@sphereon/ssi-sdk.siopv2-oid4vp-rp-rest-api 0.34.1-feature.SSISDK.45.135 → 0.34.1-feature.SSISDK.45.189

package/dist/index.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../src/siop-api-functions.ts","../src/universal-oid4vp-api-functions.ts","../src/middleware/validationMiddleware.ts","../src/schemas/index.ts","../src/siopv2-rp-api-server.ts"],"sourcesContent":["import { AuthorizationResponsePayload } from '@sphereon/did-auth-siop'\nimport { checkAuth, ISingleEndpointOpts, sendErrorResponse } from '@sphereon/ssi-express-support'\nimport { AuthorizationChallengeValidationResponse } from '@sphereon/ssi-sdk.siopv2-oid4vp-common'\nimport { CredentialMapper } from '@sphereon/ssi-types'\nimport { Request, Response, Router } from 'express'\nimport { IRequiredContext } from './types'\n\nconst parseAuthorizationResponse = (request: Request): AuthorizationResponsePayload => {\n  const contentType = request.header('content-type')\n\n  if (contentType === 'application/json') {\n    const payload = typeof request.body === 'string' ? JSON.parse(request.body) : request.body\n    return payload as AuthorizationResponsePayload\n  }\n\n  if (contentType === 'application/x-www-form-urlencoded') {\n    const payload = request.body as AuthorizationResponsePayload\n\n    // Parse presentation_submission if it's a string\n    if (typeof payload.presentation_submission === 'string') {\n      console.log(`Supplied presentation_submission was a string instead of JSON. Correcting, but external party should fix their implementation!`)\n      payload.presentation_submission = JSON.parse(payload.presentation_submission)\n    }\n\n    // when using FORM_URL_ENCODED, vp_token comes back as string not matter whether the input was string, object or array. Handled below.\n    if (typeof payload.vp_token === 'string') {\n      const { vp_token } = payload\n\n      // The only use case where vp_object is an object is JsonLdAsString atm. For arrays, any objects will be parsed along with the array\n      // (Leaving the vp_token JsonLdAsString causes problems because the original credential will remain string and will be interpreted as JWT in some parts of the code)\n      if ((vp_token.startsWith('[') && vp_token.endsWith(']')) || CredentialMapper.isJsonLdAsString(vp_token)) {\n        payload.vp_token = JSON.parse(vp_token)\n      }\n    }\n\n    return payload\n  }\n\n  throw new Error(\n    `Unsupported content type: ${contentType}. Currently only application/x-www-form-urlencoded and application/json (for direct_post) are supported`,\n  )\n}\n\nexport function verifyAuthResponseSIOPv2Endpoint(router: Router, context: IRequiredContext, opts?: ISingleEndpointOpts) {\n  if (opts?.enabled === false) {\n    console.log(`verifyAuthResponse SIOP endpoint is disabled`)\n    return\n  }\n  const path = opts?.path ?? '/siop/definitions/:definitionId/auth-responses/:correlationId'\n  router.post(path, checkAuth(opts?.endpoint), async (request: Request, response: Response) => {\n    try {\n      const { correlationId, tenantId, version, credentialQueryId } = request.params // TODO Can credentialQueryId be a request param\n      if (!correlationId || !credentialQueryId) {\n        console.log(\n          `No authorization request could be found for the given url. correlationId: ${correlationId}, credentialQueryId: ${credentialQueryId}`,\n        )\n        return sendErrorResponse(response, 404, 'No authorization request could be found')\n      }\n      console.log('Authorization Response (siop-sessions')\n      console.log(JSON.stringify(request.body, null, 2))\n      const definitionItems = await context.agent.pdmGetDefinitions({ filter: [{ definitionId: credentialQueryId, tenantId, version }] })\n      if (definitionItems.length === 0) {\n        console.log(`Could not get definition ${credentialQueryId} from agent. Will return 404`)\n        response.statusCode = 404\n        response.statusMessage = `No definition ${credentialQueryId}`\n        return response.send()\n      }\n\n      const authorizationResponse = parseAuthorizationResponse(request)\n      console.log(`URI: ${JSON.stringify(authorizationResponse)}`)\n\n      const definitionItem = definitionItems[0]\n      const verifiedResponse = await context.agent.siopVerifyAuthResponse({\n        authorizationResponse,\n        correlationId,\n        queryId: credentialQueryId,\n        dcqlQueryPayload: definitionItem.dcqlPayload,\n      })\n\n      const wrappedPresentation = verifiedResponse?.oid4vpSubmission?.presentation[credentialQueryId]\n      if (wrappedPresentation) {\n        // const credentialSubject = wrappedPresentation.presentation.verifiableCredential[0]?.credential?.credentialSubject\n        // console.log(JSON.stringify(credentialSubject, null, 2))\n        console.log('PRESENTATION:' + JSON.stringify(wrappedPresentation.presentation, null, 2))\n        response.statusCode = 200\n\n        const authorizationChallengeValidationResponse: AuthorizationChallengeValidationResponse = {\n          presentation_during_issuance_session: verifiedResponse.correlationId,\n        }\n        if (authorizationResponse.is_first_party) {\n          response.setHeader('Content-Type', 'application/json')\n          return response.send(JSON.stringify(authorizationChallengeValidationResponse))\n        }\n\n        const responseRedirectURI = await context.agent.siopGetRedirectURI({\n          correlationId,\n          queryId: credentialQueryId,\n          state: verifiedResponse.state,\n        })\n        if (responseRedirectURI) {\n          response.setHeader('Content-Type', 'application/json')\n          return response.send(JSON.stringify({ redirect_uri: responseRedirectURI }))\n        }\n        // todo: delete session\n      } else {\n        console.log('Missing Presentation (Verifiable Credentials)')\n        response.statusCode = 500\n        response.statusMessage = 'Missing Presentation (Verifiable Credentials)'\n      }\n      return response.send()\n    } catch (error) {\n      console.error(error)\n      return sendErrorResponse(response, 500, 'Could not verify auth status', error)\n    }\n  })\n}\n\nexport function getAuthRequestSIOPv2Endpoint(router: Router, context: IRequiredContext, opts?: ISingleEndpointOpts) {\n  if (opts?.enabled === false) {\n    console.log(`getAuthRequest SIOP endpoint is disabled`)\n    return\n  }\n  const path = opts?.path ?? '/siop/definitions/:definitionId/auth-requests/:correlationId'\n  router.get(path, checkAuth(opts?.endpoint), async (request: Request, response: Response) => {\n    try {\n      const correlationId = request.params.correlationId\n      const definitionId = request.params.definitionId\n      if (!correlationId || !definitionId) {\n        console.log(`No authorization request could be found for the given url. correlationId: ${correlationId}, definitionId: ${definitionId}`)\n        return sendErrorResponse(response, 404, 'No authorization request could be found')\n      }\n      const requestState = await context.agent.siopGetAuthRequestState({\n        correlationId,\n        queryId: definitionId,\n        errorOnNotFound: false,\n      })\n      if (!requestState) {\n        console.log(\n          `No authorization request could be found for the given url in the state manager. correlationId: ${correlationId}, definitionId: ${definitionId}`,\n        )\n        return sendErrorResponse(response, 404, `No authorization request could be found`)\n      }\n      const requestObject = await requestState.request?.requestObject?.toJwt()\n      console.log('JWT Request object:')\n      console.log(requestObject)\n\n      let error: string | undefined\n      try {\n        response.statusCode = 200\n        response.setHeader('Content-Type', 'application/jwt')\n        return response.send(requestObject)\n      } catch (e) {\n        error = typeof e === 'string' ? e : e instanceof Error ? e.message : undefined\n        return sendErrorResponse(response, 500, 'Could not get authorization request', e)\n      } finally {\n        await context.agent.siopUpdateAuthRequestState({\n          correlationId,\n          queryId: definitionId,\n          state: 'authorization_request_created',\n          error,\n        })\n      }\n    } catch (error) {\n      return sendErrorResponse(response, 500, 'Could not get authorization request', error)\n    }\n  })\n}\n","import { AuthorizationResponseStateStatus } from '@sphereon/did-auth-siop'\nimport { checkAuth, ISingleEndpointOpts, sendErrorResponse } from '@sphereon/ssi-express-support'\nimport { uriWithBase } from '@sphereon/ssi-sdk.siopv2-oid4vp-common'\nimport { Request, Response, Router } from 'express'\nimport uuid from 'short-uuid'\nimport { validateData } from './middleware/validationMiddleware'\nimport { CreateAuthorizationRequestBodySchema } from './schemas'\nimport {\n  CreateAuthorizationRequest,\n  CreateAuthorizationRequestResponse,\n  CreateAuthorizationResponse,\n  DeleteAuthorizationRequest,\n  GetAuthorizationRequestStatus,\n  AuthStatusResponse,\n  ICreateAuthRequestWebappEndpointOpts,\n  IRequiredContext\n} from './types'\n\nexport function createAuthRequestUniversalOID4VPEndpoint(router: Router, context: IRequiredContext, opts?: ICreateAuthRequestWebappEndpointOpts) {\n  if (opts?.enabled === false) {\n    console.log(`createAuthRequest universal OID4VP endpoint is disabled`)\n    return\n  }\n\n  const path = opts?.path ?? '/backend/auth/requests'\n  router.post(path, checkAuth(opts?.endpoint), validateData(CreateAuthorizationRequestBodySchema), async (request: CreateAuthorizationRequest, response: CreateAuthorizationResponse) => {\n    try {\n      const correlationId = request.body.correlation_id ?? uuid.uuid()\n      const qrCodeOpts = request.body.qr_code ?? opts?.qrCodeOpts\n      const queryId = request.body.query_id\n      const directPostResponseRedirectUri = request.body.direct_post_response_redirect_uri // TODO Uri not URI\n      const requestUriBase = request.body.request_uri_base\n      const callback = request.body.callback\n\n      const definitionItems = await context.agent.pdmGetDefinitions({ filter: [{ definitionId: queryId }] })\n      if (definitionItems.length === 0) {\n          console.log(`No query could be found for the given id. Query id: ${queryId}`)\n          return sendErrorResponse(response, 404, { status: 404, message: 'No query could be found' })\n      }\n\n      const requestByReferenceURI = uriWithBase(`/siop/definitions/${queryId}/auth-requests/${correlationId}`, {\n        baseURI: requestUriBase ?? opts?.siopBaseURI,\n      })\n      const responseURI = uriWithBase(`/siop/definitions/${queryId}/auth-responses/${correlationId}`, { baseURI: opts?.siopBaseURI })\n\n      const authRequestURI = await context.agent.siopCreateAuthRequestURI({\n        queryId,\n        correlationId,\n        nonce: uuid.uuid(),\n        requestByReferenceURI,\n        responseURIType: 'response_uri',\n        responseURI,\n        ...(directPostResponseRedirectUri && { responseRedirectURI: directPostResponseRedirectUri }),\n        callback\n      })\n\n      let qrCodeDataUri: string | undefined\n      if (qrCodeOpts) {\n        const { AwesomeQR } = await import('awesome-qr')\n        const qrCode = new AwesomeQR({ ...qrCodeOpts, text: authRequestURI })\n        qrCodeDataUri = `data:image/png;base64,${(await qrCode.draw())!.toString('base64')}`\n      }\n\n      const authRequestBody = {\n        query_id: queryId,\n        correlation_id: correlationId,\n        request_uri: authRequestURI,\n        status_uri: `${uriWithBase(opts?.webappAuthStatusPath ?? `/backend/auth/status/${correlationId}`, { baseURI: opts?.webappBaseURI })}`,\n        ...(qrCodeDataUri && { qr_uri: qrCodeDataUri }),\n      } satisfies CreateAuthorizationRequestResponse\n      console.log(`Auth Request URI data to send back: ${JSON.stringify(authRequestBody)}`)\n\n      return response.status(201).json(authRequestBody)\n    } catch (error) {\n      return sendErrorResponse(response, 500, { status: 500, message: 'Could not create an authorization request URI' }, error)\n    }\n  })\n}\n\nexport function removeAuthRequestStateUniversalOID4VPEndpoint(router: Router, context: IRequiredContext, opts?: ISingleEndpointOpts) {\n  if (opts?.enabled === false) {\n    console.log(`removeAuthStatus universal OID4VP endpoint is disabled`)\n    return\n  }\n\n  const path = opts?.path ?? '/backend/auth/requests/:correlationId'\n  router.delete(path, checkAuth(opts?.endpoint), async (request: DeleteAuthorizationRequest, response: Response) => {\n    try {\n      const correlationId: string = request.params.correlationId\n\n      const authRequestState = await context.agent.siopGetAuthRequestState({\n        correlationId,\n        errorOnNotFound: false\n      })\n      if (!authRequestState) {\n        console.log(`No authorization request could be found for the given correlationId. correlationId: ${correlationId}`)\n        return sendErrorResponse(response, 404, { status: 404, message: 'No authorization request could be found' })\n      }\n\n      await context.agent.siopDeleteAuthState({ correlationId })\n\n      return response.status(204).json()\n    } catch (error) {\n      return sendErrorResponse(response, 500, { status: 500, message: error.message }, error)\n    }\n  })\n}\n\nexport function authStatusUniversalOID4VPEndpoint(router: Router, context: IRequiredContext, opts?: ISingleEndpointOpts) {\n  if (opts?.enabled === false) {\n    console.log(`authStatus universal OID4VP endpoint is disabled`)\n    return\n  }\n\n  const path = opts?.path ?? '/backend/auth/status/:correlationId'\n  router.get(path, checkAuth(opts?.endpoint), async (request: GetAuthorizationRequestStatus, response: Response) => {\n    try {\n      console.log('Received auth-status request...')\n      const correlationId: string = request.params.correlationId\n\n      const requestState = await context.agent.siopGetAuthRequestState({\n        correlationId,\n        errorOnNotFound: false\n      })\n\n      if (!requestState) {\n        console.log(`No authorization request could be found for the given correlationId. correlationId: ${correlationId}`)\n        return sendErrorResponse(response, 404, { status: 404, message: 'No authorization request could be found' })\n      }\n\n      let responseState\n      if (requestState.status === 'authorization_request_created') {\n        responseState = (await context.agent.siopGetAuthResponseState({ correlationId, errorOnNotFound: false }))\n      }\n      const overallState = responseState ?? requestState\n\n      const statusBody = {\n        status: overallState.status,\n        correlation_id: overallState.correlationId,\n        query_id: overallState.queryId,\n        last_updated: overallState.lastUpdated,\n        ...((responseState?.status === AuthorizationResponseStateStatus.VERIFIED && responseState.verifiedData !== undefined) && { verifiedData: responseState.verifiedData }),\n        ...(overallState.error && { message: overallState.error.message })\n      } satisfies AuthStatusResponse\n      console.debug(`Will send auth status: ${JSON.stringify(statusBody)}`)\n\n      if (overallState.status === 'error') {\n        return response.status(500).json(statusBody)\n      }\n      return response.status(200).json(statusBody)\n    } catch (error) {\n      return sendErrorResponse(response, 500, { status: 500, message: error.message }, error)\n    }\n  })\n}\n\nexport function getDefinitionsEndpoint(router: Router, context: IRequiredContext, opts?: ISingleEndpointOpts) {\n  if (opts?.enabled === false) {\n    console.log(`getDefinitions universal OID4VP endpoint is disabled`)\n    return\n  }\n\n  const path = opts?.path ?? '/backend/definitions'\n  router.get(path, checkAuth(opts?.endpoint), async (request: Request, response: Response) => {\n    try {\n      const definitions = await context.agent.pdmGetDefinitions()\n      response.statusCode = 200\n      return response.json(definitions)\n    } catch (error) {\n      return sendErrorResponse(response, 500, { status: 500, message: error.message }, error)\n    }\n  })\n}\n","import { Request, Response, NextFunction } from 'express';\nimport { z, ZodError } from 'zod';\n\nexport const validateData = (schema: z.ZodObject<any, any>) => {\n  return (req: Request, res: Response, next: NextFunction) => {\n    try {\n      schema.parse(req.body);\n      next();\n    } catch (error) {\n      if (error instanceof ZodError) {\n        const errorMessages = error.issues.map((issue: any) => ({\n          message: `${issue.path.join('.')