?.rpOpts ?? this.opts.defaultOpts;
1004
+ const { queryId, responseRedirectURI } = opts;
1005
+ const options = this.getInstanceOpts(queryId)?.rpOpts ?? this.opts.defaultOpts;
946
1006
  if (!options) {
947
- throw Error(`Could not get specific nor default options for definition ${definitionId}`);
1007
+ throw Error(`Could not get specific nor default options for definition ${queryId}`);
948
1008
  }
949
1009
  if (this.opts.defaultOpts) {
950
1010
  if (!options.identifierOpts) {
@@ -976,35 +1036,24 @@ var SIOPv2RP = class _SIOPv2RP {
976
1036
  }
977
1037
  return options;
978
1038
  }
979
- getInstanceOpts(definitionId) {
1039
+ getInstanceOpts(queryId) {
980
1040
  if (!this.opts.instanceOpts) return void 0;
981
- const instanceOpt = definitionId ? this.opts.instanceOpts.find((i) => i.definitionId === definitionId) : void 0;
982
- return instanceOpt ?? this.getDefaultOptions(definitionId);
1041
+ const instanceOpt = queryId ? this.opts.instanceOpts.find((i) => i.queryId === queryId) : void 0;
1042
+ return instanceOpt ?? this.getDefaultOptions(queryId);
983
1043
  }
984
- getDefaultOptions(definitionId) {
1044
+ getDefaultOptions(queryId) {
985
1045
  if (!this.opts.instanceOpts) return void 0;
986
- const defaultOptions = this.opts.instanceOpts.find((i) => i.definitionId === "default");
1046
+ const defaultOptions = this.opts.instanceOpts.find((i) => i.queryId === "default");
987
1047
  if (defaultOptions) {
988
1048
  const clonedOptions = {
989
1049
  ...defaultOptions
990
1050
  };
991
- if (definitionId !== void 0) {
992
- clonedOptions.definitionId = definitionId;
1051
+ if (queryId !== void 0) {
1052
+ clonedOptions.queryId = queryId;
993
1053
  }
994
1054
  return clonedOptions;
995
1055
  }
996
1056
  return void 0;
997
1057
  }
998
1058
  };
999
-
1000
- // src/types/ISIOPv2RP.ts
1001
- var VerifiedDataMode = /* @__PURE__ */ function(VerifiedDataMode2) {
1002
- VerifiedDataMode2["NONE"] = "none";
1003
- VerifiedDataMode2["VERIFIED_PRESENTATION"] = "vp";
1004
- VerifiedDataMode2["CREDENTIAL_SUBJECT_FLATTENED"] = "cs-flat";
1005
- return VerifiedDataMode2;
1006
- }({});
1007
-
1008
- // src/index.ts
1009
- var schema = require_plugin_schema();
1010
1059
  //# sourceMappingURL=index.cjs.map