} is ${issue.message}`,\n        }))\n        res.status(400).json({ status: 400, message: 'Invalid data', error_details: errorMessages[0].message });\n      } else {\n        res.status(500).json({ status: 500, message: 'Internal Server Error' });\n      }\n    }\n  };\n}\n","import { z } from 'zod'\nimport {\n  ResponseMode,\n  ResponseType,\n  RequestUriMethod,\n  CallbackOptsSchema\n} from '@sphereon/did-auth-siop'\n\nexport const ResponseTypeSchema = z.enum([ResponseType.VP_TOKEN]);\n\nexport const ResponseModeSchema = z.enum([ResponseMode.DIRECT_POST, ResponseMode.DIRECT_POST_JWT]);\n\nexport const RequestUriMethodSchema = z.enum(Object.values(RequestUriMethod));\n\nexport const QRCodeOptsSchema = z.object({\n  size: z.number().optional(),\n  color_dark: z.string().optional(),\n  color_light: z.string().optional(),\n});\n\nexport const CreateAuthorizationRequestBodySchema = z.object({\n  query_id: z.string(),\n  client_id: z.string().optional(),\n  request_uri_base: z.string().optional(),\n  correlation_id: z.string().optional(),\n  request_uri_method: RequestUriMethodSchema.optional(),\n  response_type: ResponseTypeSchema.optional(),\n  response_mode: ResponseModeSchema.optional(),\n  transaction_data: z.array(z.string()).optional(),\n  qr_code: QRCodeOptsSchema.optional(),\n  direct_post_response_redirect_uri: z.string().optional(),\n  callback: CallbackOptsSchema.optional(),\n});\n\nexport const CreateAuthorizationResponseSchema = z.object({\n  correlation_id: z.string(),\n  query_id: z.string(),\n  request_uri: z.string(),\n  status_uri: z.string(),\n  qr_uri: z.string().optional(),\n});\n","import { agentContext } from '@sphereon/ssi-sdk.core'\nimport { copyGlobalAuthToEndpoints, ExpressSupport } from '@sphereon/ssi-express-support'\nimport { IPresentationExchange } from '@sphereon/ssi-sdk.presentation-exchange'\nimport { ISIOPv2RP } from '@sphereon/ssi-sdk.siopv2-oid4vp-rp-auth'\nimport { TAgent } from '@veramo/core'\nimport express, { Express, Request, Response, Router } from 'express'\nimport { getAuthRequestSIOPv2Endpoint, verifyAuthResponseSIOPv2Endpoint } from './siop-api-functions'\nimport { IRequiredPlugins, ISIOPv2RPRestAPIOpts } from './types'\nimport {\n  authStatusUniversalOID4VPEndpoint,\n  createAuthRequestUniversalOID4VPEndpoint,\n  getDefinitionsEndpoint,\n  removeAuthRequestStateUniversalOID4VPEndpoint,\n} from './universal-oid4vp-api-functions'\nimport swaggerUi from 'swagger-ui-express'\n\nexport class SIOPv2RPApiServer {\n  private readonly _express: Express\n  private readonly _router: Router\n  private readonly _agent: TAgent<IPresentationExchange & ISIOPv2RP>\n  private readonly _opts?: ISIOPv2RPRestAPIOpts\n  private readonly _basePath: string\n\n  private readonly OID4VP_SWAGGER_URL = 'https://api.swaggerhub.com/apis/SphereonInt/OID4VP/0.1.0'\n  constructor(args: { agent: TAgent<IRequiredPlugins>; expressSupport: ExpressSupport; opts?: ISIOPv2RPRestAPIOpts }) {\n    const { agent, opts } = args\n    this._agent = agent\n    copyGlobalAuthToEndpoints({ opts, keys: ['webappCreateAuthRequest', 'webappAuthStatus', 'webappDeleteAuthRequest'] })\n    if (opts?.endpointOpts?.globalAuth?.secureSiopEndpoints) {\n      copyGlobalAuthToEndpoints({ opts, keys: ['siopGetAuthRequest', 'siopVerifyAuthResponse'] })\n    }\n\n    this._opts = opts\n    this._express = args.expressSupport.express\n    this._router = express.Router()\n    const context = agentContext(agent)\n\n    const features = opts?.enableFeatures ?? ['rp-status', 'siop']\n    console.log(`SIOPv2 API enabled, with features: ${JSON.stringify(features)}}`)\n\n    // Webapp endpoints\n    if (features.includes('rp-status')) {\n      createAuthRequestUniversalOID4VPEndpoint(this._router, context, opts?.endpointOpts?.webappCreateAuthRequest)\n      authStatusUniversalOID4VPEndpoint(this._router, context, opts?.endpointOpts?.webappAuthStatus)\n      removeAuthRequestStateUniversalOID4VPEndpoint(this._router, context, opts?.endpointOpts?.webappDeleteAuthRequest)\n      getDefinitionsEndpoint(this._router, context, opts?.endpointOpts?.webappGetDefinitions)\n    }\n\n    // SIOPv2 endpoints\n    if (features.includes('siop')) {\n      getAuthRequestSIOPv2Endpoint(this._router, context, opts?.endpointOpts?.siopGetAuthRequest)\n      verifyAuthResponseSIOPv2Endpoint(this._router, context, opts?.endpointOpts?.siopVerifyAuthResponse)\n    }\n    this._basePath = opts?.endpointOpts?.basePath ?? ''\n    this._express.use(this._basePath, this.router)\n    this._express.set('trust proxy', opts?.endpointOpts?.trustProxy ?? true)\n    this.setupSwaggerUi()\n  }\n\n  private setupSwaggerUi() {\n    fetch(this.OID4VP_SWAGGER_URL)\n      .then((res) => res.json())\n      .then((swagger: any) => {\n        const apiDocs = `${this._basePath}/api-docs`\n        console.log(`[OID4P] API docs available at ${apiDocs}`)\n\n        this._router.use(\n          '/api-docs',\n          (req: Request, res: Response, next: any) => {\n            const regex = `${apiDocs.replace(/\\//, '\\/')}`.replace('/oid4vp', '').replace(/\\/api-docs.*/, '')\n            swagger.servers = [{ url: `${req.protocol}://${req.get('host')}${regex}`, description: 'This server' }]\n            // @ts-ignore\n            req.swaggerDoc = swagger\n            next()\n          },\n          swaggerUi.serveFiles(swagger, options),\n          swaggerUi.setup(),\n        )\n      })\n      .catch((err) => {\n        console.log(`[OID4VP] Unable to fetch swagger document: ${err}. Will not host api-docs on this instance`)\n      })\n    const options = {\n      // customCss: '.swagger-ui .topbar { display: none }',\n    }\n  }\n  get express(): Express {\n    return this._express\n  }\n\n  get router(): Router {\n    return this._router\n  }\n\n  get agent(): TAgent<IPresentationExchange & ISIOPv2RP> {\n    return this._agent\n  }\n\n  get opts(): ISIOPv2RPRestAPIOpts | undefined {\n    return this._opts\n  }\n}\n"],"mappings":";;;;AACA,SAASA,WAAgCC,yBAAyB;AAElE,SAASC,wBAAwB;AAIjC,IAAMC,6BAA6B,wBAACC,YAAAA;AAClC,QAAMC,cAAcD,QAAQE,OAAO,cAAA;AAEnC,MAAID,gBAAgB,oBAAoB;AACtC,UAAME,UAAU,OAAOH,QAAQI,SAAS,WAAWC,KAAKC,MAAMN,QAAQI,IAAI,IAAIJ,QAAQI;AACtF,WAAOD;EACT;AAEA,MAAIF,gBAAgB,qCAAqC;AACvD,UAAME,UAAUH,QAAQI;AAGxB,QAAI,OAAOD,QAAQI,4BAA4B,UAAU;AACvDC,cAAQC,IAAI,gIAAgI;AAC5IN,cAAQI,0BAA0BF,KAAKC,MAAMH,QAAQI,uBAAuB;IAC9E;AAGA,QAAI,OAAOJ,QAAQO,aAAa,UAAU;AACxC,YAAM,EAAEA,SAAQ,IAAKP;AAIrB,UAAKO,SAASC,WAAW,GAAA,KAAQD,SAASE,SAAS,GAAA,KAASC,iBAAiBC,iBAAiBJ,QAAAA,GAAW;AACvGP,gBAAQO,WAAWL,KAAKC,MAAMI,QAAAA;MAChC;IACF;AAEA,WAAOP;EACT;AAEA,QAAM,IAAIY,MACR,6BAA6Bd,WAAAA,yGAAoH;AAErJ,GAlCmC;AAoC5B,SAASe,iCAAiCC,QAAgBC,SAA2BC,MAA0B;AACpH,MAAIA,MAAMC,YAAY,OAAO;AAC3BZ,YAAQC,IAAI,8CAA8C;AAC1D;EACF;AACA,QAAMY,OAAOF,MAAME,QAAQ;AAC3BJ,SAAOK,KAAKD,MAAME,UAAUJ,MAAMK,QAAAA,GAAW,OAAOxB,SAAkByB,aAAAA;AACpE,QAAI;AACF,YAAM,EAAEC,eAAeC,UAAUC,SAASC,kBAAiB,IAAK7B,QAAQ8B;AACxE,UAAI,CAACJ,iBAAiB,CAACG,mBAAmB;AACxCrB,gBAAQC,IACN,6EAA6EiB,aAAAA,wBAAqCG,iBAAAA,EAAmB;AAEvI,eAAOE,kBAAkBN,UAAU,KAAK,yCAAA;MAC1C;AACAjB,cAAQC,IAAI,uCAAA;AACZD,cAAQC,IAAIJ,KAAK2B,UAAUhC,QAAQI,MAAM,MAAM,CAAA,CAAA;AAC/C,YAAM6B,kBAAkB,MAAMf,QAAQgB,MAAMC,kBAAkB;QAAEC,QAAQ;UAAC;YAAEC,cAAcR;YAAmBF;YAAUC;UAAQ;;MAAG,CAAA;AACjI,UAAIK,gBAAgBK,WAAW,GAAG;AAChC9B,gBAAQC,IAAI,4BAA4BoB,iBAAAA,8BAA+C;AACvFJ,iBAASc,aAAa;AACtBd,iBAASe,gBAAgB,iBAAiBX,iBAAAA;AAC1C,eAAOJ,SAASgB,KAAI;MACtB;AAEA,YAAMC,wBAAwB3C,2BAA2BC,OAAAA;AACzDQ,cAAQC,IAAI,QAAQJ,KAAK2B,UAAUU,qBAAAA,CAAAA,EAAwB;AAE3D,YAAMC,iBAAiBV,gBAAgB,CAAA;AACvC,YAAMW,mBAAmB,MAAM1B,QAAQgB,MAAMW,uBAAuB;QAClEH;QACAhB;QACAoB,SAASjB;QACTkB,kBAAkBJ,eAAeK;MACnC,CAAA;AAEA,YAAMC,sBAAsBL,kBAAkBM,kBAAkBC,aAAatB,iBAAAA;AAC7E,UAAIoB,qBAAqB;AAGvBzC,gBAAQC,IAAI,kBAAkBJ,KAAK2B,UAAUiB,oBAAoBE,cAAc,MAAM,CAAA,CAAA;AACrF1B,iBAASc,aAAa;AAEtB,cAAMa,2CAAqF;UACzFC,sCAAsCT,iBAAiBlB;QACzD;AACA,YAAIgB,sBAAsBY,gBAAgB;AACxC7B,mBAAS8B,UAAU,gBAAgB,kBAAA;AACnC,iBAAO9B,SAASgB,KAAKpC,KAAK2B,UAAUoB,wCAAAA,CAAAA;QACtC;AAEA,cAAMI,sBAAsB,MAAMtC,QAAQgB,MAAMuB,mBAAmB;UACjE/B;UACAoB,SAASjB;UACT6B,OAAOd,iBAAiBc;QAC1B,CAAA;AACA,YAAIF,qBAAqB;AACvB/B,mBAAS8B,UAAU,gBAAgB,kBAAA;AACnC,iBAAO9B,SAASgB,KAAKpC,KAAK2B,UAAU;YAAE2B,cAAcH;UAAoB,CAAA,CAAA;QAC1E;MAEF,OAAO;AACLhD,gBAAQC,IAAI,+CAAA;AACZgB,iBAASc,aAAa;AACtBd,iBAASe,gBAAgB;MAC3B;AACA,aAAOf,SAASgB,KAAI;IACtB,SAASmB,OAAO;AACdpD,cAAQoD,MAAMA,KAAAA;AACd,aAAO7B,kBAAkBN,UAAU,KAAK,gCAAgCmC,KAAAA;IAC1E;EACF,CAAA;AACF;AAxEgB5C;AA0ET,SAAS6C,6BAA6B5C,QAAgBC,SAA2BC,MAA0B;AAChH,MAAIA,MAAMC,YAAY,OAAO;AAC3BZ,YAAQC,IAAI,0CAA0C;AACtD;EACF;AACA,QAAMY,OAAOF,MAAME,QAAQ;AAC3BJ,SAAO6C,IAAIzC,MAAME,UAAUJ,MAAMK,QAAAA,GAAW,OAAOxB,SAAkByB,aAAAA;AACnE,QAAI;AACF,YAAMC,gBAAgB1B,QAAQ8B,OAAOJ;AACrC,YAAMW,eAAerC,QAAQ8B,OAAOO;AACpC,UAAI,CAACX,iBAAiB,CAACW,cAAc;AACnC7B,gBAAQC,IAAI,6EAA6EiB,aAAAA,mBAAgCW,YAAAA,EAAc;AACvI,eAAON,kBAAkBN,UAAU,KAAK,yCAAA;MAC1C;AACA,YAAMsC,eAAe,MAAM7C,QAAQgB,MAAM8B,wBAAwB;QAC/DtC;QACAoB,SAAST;QACT4B,iBAAiB;MACnB,CAAA;AACA,UAAI,CAACF,cAAc;AACjBvD,gBAAQC,IACN,kGAAkGiB,aAAAA,mBAAgCW,YAAAA,EAAc;AAElJ,eAAON,kBAAkBN,UAAU,KAAK,yCAAyC;MACnF;AACA,YAAMyC,gBAAgB,MAAMH,aAAa/D,SAASkE,eAAeC,MAAAA;AACjE3D,cAAQC,IAAI,qBAAA;AACZD,cAAQC,IAAIyD,aAAAA;AAEZ,UAAIN;AACJ,UAAI;AACFnC,iBAASc,aAAa;AACtBd,iBAAS8B,UAAU,gBAAgB,iBAAA;AACnC,eAAO9B,SAASgB,KAAKyB,aAAAA;MACvB,SAASE,GAAG;AACVR,gBAAQ,OAAOQ,MAAM,WAAWA,IAAIA,aAAarD,QAAQqD,EAAEC,UAAUC;AACrE,eAAOvC,kBAAkBN,UAAU,KAAK,uCAAuC2C,CAAAA;MACjF,UAAA;AACE,cAAMlD,QAAQgB,MAAMqC,2BAA2B;UAC7C7C;UACAoB,SAAST;UACTqB,OAAO;UACPE;QACF,CAAA;MACF;IACF,SAASA,OAAO;AACd,aAAO7B,kBAAkBN,UAAU,KAAK,uCAAuCmC,KAAAA;IACjF;EACF,CAAA;AACF;AAjDgBC;;;ACrHhB,SAASW,wCAAwC;AACjD,SAASC,aAAAA,YAAgCC,qBAAAA,0BAAyB;AAClE,SAASC,mBAAmB;AAE5B,OAAOC,UAAU;;;ACHjB,SAAYC,gBAAgB;AAErB,IAAMC,eAAe,wBAACC,WAAAA;AAC3B,SAAO,CAACC,KAAcC,KAAeC,SAAAA;AACnC,QAAI;AACFH,aAAOI,MAAMH,IAAII,IAAI;AACrBF,WAAAA;IACF,SAASG,OAAO;AACd,UAAIA,iBAAiBC,UAAU;AAC7B,cAAMC,gBAAgBF,MAAMG,OAAOC,IAAI,CAACC,WAAgB;UACtDC,SAAS,GAAGD,MAAME,KAAKC,KAAK,GAAA,CAAA,OAAWH,MAAMC,OAAO;QACtD,EAAA;AACAV,YAAIa,OAAO,GAAA,EAAKC,KAAK;UAAED,QAAQ;UAAKH,SAAS;UAAgBK,eAAeT,cAAc,CAAA,EAAGI;QAAQ,CAAA;MACvG,OAAO;AACLV,YAAIa,OAAO,GAAA,EAAKC,KAAK;UAAED,QAAQ;UAAKH,SAAS;QAAwB,CAAA;MACvE;IACF;EACF;AACF,GAhB4B;;;ACH5B,SAASM,SAAS;AAClB,SACEC,cACAC,cACAC,kBACAC,0BACK;AAEA,IAAMC,qBAAqBL,EAAEM,KAAK;EAACJ,aAAaK;CAAS;AAEzD,IAAMC,qBAAqBR,EAAEM,KAAK;EAACL,aAAaQ;EAAaR,aAAaS;CAAgB;AAE1F,IAAMC,yBAAyBX,EAAEM,KAAKM,OAAOC,OAAOV,gBAAAA,CAAAA;AAEpD,IAAMW,mBAAmBd,EAAEe,OAAO;EACvCC,MAAMhB,EAAEiB,OAAM,EAAGC,SAAQ;EACzBC,YAAYnB,EAAEoB,OAAM,EAAGF,SAAQ;EAC/BG,aAAarB,EAAEoB,OAAM,EAAGF,SAAQ;AAClC,CAAA;AAEO,IAAMI,uCAAuCtB,EAAEe,OAAO;EAC3DQ,UAAUvB,EAAEoB,OAAM;EAClBI,WAAWxB,EAAEoB,OAAM,EAAGF,SAAQ;EAC9BO,kBAAkBzB,EAAEoB,OAAM,EAAGF,SAAQ;EACrCQ,gBAAgB1B,EAAEoB,OAAM,EAAGF,SAAQ;EACnCS,oBAAoBhB,uBAAuBO,SAAQ;EACnDU,eAAevB,mBAAmBa,SAAQ;EAC1CW,eAAerB,mBAAmBU,SAAQ;EAC1CY,kBAAkB9B,EAAE+B,MAAM/B,EAAEoB,OAAM,CAAA,EAAIF,SAAQ;EAC9Cc,SAASlB,iBAAiBI,SAAQ;EAClCe,mCAAmCjC,EAAEoB,OAAM,EAAGF,SAAQ;EACtDgB,UAAU9B,mBAAmBc,SAAQ;AACvC,CAAA;AAEO,IAAMiB,oCAAoCnC,EAAEe,OAAO;EACxDW,gBAAgB1B,EAAEoB,OAAM;EACxBG,UAAUvB,EAAEoB,OAAM;EAClBgB,aAAapC,EAAEoB,OAAM;EACrBiB,YAAYrC,EAAEoB,OAAM;EACpBkB,QAAQtC,EAAEoB,OAAM,EAAGF,SAAQ;AAC7B,CAAA;;;AFtBO,SAASqB,yCAAyCC,QAAgBC,SAA2BC,MAA2C;AAC7I,MAAIA,MAAMC,YAAY,OAAO;AAC3BC,YAAQC,IAAI,yDAAyD;AACrE;EACF;AAEA,QAAMC,OAAOJ,MAAMI,QAAQ;AAC3BN,SAAOO,KAAKD,MAAME,WAAUN,MAAMO,QAAAA,GAAWC,aAAaC,oCAAAA,GAAuC,OAAOC,SAAqCC,aAAAA;AAC3I,QAAI;AACF,YAAMC,gBAAgBF,QAAQG,KAAKC,kBAAkBC,KAAKA,KAAI;AAC9D,YAAMC,aAAaN,QAAQG,KAAKI,WAAWjB,MAAMgB;AACjD,YAAME,UAAUR,QAAQG,KAAKM;AAC7B,YAAMC,gCAAgCV,QAAQG,KAAKQ;AACnD,YAAMC,iBAAiBZ,QAAQG,KAAKU;AACpC,YAAMC,WAAWd,QAAQG,KAAKW;AAE9B,YAAMC,kBAAkB,MAAM1B,QAAQ2B,MAAMC,kBAAkB;QAAEC,QAAQ;UAAC;YAAEC,cAAcX;UAAQ;;MAAG,CAAA;AACpG,UAAIO,gBAAgBK,WAAW,GAAG;AAC9B5B,gBAAQC,IAAI,uDAAuDe,OAAAA,EAAS;AAC5E,eAAOa,mBAAkBpB,UAAU,KAAK;UAAEqB,QAAQ;UAAKC,SAAS;QAA0B,CAAA;MAC9F;AAEA,YAAMC,wBAAwBC,YAAY,qBAAqBjB,OAAAA,kBAAyBN,aAAAA,IAAiB;QACvGwB,SAASd,kBAAkBtB,MAAMqC;MACnC,CAAA;AACA,YAAMC,cAAcH,YAAY,qBAAqBjB,OAAAA,mBAA0BN,aAAAA,IAAiB;QAAEwB,SAASpC,MAAMqC;MAAY,CAAA;AAE7H,YAAME,iBAAiB,MAAMxC,QAAQ2B,MAAMc,yBAAyB;QAClEtB;QACAN;QACA6B,OAAO1B,KAAKA,KAAI;QAChBmB;QACAQ,iBAAiB;QACjBJ;QACA,GAAIlB,iCAAiC;UAAEuB,qBAAqBvB;QAA8B;QAC1FI;MACF,CAAA;AAEA,UAAIoB;AACJ,UAAI5B,YAAY;AACd,cAAM,EAAE6B,UAAS,IAAK,MAAM,OAAO,YAAA;AACnC,cAAMC,SAAS,IAAID,UAAU;UAAE,GAAG7B;UAAY+B,MAAMR;QAAe,CAAA;AACnEK,wBAAgB,0BAA0B,MAAME,OAAOE,KAAI,GAAKC,SAAS,QAAA,CAAA;MAC3E;AAEA,YAAMC,kBAAkB;QACtB/B,UAAUD;QACVJ,gBAAgBF;QAChBuC,aAAaZ;QACba,YAAY,GAAGjB,YAAYnC,MAAMqD,wBAAwB,wBAAwBzC,aAAAA,IAAiB;UAAEwB,SAASpC,MAAMsD;QAAc,CAAA,CAAA;QACjI,GAAIV,iBAAiB;UAAEW,QAAQX;QAAc;MAC/C;AACA1C,cAAQC,IAAI,uCAAuCqD,KAAKC,UAAUP,eAAAA,CAAAA,EAAkB;AAEpF,aAAOvC,SAASqB,OAAO,GAAA,EAAK0B,KAAKR,eAAAA;IACnC,SAASS,OAAO;AACd,aAAO5B,mBAAkBpB,UAAU,KAAK;QAAEqB,QAAQ;QAAKC,SAAS;MAAgD,GAAG0B,KAAAA;IACrH;EACF,CAAA;AACF;AA3DgB9D;AA6DT,SAAS+D,8CAA8C9D,QAAgBC,SAA2BC,MAA0B;AACjI,MAAIA,MAAMC,YAAY,OAAO;AAC3BC,YAAQC,IAAI,wDAAwD;AACpE;EACF;AAEA,QAAMC,OAAOJ,MAAMI,QAAQ;AAC3BN,SAAO+D,OAAOzD,MAAME,WAAUN,MAAMO,QAAAA,GAAW,OAAOG,SAAqCC,aAAAA;AACzF,QAAI;AACF,YAAMC,gBAAwBF,QAAQoD,OAAOlD;AAE7C,YAAMmD,mBAAmB,MAAMhE,QAAQ2B,MAAMsC,wBAAwB;QACnEpD;QACAqD,iBAAiB;MACnB,CAAA;AACA,UAAI,CAACF,kBAAkB;AACrB7D,gBAAQC,IAAI,uFAAuFS,aAAAA,EAAe;AAClH,eAAOmB,mBAAkBpB,UAAU,KAAK;UAAEqB,QAAQ;UAAKC,SAAS;QAA0C,CAAA;MAC5G;AAEA,YAAMlC,QAAQ2B,MAAMwC,oBAAoB;QAAEtD;MAAc,CAAA;AAExD,aAAOD,SAASqB,OAAO,GAAA,EAAK0B,KAAI;IAClC,SAASC,OAAO;AACd,aAAO5B,mBAAkBpB,UAAU,KAAK;QAAEqB,QAAQ;QAAKC,SAAS0B,MAAM1B;MAAQ,GAAG0B,KAAAA;IACnF;EACF,CAAA;AACF;AA3BgBC;AA6BT,SAASO,kCAAkCrE,QAAgBC,SAA2BC,MAA0B;AACrH,MAAIA,MAAMC,YAAY,OAAO;AAC3BC,YAAQC,IAAI,kDAAkD;AAC9D;EACF;AAEA,QAAMC,OAAOJ,MAAMI,QAAQ;AAC3BN,SAAOsE,IAAIhE,MAAME,WAAUN,MAAMO,QAAAA,GAAW,OAAOG,SAAwCC,aAAAA;AACzF,QAAI;AACFT,cAAQC,IAAI,iCAAA;AACZ,YAAMS,gBAAwBF,QAAQoD,OAAOlD;AAE7C,YAAMyD,eAAe,MAAMtE,QAAQ2B,MAAMsC,wBAAwB;QAC/DpD;QACAqD,iBAAiB;MACnB,CAAA;AAEA,UAAI,CAACI,cAAc;AACjBnE,gBAAQC,IAAI,uFAAuFS,aAAAA,EAAe;AAClH,eAAOmB,mBAAkBpB,UAAU,KAAK;UAAEqB,QAAQ;UAAKC,SAAS;QAA0C,CAAA;MAC5G;AAEA,UAAIqC;AACJ,UAAID,aAAarC,WAAW,iCAAiC;AAC3DsC,wBAAiB,MAAMvE,QAAQ2B,MAAM6C,yBAAyB;UAAE3D;UAAeqD,iBAAiB;QAAM,CAAA;MACxG;AACA,YAAMO,eAAeF,iBAAiBD;AAEtC,YAAMI,aAAa;QACjBzC,QAAQwC,aAAaxC;QACrBlB,gBAAgB0D,aAAa5D;QAC7BO,UAAUqD,aAAatD;QACvBwD,cAAcF,aAAaG;QAC3B,GAAKL,eAAetC,WAAW4C,iCAAiCC,YAAYP,cAAcQ,iBAAiBC,UAAc;UAAED,cAAcR,cAAcQ;QAAa;QACpK,GAAIN,aAAab,SAAS;UAAE1B,SAASuC,aAAab,MAAM1B;QAAQ;MAClE;AACA/B,cAAQ8E,MAAM,0BAA0BxB,KAAKC,UAAUgB,UAAAA,CAAAA,EAAa;AAEpE,UAAID,aAAaxC,WAAW,SAAS;AACnC,eAAOrB,SAASqB,OAAO,GAAA,EAAK0B,KAAKe,UAAAA;MACnC;AACA,aAAO9D,SAASqB,OAAO,GAAA,EAAK0B,KAAKe,UAAAA;IACnC,SAASd,OAAO;AACd,aAAO5B,mBAAkBpB,UAAU,KAAK;QAAEqB,QAAQ;QAAKC,SAAS0B,MAAM1B;MAAQ,GAAG0B,KAAAA;IACnF;EACF,CAAA;AACF;AA9CgBQ;AAgDT,SAASc,uBAAuBnF,QAAgBC,SAA2BC,MAA0B;AAC1G,MAAIA,MAAMC,YAAY,OAAO;AAC3BC,YAAQC,IAAI,sDAAsD;AAClE;EACF;AAEA,QAAMC,OAAOJ,MAAMI,QAAQ;AAC3BN,SAAOsE,IAAIhE,MAAME,WAAUN,MAAMO,QAAAA,GAAW,OAAOG,SAAkBC,aAAAA;AACnE,QAAI;AACF,YAAMuE,cAAc,MAAMnF,QAAQ2B,MAAMC,kBAAiB;AACzDhB,eAASwE,aAAa;AACtB,aAAOxE,SAAS+C,KAAKwB,WAAAA;IACvB,SAASvB,OAAO;AACd,aAAO5B,mBAAkBpB,UAAU,KAAK;QAAEqB,QAAQ;QAAKC,SAAS0B,MAAM1B;MAAQ,GAAG0B,KAAAA;IACnF;EACF,CAAA;AACF;AAhBgBsB;;;AG5JhB,SAASG,oBAAoB;AAC7B,SAASC,iCAAiD;AAI1D,OAAOC,aAAqD;AAS5D,OAAOC,eAAe;AAEf,IAAMC,oBAAN,MAAMA;EAhBb,OAgBaA;;;EACMC;EACAC;EACAC;EACAC;EACAC;EAEAC,qBAAqB;EACtCC,YAAYC,MAAwG;AAClH,UAAM,EAAEC,OAAOC,KAAI,IAAKF;AACxB,SAAKL,SAASM;AACdE,8BAA0B;MAAED;MAAME,MAAM;QAAC;QAA2B;QAAoB;;IAA2B,CAAA;AACnH,QAAIF,MAAMG,cAAcC,YAAYC,qBAAqB;AACvDJ,gCAA0B;QAAED;QAAME,MAAM;UAAC;UAAsB;;MAA0B,CAAA;IAC3F;AAEA,SAAKR,QAAQM;AACb,SAAKT,WAAWO,KAAKQ,eAAeC;AACpC,SAAKf,UAAUe,QAAQC,OAAM;AAC7B,UAAMC,UAAUC,aAAaX,KAAAA;AAE7B,UAAMY,WAAWX,MAAMY,kBAAkB;MAAC;MAAa;;AACvDC,YAAQC,IAAI,sCAAsCC,KAAKC,UAAUL,QAAAA,CAAAA,GAAY;AAG7E,QAAIA,SAASM,SAAS,WAAA,GAAc;AAClCC,+CAAyC,KAAK1B,SAASiB,SAAST,MAAMG,cAAcgB,uBAAAA;AACpFC,wCAAkC,KAAK5B,SAASiB,SAAST,MAAMG,cAAckB,gBAAAA;AAC7EC,oDAA8C,KAAK9B,SAASiB,SAAST,MAAMG,cAAcoB,uBAAAA;AACzFC,6BAAuB,KAAKhC,SAASiB,SAAST,MAAMG,cAAcsB,oBAAAA;IACpE;AAGA,QAAId,SAASM,SAAS,MAAA,GAAS;AAC7BS,mCAA6B,KAAKlC,SAASiB,SAAST,MAAMG,cAAcwB,kBAAAA;AACxEC,uCAAiC,KAAKpC,SAASiB,SAAST,MAAMG,cAAc0B,sBAAAA;IAC9E;AACA,SAAKlC,YAAYK,MAAMG,cAAc2B,YAAY;AACjD,SAAKvC,SAASwC,IAAI,KAAKpC,WAAW,KAAKqC,MAAM;AAC7C,SAAKzC,SAAS0C,IAAI,eAAejC,MAAMG,cAAc+B,cAAc,IAAA;AACnE,SAAKC,eAAc;EACrB;EAEQA,iBAAiB;AACvBC,UAAM,KAAKxC,kBAAkB,EAC1ByC,KAAK,CAACC,QAAQA,IAAIC,KAAI,CAAA,EACtBF,KAAK,CAACG,YAAAA;AACL,YAAMC,UAAU,GAAG,KAAK9C,SAAS;AACjCkB,cAAQC,IAAI,iCAAiC2B,OAAAA,EAAS;AAEtD,WAAKjD,QAAQuC,IACX,aACA,CAACW,KAAcJ,KAAeK,SAAAA;AAC5B,cAAMC,QAAQ,GAAGH,QAAQI,QAAQ,MAAM,GAAA,CAAA,GAAQA,QAAQ,WAAW,EAAA,EAAIA,QAAQ,gBAAgB,EAAA;AAC9FL,gBAAQM,UAAU;UAAC;YAAEC,KAAK,GAAGL,IAAIM,QAAQ,MAAMN,IAAIO,IAAI,MAAA,CAAA,GAAUL,KAAAA;YAASM,aAAa;UAAc;;AAErGR,YAAIS,aAAaX;AACjBG,aAAAA;MACF,GACAS,UAAUC,WAAWb,SAASc,OAAAA,GAC9BF,UAAUG,MAAK,CAAA;IAEnB,CAAA,EACCC,MAAM,CAACC,QAAAA;AACN5C,cAAQC,IAAI,8CAA8C2C,GAAAA,2CAA8C;IAC1G,CAAA;AACF,UAAMH,UAAU,CAEhB;EACF;EACA,IAAI/C,UAAmB;AACrB,WAAO,KAAKhB;EACd;EAEA,IAAIyC,SAAiB;AACnB,WAAO,KAAKxC;EACd;EAEA,IAAIO,QAAmD;AACrD,WAAO,KAAKN;EACd;EAEA,IAAIO,OAAyC;AAC3C,WAAO,KAAKN;EACd;AACF;","names":["checkAuth","sendErrorResponse","CredentialMapper","parseAuthorizationResponse","request","contentType","header","payload","body","JSON","parse","presentation_submission","console","log","vp_token","startsWith","endsWith","CredentialMapper","isJsonLdAsString","Error","verifyAuthResponseSIOPv2Endpoint","router","context","opts","enabled","path","post","checkAuth","endpoint","response","correlationId","tenantId","version","credentialQueryId","params","sendErrorResponse","stringify","definitionItems","agent","pdmGetDefinitions","filter","definitionId","length","statusCode","statusMessage","send","authorizationResponse","definitionItem","verifiedResponse","siopVerifyAuthResponse","queryId","dcqlQueryPayload","dcqlPayload","wrappedPresentation","oid4vpSubmission","presentation","authorizationChallengeValidationResponse","presentation_during_issuance_session","is_first_party","setHeader","responseRedirectURI","siopGetRedirectURI","state","redirect_uri","error","getAuthRequestSIOPv2Endpoint","get","requestState","siopGetAuthRequestState","errorOnNotFound","requestObject","toJwt","e","message","undefined","siopUpdateAuthRequestState","AuthorizationResponseStateStatus","checkAuth","sendErrorResponse","uriWithBase","uuid","ZodError","validateData","schema","req","res","next","parse","body","error","ZodError","errorMessages","issues","map","issue","message","path","join","status","json","error_details","z","ResponseMode","ResponseType","RequestUriMethod","CallbackOptsSchema","ResponseTypeSchema","enum","VP_TOKEN","ResponseModeSchema","DIRECT_POST","DIRECT_POST_JWT","RequestUriMethodSchema","Object","values","QRCodeOptsSchema","object","size","number","optional","color_dark","string","color_light","CreateAuthorizationRequestBodySchema","query_id","client_id","request_uri_base","correlation_id","request_uri_method","response_type","response_mode","transaction_data","array","qr_code","direct_post_response_redirect_uri","callback","CreateAuthorizationResponseSchema","request_uri","status_uri","qr_uri","createAuthRequestUniversalOID4VPEndpoint","router","context","opts","enabled","console","log","path","post","checkAuth","endpoint","validateData","CreateAuthorizationRequestBodySchema","request","response","correlationId","body","correlation_id","uuid","qrCodeOpts","qr_code","queryId","query_id","directPostResponseRedirectUri","direct_post_response_redirect_uri","requestUriBase","request_uri_base","callback","definitionItems","agent","pdmGetDefinitions","filter","definitionId","length","sendErrorResponse","status","message","requestByReferenceURI","uriWithBase","baseURI","siopBaseURI","responseURI","authRequestURI","siopCreateAuthRequestURI","nonce","responseURIType","responseRedirectURI","qrCodeDataUri","AwesomeQR","qrCode","text","draw","toString","authRequestBody","request_uri","status_uri","webappAuthStatusPath","webappBaseURI","qr_uri","JSON","stringify","json","error","removeAuthRequestStateUniversalOID4VPEndpoint","delete","params","authRequestState","siopGetAuthRequestState","errorOnNotFound","siopDeleteAuthState","authStatusUniversalOID4VPEndpoint","get","requestState","responseState","siopGetAuthResponseState","overallState","statusBody","last_updated","lastUpdated","AuthorizationResponseStateStatus","VERIFIED","verifiedData","undefined","debug","getDefinitionsEndpoint","definitions","statusCode","agentContext","copyGlobalAuthToEndpoints","express","swaggerUi","SIOPv2RPApiServer","_express","_router","_agent","_opts","_basePath","OID4VP_SWAGGER_URL","constructor","args","agent","opts","copyGlobalAuthToEndpoints","keys","endpointOpts","globalAuth","secureSiopEndpoints","expressSupport","express","Router","context","agentContext","features","enableFeatures","console","log","JSON","stringify","includes","createAuthRequestUniversalOID4VPEndpoint","webappCreateAuthRequest","authStatusUniversalOID4VPEndpoint","webappAuthStatus","removeAuthRequestStateUniversalOID4VPEndpoint","webappDeleteAuthRequest","getDefinitionsEndpoint","webappGetDefinitions","getAuthRequestSIOPv2Endpoint","siopGetAuthRequest","verifyAuthResponseSIOPv2Endpoint","siopVerifyAuthResponse","basePath","use","router","set","trustProxy","setupSwaggerUi","fetch","then","res","json","swagger","apiDocs","req","next","regex","replace","servers","url","protocol","get","description","swaggerDoc","swaggerUi","serveFiles","options","setup","catch","err"]}
+{"version":3,"sources":["../src/siop-api-functions.ts","../src/universal-oid4vp-api-functions.ts","../src/middleware/validationMiddleware.ts","../src/schemas/index.ts","../src/siopv2-rp-api-server.ts"],"sourcesContent":["import { AuthorizationResponsePayload } from '@sphereon/did-auth-siop'\nimport { checkAuth, ISingleEndpointOpts, sendErrorResponse } from '@sphereon/ssi-express-support'\nimport { AuthorizationChallengeValidationResponse } from '@sphereon/ssi-sdk.siopv2-oid4vp-common'\nimport { CredentialMapper } from '@sphereon/ssi-types'\nimport { Request, Response, Router } from 'express'\nimport { IRequiredContext } from './types'\n\nconst parseAuthorizationResponse = (request: Request): AuthorizationResponsePayload => {\n  const contentType = request.header('content-type')\n\n  if (contentType === 'application/json') {\n    const payload = typeof request.body === 'string' ? JSON.parse(request.body) : request.body\n    return payload as AuthorizationResponsePayload\n  }\n\n  if (contentType === 'application/x-www-form-urlencoded') {\n    const payload = request.body as AuthorizationResponsePayload\n\n    // Parse presentation_submission if it's a string\n    if (typeof payload.presentation_submission === 'string') {\n      console.log(`Supplied presentation_submission was a string instead of JSON. Correcting, but external party should fix their implementation!`)\n      payload.presentation_submission = JSON.parse(payload.presentation_submission)\n    }\n\n    // when using FORM_URL_ENCODED, vp_token comes back as string not matter whether the input was string, object or array. Handled below.\n    if (typeof payload.vp_token === 'string') {\n      const { vp_token } = payload\n\n      // The only use case where vp_object is an object is JsonLdAsString atm. For arrays, any objects will be parsed along with the array\n      // (Leaving the vp_token JsonLdAsString causes problems because the original credential will remain string and will be interpreted as JWT in some parts of the code)\n      if ((vp_token.startsWith('[') && vp_token.endsWith(']')) || CredentialMapper.isJsonLdAsString(vp_token)) {\n        payload.vp_token = JSON.parse(vp_token)\n      }\n    }\n\n    return payload\n  }\n\n  throw new Error(\n    `Unsupported content type: ${contentType}. Currently only application/x-www-form-urlencoded and application/json (for direct_post) are supported`,\n  )\n}\n\nexport function verifyAuthResponseSIOPv2Endpoint(router: Router, context: IRequiredContext, opts?: ISingleEndpointOpts) {\n  if (opts?.enabled === false) {\n    console.log(`verifyAuthResponse SIOP endpoint is disabled`)\n    return\n  }\n  const path = opts?.path ?? '/siop/definitions/:definitionId/auth-responses/:correlationId'\n  router.post(path, checkAuth(opts?.endpoint), async (request: Request, response: Response) => {\n    try {\n      const { correlationId, queryId, tenantId, version } = request.params\n      if (!correlationId || !queryId) {\n        console.log(`No authorization request could be found for the given url. correlationId: ${correlationId}, queryId: ${queryId}`)\n        return sendErrorResponse(response, 404, 'No authorization request could be found')\n      }\n      console.log('Authorization Response (siop-sessions')\n      console.log(JSON.stringify(request.body, null, 2))\n      const definitionItems = await context.agent.pdmGetDefinitions({ filter: [{ queryId, tenantId, version }] })\n      if (definitionItems.length === 0) {\n        console.log(`Could not get definition ${queryId} from agent. Will return 404`)\n        response.statusCode = 404\n        response.statusMessage = `No definition ${queryId}`\n        return response.send()\n      }\n\n      const authorizationResponse = parseAuthorizationResponse(request)\n      console.log(`URI: ${JSON.stringify(authorizationResponse)}`)\n\n      const definitionItem = definitionItems[0]\n      const verifiedResponse = await context.agent.siopVerifyAuthResponse({\n        authorizationResponse,\n        correlationId,\n        queryId,\n        dcqlQuery: definitionItem.query,\n      })\n\n      // FIXME SSISDK-55 add proper support for checking for DCQL presentations\n      const presentation = verifiedResponse?.oid4vpSubmission?.presentation\n      if (presentation && Object.keys(presentation).length > 0) {\n        console.log('PRESENTATIONS:' + JSON.stringify(verifiedResponse?.oid4vpSubmission?.presentation, null, 2))\n        response.statusCode = 200\n\n        const authorizationChallengeValidationResponse: AuthorizationChallengeValidationResponse = {\n          presentation_during_issuance_session: verifiedResponse.correlationId,\n        }\n        if (authorizationResponse.is_first_party) {\n          response.setHeader('Content-Type', 'application/json')\n          return response.send(JSON.stringify(authorizationChallengeValidationResponse))\n        }\n\n        const responseRedirectURI = await context.agent.siopGetRedirectURI({ correlationId, queryId: queryId, state: verifiedResponse.state })\n        if (responseRedirectURI) {\n          response.setHeader('Content-Type', 'application/json')\n          return response.send(JSON.stringify({ redirect_uri: responseRedirectURI }))\n        }\n        // todo: delete session\n      } else {\n        console.log('Missing Presentation (Verifiable Credentials)')\n        response.statusCode = 500\n        response.statusMessage = 'Missing Presentation (Verifiable Credentials)'\n      }\n      return response.send()\n    } catch (error) {\n      console.error(error)\n      return sendErrorResponse(response, 500, 'Could not verify auth status', error)\n    }\n  })\n}\n\nexport function getAuthRequestSIOPv2Endpoint(router: Router, context: IRequiredContext, opts?: ISingleEndpointOpts) {\n  if (opts?.enabled === false) {\n    console.log(`getAuthRequest SIOP endpoint is disabled`)\n    return\n  }\n  const path = opts?.path ?? '/siop/definitions/:definitionId/auth-requests/:correlationId'\n  router.get(path, checkAuth(opts?.endpoint), async (request: Request, response: Response) => {\n    try {\n      const correlationId = request.params.correlationId\n      const definitionId = request.params.definitionId\n      if (!correlationId || !definitionId) {\n        console.log(`No authorization request could be found for the given url. correlationId: ${correlationId}, definitionId: ${definitionId}`)\n        return sendErrorResponse(response, 404, 'No authorization request could be found')\n      }\n      const requestState = await context.agent.siopGetAuthRequestState({\n        correlationId,\n        queryId: definitionId,\n        errorOnNotFound: false,\n      })\n      if (!requestState) {\n        console.log(\n          `No authorization request could be found for the given url in the state manager. correlationId: ${correlationId}, definitionId: ${definitionId}`,\n        )\n        return sendErrorResponse(response, 404, `No authorization request could be found`)\n      }\n      const requestObject = await requestState.request?.requestObject?.toJwt()\n      console.log('JWT Request object:')\n      console.log(requestObject)\n\n      let error: string | undefined\n      try {\n        response.statusCode = 200\n        response.setHeader('Content-Type', 'application/jwt')\n        return response.send(requestObject)\n      } catch (e) {\n        error = typeof e === 'string' ? e : e instanceof Error ? e.message : undefined\n        return sendErrorResponse(response, 500, 'Could not get authorization request', e)\n      } finally {\n        await context.agent.siopUpdateAuthRequestState({\n          correlationId,\n          queryId: definitionId,\n          state: 'authorization_request_created',\n          error,\n        })\n      }\n    } catch (error) {\n      return sendErrorResponse(response, 500, 'Could not get authorization request', error)\n    }\n  })\n}\n","import { AuthorizationResponseStateStatus } from '@sphereon/did-auth-siop'\nimport { checkAuth, ISingleEndpointOpts, sendErrorResponse } from '@sphereon/ssi-express-support'\nimport { uriWithBase } from '@sphereon/ssi-sdk.siopv2-oid4vp-common'\nimport { Request, Response, Router } from 'express'\nimport uuid from 'short-uuid'\nimport { validateData } from './middleware/validationMiddleware'\nimport { CreateAuthorizationRequestBodySchema } from './schemas'\nimport {\n  CreateAuthorizationRequest,\n  CreateAuthorizationRequestResponse,\n  CreateAuthorizationResponse,\n  DeleteAuthorizationRequest,\n  GetAuthorizationRequestStatus,\n  AuthStatusResponse,\n  ICreateAuthRequestWebappEndpointOpts,\n  IRequiredContext,\n} from './types'\n\nexport function createAuthRequestUniversalOID4VPEndpoint(router: Router, context: IRequiredContext, opts?: ICreateAuthRequestWebappEndpointOpts) {\n  if (opts?.enabled === false) {\n    console.log(`createAuthRequest universal OID4VP endpoint is disabled`)\n    return\n  }\n\n  const path = opts?.path ?? '/backend/auth/requests'\n  router.post(\n    path,\n    checkAuth(opts?.endpoint),\n    validateData(CreateAuthorizationRequestBodySchema),\n    async (request: CreateAuthorizationRequest, response: CreateAuthorizationResponse) => {\n      try {\n        const correlationId = request.body.correlation_id ?? uuid.uuid()\n        const qrCodeOpts = request.body.qr_code ?? opts?.qrCodeOpts\n        const queryId = request.body.query_id\n        const directPostResponseRedirectUri = request.body.direct_post_response_redirect_uri // TODO Uri not URI\n        const requestUriBase = request.body.request_uri_base\n        const callback = request.body.callback\n\n        const definitionItems = await context.agent.pdmGetDefinitions({ filter: [{ queryId }] })\n        if (definitionItems.length === 0) {\n          console.log(`No query could be found for the given id. Query id: ${queryId}`)\n          return sendErrorResponse(response, 404, { status: 404, message: 'No query could be found' })\n        }\n\n        const requestByReferenceURI = uriWithBase(`/siop/definitions/${queryId}/auth-requests/${correlationId}`, {\n          baseURI: requestUriBase ?? opts?.siopBaseURI,\n        })\n        const responseURI = uriWithBase(`/siop/definitions/${queryId}/auth-responses/${correlationId}`, { baseURI: opts?.siopBaseURI })\n\n        const authRequestURI = await context.agent.siopCreateAuthRequestURI({\n          queryId,\n          correlationId,\n          nonce: uuid.uuid(),\n          requestByReferenceURI,\n          responseURIType: 'response_uri',\n          responseURI,\n          ...(directPostResponseRedirectUri && { responseRedirectURI: directPostResponseRedirectUri }),\n          callback,\n        })\n\n        let qrCodeDataUri: string | undefined\n        if (qrCodeOpts) {\n          const { AwesomeQR } = await import('awesome-qr')\n          const qrCode = new AwesomeQR({ ...qrCodeOpts, text: authRequestURI })\n          qrCodeDataUri = `data:image/png;base64,${(await qrCode.draw())!.toString('base64')}`\n        }\n\n        const authRequestBody = {\n          query_id: queryId,\n          correlation_id: correlationId,\n          request_uri: authRequestURI,\n          status_uri: `${uriWithBase(opts?.webappAuthStatusPath ?? `/backend/auth/status/${correlationId}`, { baseURI: opts?.webappBaseURI })}`,\n          ...(qrCodeDataUri && { qr_uri: qrCodeDataUri }),\n        } satisfies CreateAuthorizationRequestResponse\n        console.log(`Auth Request URI data to send back: ${JSON.stringify(authRequestBody)}`)\n\n        return response.status(201).json(authRequestBody)\n      } catch (error) {\n        return sendErrorResponse(response, 500, { status: 500, message: 'Could not create an authorization request URI' }, error)\n      }\n    },\n  )\n}\n\nexport function removeAuthRequestStateUniversalOID4VPEndpoint(router: Router, context: IRequiredContext, opts?: ISingleEndpointOpts) {\n  if (opts?.enabled === false) {\n    console.log(`removeAuthStatus universal OID4VP endpoint is disabled`)\n    return\n  }\n\n  const path = opts?.path ?? '/backend/auth/requests/:correlationId'\n  router.delete(path, checkAuth(opts?.endpoint), async (request: DeleteAuthorizationRequest, response: Response) => {\n    try {\n      const correlationId: string = request.params.correlationId\n\n      const authRequestState = await context.agent.siopGetAuthRequestState({\n        correlationId,\n        errorOnNotFound: false,\n      })\n      if (!authRequestState) {\n        console.log(`No authorization request could be found for the given correlationId. correlationId: ${correlationId}`)\n        return sendErrorResponse(response, 404, { status: 404, message: 'No authorization request could be found' })\n      }\n\n      await context.agent.siopDeleteAuthState({ correlationId })\n\n      return response.status(204).json()\n    } catch (error) {\n      return sendErrorResponse(response, 500, { status: 500, message: error.message }, error)\n    }\n  })\n}\n\nexport function authStatusUniversalOID4VPEndpoint(router: Router, context: IRequiredContext, opts?: ISingleEndpointOpts) {\n  if (opts?.enabled === false) {\n    console.log(`authStatus universal OID4VP endpoint is disabled`)\n    return\n  }\n\n  const path = opts?.path ?? '/backend/auth/status/:correlationId'\n  router.get(path, checkAuth(opts?.endpoint), async (request: GetAuthorizationRequestStatus, response: Response) => {\n    try {\n      console.log('Received auth-status request...')\n      const correlationId: string = request.params.correlationId\n\n      const requestState = await context.agent.siopGetAuthRequestState({\n        correlationId,\n        errorOnNotFound: false,\n      })\n\n      if (!requestState) {\n        console.log(`No authorization request could be found for the given correlationId. correlationId: ${correlationId}`)\n        return sendErrorResponse(response, 404, { status: 404, message: 'No authorization request could be found' })\n      }\n\n      let responseState\n      if (requestState.status === 'authorization_request_created') {\n        responseState = await context.agent.siopGetAuthResponseState({ correlationId, errorOnNotFound: false })\n      }\n      const overallState = responseState ?? requestState\n\n      const statusBody = {\n        status: overallState.status,\n        correlation_id: overallState.correlationId,\n        query_id: overallState.queryId,\n        last_updated: overallState.lastUpdated,\n        ...(responseState?.status === AuthorizationResponseStateStatus.VERIFIED &&\n          responseState.verifiedData !== undefined && { verified_data: responseState.verifiedData }),\n        ...(overallState.error && { message: overallState.error.message }),\n      } satisfies AuthStatusResponse\n      console.debug(`Will send auth status: ${JSON.stringify(statusBody)}`)\n\n      if (overallState.status === 'error') {\n        return response.status(500).json(statusBody)\n      }\n      return response.status(200).json(statusBody)\n    } catch (error) {\n      return sendErrorResponse(response, 500, { status: 500, message: error.message }, error)\n    }\n  })\n}\n\nexport function getDefinitionsEndpoint(router: Router, context: IRequiredContext, opts?: ISingleEndpointOpts) {\n  if (opts?.enabled === false) {\n    console.log(`getDefinitions universal OID4VP endpoint is disabled`)\n    return\n  }\n\n  const path = opts?.path ?? '/backend/definitions'\n  router.get(path, checkAuth(opts?.endpoint), async (request: Request, response: Response) => {\n    try {\n      const definitions = await context.agent.pdmGetDefinitions()\n      response.statusCode = 200\n      return response.json(definitions)\n    } catch (error) {\n      return sendErrorResponse(response, 500, { status: 500, message: error.message }, error)\n    }\n  })\n}\n","import { Request, Response, NextFunction } from 'express';\nimport { z, ZodError } from 'zod';\n\nexport const validateData = (schema: z.ZodObject<any, any>) => {\n  return (req: Request, res: Response, next: NextFunction) => {\n    try {\n      schema.parse(req.body);\n      next();\n    } catch (error) {\n      if (error instanceof ZodError) {\n        const errorMessages = error.issues.map((issue: any) => ({\n          message: `${issue.path.join('.')} is ${issue.message}`,\n        }))\n        res.status(400).json({ status: 400, message: 'Invalid data', error_details: errorMessages[0].message });\n      } else {\n        res.status(500).json({ status: 500, message: 'Internal Server Error' });\n      }\n    }\n  };\n}\n","import { CallbackOptsSchema, RequestUriMethod, ResponseMode, ResponseType } from '@sphereon/did-auth-siop'\nimport { z } from 'zod'\n\nexport const ResponseTypeSchema = z.enum([ResponseType.VP_TOKEN])\n\nexport const ResponseModeSchema = z.enum([ResponseMode.DIRECT_POST, ResponseMode.DIRECT_POST_JWT])\n\nconst requestUriMethods = ['get', 'post'] as const satisfies Array<RequestUriMethod>\nexport const RequestUriMethodSchema = z.enum(requestUriMethods)\nexport const QRCodeOptsSchema = z.object({\n  size: z.number().optional(),\n  color_dark: z.string().optional(),\n  color_light: z.string().optional(),\n})\n\nexport const CreateAuthorizationRequestBodySchema = z.object({\n  query_id: z.string(),\n  client_id: z.string().optional(),\n  request_uri_base: z.string().optional(),\n  correlation_id: z.string().optional(),\n  request_uri_method: RequestUriMethodSchema.optional(),\n  response_type: ResponseTypeSchema.optional(),\n  response_mode: ResponseModeSchema.optional(),\n  transaction_data: z.array(z.string()).optional(),\n  qr_code: QRCodeOptsSchema.optional(),\n  direct_post_response_redirect_uri: z.string().optional(),\n  callback: CallbackOptsSchema.optional(),\n})\n\nexport const CreateAuthorizationResponseSchema = z.object({\n  correlation_id: z.string(),\n  query_id: z.string(),\n  request_uri: z.string(),\n  status_uri: z.string(),\n  qr_uri: z.string().optional(),\n})\n","import { agentContext } from '@sphereon/ssi-sdk.core'\nimport { copyGlobalAuthToEndpoints, ExpressSupport } from '@sphereon/ssi-express-support'\nimport { ISIOPv2RP } from '@sphereon/ssi-sdk.siopv2-oid4vp-rp-auth'\nimport { TAgent } from '@veramo/core'\nimport express, { Express, Request, Response, Router } from 'express'\nimport { getAuthRequestSIOPv2Endpoint, verifyAuthResponseSIOPv2Endpoint } from './siop-api-functions'\nimport { IRequiredPlugins, ISIOPv2RPRestAPIOpts } from './types'\nimport {\n  authStatusUniversalOID4VPEndpoint,\n  createAuthRequestUniversalOID4VPEndpoint,\n  getDefinitionsEndpoint,\n  removeAuthRequestStateUniversalOID4VPEndpoint,\n} from './universal-oid4vp-api-functions'\nimport swaggerUi from 'swagger-ui-express'\n\nexport class SIOPv2RPApiServer {\n  private readonly _express: Express\n  private readonly _router: Router\n  private readonly _agent: TAgent<ISIOPv2RP>\n  private readonly _opts?: ISIOPv2RPRestAPIOpts\n  private readonly _basePath: string\n\n  private readonly OID4VP_SWAGGER_URL = 'https://api.swaggerhub.com/apis/SphereonInt/OID4VP/0.1.0'\n  constructor(args: { agent: TAgent<IRequiredPlugins>; expressSupport: ExpressSupport; opts?: ISIOPv2RPRestAPIOpts }) {\n    const { agent, opts } = args\n    this._agent = agent\n    copyGlobalAuthToEndpoints({ opts, keys: ['webappCreateAuthRequest', 'webappAuthStatus', 'webappDeleteAuthRequest'] })\n    if (opts?.endpointOpts?.globalAuth?.secureSiopEndpoints) {\n      copyGlobalAuthToEndpoints({ opts, keys: ['siopGetAuthRequest', 'siopVerifyAuthResponse'] })\n    }\n\n    this._opts = opts\n    this._express = args.expressSupport.express\n    this._router = express.Router()\n    const context = agentContext(agent)\n\n    const features = opts?.enableFeatures ?? ['rp-status', 'siop']\n    console.log(`SIOPv2 API enabled, with features: ${JSON.stringify(features)}}`)\n\n    // Webapp endpoints\n    if (features.includes('rp-status')) {\n      createAuthRequestUniversalOID4VPEndpoint(this._router, context, opts?.endpointOpts?.webappCreateAuthRequest)\n      authStatusUniversalOID4VPEndpoint(this._router, context, opts?.endpointOpts?.webappAuthStatus)\n      removeAuthRequestStateUniversalOID4VPEndpoint(this._router, context, opts?.endpointOpts?.webappDeleteAuthRequest)\n      getDefinitionsEndpoint(this._router, context, opts?.endpointOpts?.webappGetDefinitions)\n    }\n\n    // SIOPv2 endpoints\n    if (features.includes('siop')) {\n      getAuthRequestSIOPv2Endpoint(this._router, context, opts?.endpointOpts?.siopGetAuthRequest)\n      verifyAuthResponseSIOPv2Endpoint(this._router, context, opts?.endpointOpts?.siopVerifyAuthResponse)\n    }\n    this._basePath = opts?.endpointOpts?.basePath ?? ''\n    this._express.use(this._basePath, this.router)\n    this._express.set('trust proxy', opts?.endpointOpts?.trustProxy ?? true)\n    this.setupSwaggerUi()\n  }\n\n  private setupSwaggerUi() {\n    fetch(this.OID4VP_SWAGGER_URL)\n      .then((res) => res.json())\n      .then((swagger: any) => {\n        const apiDocs = `${this._basePath}/api-docs`\n        console.log(`[OID4P] API docs available at ${apiDocs}`)\n\n        this._router.use(\n          '/api-docs',\n          (req: Request, res: Response, next: any) => {\n            const regex = `${apiDocs.replace(/\\//, '\\/')}`.replace('/oid4vp', '').replace(/\\/api-docs.*/, '')\n            swagger.servers = [{ url: `${req.protocol}://${req.get('host')}${regex}`, description: 'This server' }]\n            // @ts-ignore\n            req.swaggerDoc = swagger\n            next()\n          },\n          swaggerUi.serveFiles(swagger, options),\n          swaggerUi.setup(),\n        )\n      })\n      .catch((err) => {\n        console.log(`[OID4VP] Unable to fetch swagger document: ${err}. Will not host api-docs on this instance`)\n      })\n    const options = {\n      // customCss: '.swagger-ui .topbar { display: none }',\n    }\n  }\n  get express(): Express {\n    return this._express\n  }\n\n  get router(): Router {\n    return this._router\n  }\n\n  get agent(): TAgent<ISIOPv2RP> {\n    return this._agent\n  }\n\n  get opts(): ISIOPv2RPRestAPIOpts | undefined {\n    return this._opts\n  }\n}\n"],"mappings":";;;;AACA,SAASA,WAAgCC,yBAAyB;AAElE,SAASC,wBAAwB;AAIjC,IAAMC,6BAA6B,wBAACC,YAAAA;AAClC,QAAMC,cAAcD,QAAQE,OAAO,cAAA;AAEnC,MAAID,gBAAgB,oBAAoB;AACtC,UAAME,UAAU,OAAOH,QAAQI,SAAS,WAAWC,KAAKC,MAAMN,QAAQI,IAAI,IAAIJ,QAAQI;AACtF,WAAOD;EACT;AAEA,MAAIF,gBAAgB,qCAAqC;AACvD,UAAME,UAAUH,QAAQI;AAGxB,QAAI,OAAOD,QAAQI,4BAA4B,UAAU;AACvDC,cAAQC,IAAI,gIAAgI;AAC5IN,cAAQI,0BAA0BF,KAAKC,MAAMH,QAAQI,uBAAuB;IAC9E;AAGA,QAAI,OAAOJ,QAAQO,aAAa,UAAU;AACxC,YAAM,EAAEA,SAAQ,IAAKP;AAIrB,UAAKO,SAASC,WAAW,GAAA,KAAQD,SAASE,SAAS,GAAA,KAASC,iBAAiBC,iBAAiBJ,QAAAA,GAAW;AACvGP,gBAAQO,WAAWL,KAAKC,MAAMI,QAAAA;MAChC;IACF;AAEA,WAAOP;EACT;AAEA,QAAM,IAAIY,MACR,6BAA6Bd,WAAAA,yGAAoH;AAErJ,GAlCmC;AAoC5B,SAASe,iCAAiCC,QAAgBC,SAA2BC,MAA0B;AACpH,MAAIA,MAAMC,YAAY,OAAO;AAC3BZ,YAAQC,IAAI,8CAA8C;AAC1D;EACF;AACA,QAAMY,OAAOF,MAAME,QAAQ;AAC3BJ,SAAOK,KAAKD,MAAME,UAAUJ,MAAMK,QAAAA,GAAW,OAAOxB,SAAkByB,aAAAA;AACpE,QAAI;AACF,YAAM,EAAEC,eAAeC,SAASC,UAAUC,QAAO,IAAK7B,QAAQ8B;AAC9D,UAAI,CAACJ,iBAAiB,CAACC,SAAS;AAC9BnB,gBAAQC,IAAI,6EAA6EiB,aAAAA,cAA2BC,OAAAA,EAAS;AAC7H,eAAOI,kBAAkBN,UAAU,KAAK,yCAAA;MAC1C;AACAjB,cAAQC,IAAI,uCAAA;AACZD,cAAQC,IAAIJ,KAAK2B,UAAUhC,QAAQI,MAAM,MAAM,CAAA,CAAA;AAC/C,YAAM6B,kBAAkB,MAAMf,QAAQgB,MAAMC,kBAAkB;QAAEC,QAAQ;UAAC;YAAET;YAASC;YAAUC;UAAQ;;MAAG,CAAA;AACzG,UAAII,gBAAgBI,WAAW,GAAG;AAChC7B,gBAAQC,IAAI,4BAA4BkB,OAAAA,8BAAqC;AAC7EF,iBAASa,aAAa;AACtBb,iBAASc,gBAAgB,iBAAiBZ,OAAAA;AAC1C,eAAOF,SAASe,KAAI;MACtB;AAEA,YAAMC,wBAAwB1C,2BAA2BC,OAAAA;AACzDQ,cAAQC,IAAI,QAAQJ,KAAK2B,UAAUS,qBAAAA,CAAAA,EAAwB;AAE3D,YAAMC,iBAAiBT,gBAAgB,CAAA;AACvC,YAAMU,mBAAmB,MAAMzB,QAAQgB,MAAMU,uBAAuB;QAClEH;QACAf;QACAC;QACAkB,WAAWH,eAAeI;MAC5B,CAAA;AAGA,YAAMC,eAAeJ,kBAAkBK,kBAAkBD;AACzD,UAAIA,gBAAgBE,OAAOC,KAAKH,YAAAA,EAAcV,SAAS,GAAG;AACxD7B,gBAAQC,IAAI,mBAAmBJ,KAAK2B,UAAUW,kBAAkBK,kBAAkBD,cAAc,MAAM,CAAA,CAAA;AACtGtB,iBAASa,aAAa;AAEtB,cAAMa,2CAAqF;UACzFC,sCAAsCT,iBAAiBjB;QACzD;AACA,YAAIe,sBAAsBY,gBAAgB;AACxC5B,mBAAS6B,UAAU,gBAAgB,kBAAA;AACnC,iBAAO7B,SAASe,KAAKnC,KAAK2B,UAAUmB,wCAAAA,CAAAA;QACtC;AAEA,cAAMI,sBAAsB,MAAMrC,QAAQgB,MAAMsB,mBAAmB;UAAE9B;UAAeC;UAAkB8B,OAAOd,iBAAiBc;QAAM,CAAA;AACpI,YAAIF,qBAAqB;AACvB9B,mBAAS6B,UAAU,gBAAgB,kBAAA;AACnC,iBAAO7B,SAASe,KAAKnC,KAAK2B,UAAU;YAAE0B,cAAcH;UAAoB,CAAA,CAAA;QAC1E;MAEF,OAAO;AACL/C,gBAAQC,IAAI,+CAAA;AACZgB,iBAASa,aAAa;AACtBb,iBAASc,gBAAgB;MAC3B;AACA,aAAOd,SAASe,KAAI;IACtB,SAASmB,OAAO;AACdnD,cAAQmD,MAAMA,KAAAA;AACd,aAAO5B,kBAAkBN,UAAU,KAAK,gCAAgCkC,KAAAA;IAC1E;EACF,CAAA;AACF;AAjEgB3C;AAmET,SAAS4C,6BAA6B3C,QAAgBC,SAA2BC,MAA0B;AAChH,MAAIA,MAAMC,YAAY,OAAO;AAC3BZ,YAAQC,IAAI,0CAA0C;AACtD;EACF;AACA,QAAMY,OAAOF,MAAME,QAAQ;AAC3BJ,SAAO4C,IAAIxC,MAAME,UAAUJ,MAAMK,QAAAA,GAAW,OAAOxB,SAAkByB,aAAAA;AACnE,QAAI;AACF,YAAMC,gBAAgB1B,QAAQ8B,OAAOJ;AACrC,YAAMoC,eAAe9D,QAAQ8B,OAAOgC;AACpC,UAAI,CAACpC,iBAAiB,CAACoC,cAAc;AACnCtD,gBAAQC,IAAI,6EAA6EiB,aAAAA,mBAAgCoC,YAAAA,EAAc;AACvI,eAAO/B,kBAAkBN,UAAU,KAAK,yCAAA;MAC1C;AACA,YAAMsC,eAAe,MAAM7C,QAAQgB,MAAM8B,wBAAwB;QAC/DtC;QACAC,SAASmC;QACTG,iBAAiB;MACnB,CAAA;AACA,UAAI,CAACF,cAAc;AACjBvD,gBAAQC,IACN,kGAAkGiB,aAAAA,mBAAgCoC,YAAAA,EAAc;AAElJ,eAAO/B,kBAAkBN,UAAU,KAAK,yCAAyC;MACnF;AACA,YAAMyC,gBAAgB,MAAMH,aAAa/D,SAASkE,eAAeC,MAAAA;AACjE3D,cAAQC,IAAI,qBAAA;AACZD,cAAQC,IAAIyD,aAAAA;AAEZ,UAAIP;AACJ,UAAI;AACFlC,iBAASa,aAAa;AACtBb,iBAAS6B,UAAU,gBAAgB,iBAAA;AACnC,eAAO7B,SAASe,KAAK0B,aAAAA;MACvB,SAASE,GAAG;AACVT,gBAAQ,OAAOS,MAAM,WAAWA,IAAIA,aAAarD,QAAQqD,EAAEC,UAAUC;AACrE,eAAOvC,kBAAkBN,UAAU,KAAK,uCAAuC2C,CAAAA;MACjF,UAAA;AACE,cAAMlD,QAAQgB,MAAMqC,2BAA2B;UAC7C7C;UACAC,SAASmC;UACTL,OAAO;UACPE;QACF,CAAA;MACF;IACF,SAASA,OAAO;AACd,aAAO5B,kBAAkBN,UAAU,KAAK,uCAAuCkC,KAAAA;IACjF;EACF,CAAA;AACF;AAjDgBC;;;AC9GhB,SAASY,wCAAwC;AACjD,SAASC,aAAAA,YAAgCC,qBAAAA,0BAAyB;AAClE,SAASC,mBAAmB;AAE5B,OAAOC,UAAU;;;ACHjB,SAAYC,gBAAgB;AAErB,IAAMC,eAAe,wBAACC,WAAAA;AAC3B,SAAO,CAACC,KAAcC,KAAeC,SAAAA;AACnC,QAAI;AACFH,aAAOI,MAAMH,IAAII,IAAI;AACrBF,WAAAA;IACF,SAASG,OAAO;AACd,UAAIA,iBAAiBC,UAAU;AAC7B,cAAMC,gBAAgBF,MAAMG,OAAOC,IAAI,CAACC,WAAgB;UACtDC,SAAS,GAAGD,MAAME,KAAKC,KAAK,GAAA,CAAA,OAAWH,MAAMC,OAAO;QACtD,EAAA;AACAV,YAAIa,OAAO,GAAA,EAAKC,KAAK;UAAED,QAAQ;UAAKH,SAAS;UAAgBK,eAAeT,cAAc,CAAA,EAAGI;QAAQ,CAAA;MACvG,OAAO;AACLV,YAAIa,OAAO,GAAA,EAAKC,KAAK;UAAED,QAAQ;UAAKH,SAAS;QAAwB,CAAA;MACvE;IACF;EACF;AACF,GAhB4B;;;ACH5B,SAASM,oBAAsCC,cAAcC,oBAAoB;AACjF,SAASC,SAAS;AAEX,IAAMC,qBAAqBD,EAAEE,KAAK;EAACH,aAAaI;CAAS;AAEzD,IAAMC,qBAAqBJ,EAAEE,KAAK;EAACJ,aAAaO;EAAaP,aAAaQ;CAAgB;AAEjG,IAAMC,oBAAoB;EAAC;EAAO;;AAC3B,IAAMC,yBAAyBR,EAAEE,KAAKK,iBAAAA;AACtC,IAAME,mBAAmBT,EAAEU,OAAO;EACvCC,MAAMX,EAAEY,OAAM,EAAGC,SAAQ;EACzBC,YAAYd,EAAEe,OAAM,EAAGF,SAAQ;EAC/BG,aAAahB,EAAEe,OAAM,EAAGF,SAAQ;AAClC,CAAA;AAEO,IAAMI,uCAAuCjB,EAAEU,OAAO;EAC3DQ,UAAUlB,EAAEe,OAAM;EAClBI,WAAWnB,EAAEe,OAAM,EAAGF,SAAQ;EAC9BO,kBAAkBpB,EAAEe,OAAM,EAAGF,SAAQ;EACrCQ,gBAAgBrB,EAAEe,OAAM,EAAGF,SAAQ;EACnCS,oBAAoBd,uBAAuBK,SAAQ;EACnDU,eAAetB,mBAAmBY,SAAQ;EAC1CW,eAAepB,mBAAmBS,SAAQ;EAC1CY,kBAAkBzB,EAAE0B,MAAM1B,EAAEe,OAAM,CAAA,EAAIF,SAAQ;EAC9Cc,SAASlB,iBAAiBI,SAAQ;EAClCe,mCAAmC5B,EAAEe,OAAM,EAAGF,SAAQ;EACtDgB,UAAUhC,mBAAmBgB,SAAQ;AACvC,CAAA;AAEO,IAAMiB,oCAAoC9B,EAAEU,OAAO;EACxDW,gBAAgBrB,EAAEe,OAAM;EACxBG,UAAUlB,EAAEe,OAAM;EAClBgB,aAAa/B,EAAEe,OAAM;EACrBiB,YAAYhC,EAAEe,OAAM;EACpBkB,QAAQjC,EAAEe,OAAM,EAAGF,SAAQ;AAC7B,CAAA;;;AFjBO,SAASqB,yCAAyCC,QAAgBC,SAA2BC,MAA2C;AAC7I,MAAIA,MAAMC,YAAY,OAAO;AAC3BC,YAAQC,IAAI,yDAAyD;AACrE;EACF;AAEA,QAAMC,OAAOJ,MAAMI,QAAQ;AAC3BN,SAAOO,KACLD,MACAE,WAAUN,MAAMO,QAAAA,GAChBC,aAAaC,oCAAAA,GACb,OAAOC,SAAqCC,aAAAA;AAC1C,QAAI;AACF,YAAMC,gBAAgBF,QAAQG,KAAKC,kBAAkBC,KAAKA,KAAI;AAC9D,YAAMC,aAAaN,QAAQG,KAAKI,WAAWjB,MAAMgB;AACjD,YAAME,UAAUR,QAAQG,KAAKM;AAC7B,YAAMC,gCAAgCV,QAAQG,KAAKQ;AACnD,YAAMC,iBAAiBZ,QAAQG,KAAKU;AACpC,YAAMC,WAAWd,QAAQG,KAAKW;AAE9B,YAAMC,kBAAkB,MAAM1B,QAAQ2B,MAAMC,kBAAkB;QAAEC,QAAQ;UAAC;YAAEV;UAAQ;;MAAG,CAAA;AACtF,UAAIO,gBAAgBI,WAAW,GAAG;AAChC3B,gBAAQC,IAAI,uDAAuDe,OAAAA,EAAS;AAC5E,eAAOY,mBAAkBnB,UAAU,KAAK;UAAEoB,QAAQ;UAAKC,SAAS;QAA0B,CAAA;MAC5F;AAEA,YAAMC,wBAAwBC,YAAY,qBAAqBhB,OAAAA,kBAAyBN,aAAAA,IAAiB;QACvGuB,SAASb,kBAAkBtB,MAAMoC;MACnC,CAAA;AACA,YAAMC,cAAcH,YAAY,qBAAqBhB,OAAAA,mBAA0BN,aAAAA,IAAiB;QAAEuB,SAASnC,MAAMoC;MAAY,CAAA;AAE7H,YAAME,iBAAiB,MAAMvC,QAAQ2B,MAAMa,yBAAyB;QAClErB;QACAN;QACA4B,OAAOzB,KAAKA,KAAI;QAChBkB;QACAQ,iBAAiB;QACjBJ;QACA,GAAIjB,iCAAiC;UAAEsB,qBAAqBtB;QAA8B;QAC1FI;MACF,CAAA;AAEA,UAAImB;AACJ,UAAI3B,YAAY;AACd,cAAM,EAAE4B,UAAS,IAAK,MAAM,OAAO,YAAA;AACnC,cAAMC,SAAS,IAAID,UAAU;UAAE,GAAG5B;UAAY8B,MAAMR;QAAe,CAAA;AACnEK,wBAAgB,0BAA0B,MAAME,OAAOE,KAAI,GAAKC,SAAS,QAAA,CAAA;MAC3E;AAEA,YAAMC,kBAAkB;QACtB9B,UAAUD;QACVJ,gBAAgBF;QAChBsC,aAAaZ;QACba,YAAY,GAAGjB,YAAYlC,MAAMoD,wBAAwB,wBAAwBxC,aAAAA,IAAiB;UAAEuB,SAASnC,MAAMqD;QAAc,CAAA,CAAA;QACjI,GAAIV,iBAAiB;UAAEW,QAAQX;QAAc;MAC/C;AACAzC,cAAQC,IAAI,uCAAuCoD,KAAKC,UAAUP,eAAAA,CAAAA,EAAkB;AAEpF,aAAOtC,SAASoB,OAAO,GAAA,EAAK0B,KAAKR,eAAAA;IACnC,SAASS,OAAO;AACd,aAAO5B,mBAAkBnB,UAAU,KAAK;QAAEoB,QAAQ;QAAKC,SAAS;MAAgD,GAAG0B,KAAAA;IACrH;EACF,CAAA;AAEJ;AAhEgB7D;AAkET,SAAS8D,8CAA8C7D,QAAgBC,SAA2BC,MAA0B;AACjI,MAAIA,MAAMC,YAAY,OAAO;AAC3BC,YAAQC,IAAI,wDAAwD;AACpE;EACF;AAEA,QAAMC,OAAOJ,MAAMI,QAAQ;AAC3BN,SAAO8D,OAAOxD,MAAME,WAAUN,MAAMO,QAAAA,GAAW,OAAOG,SAAqCC,aAAAA;AACzF,QAAI;AACF,YAAMC,gBAAwBF,QAAQmD,OAAOjD;AAE7C,YAAMkD,mBAAmB,MAAM/D,QAAQ2B,MAAMqC,wBAAwB;QACnEnD;QACAoD,iBAAiB;MACnB,CAAA;AACA,UAAI,CAACF,kBAAkB;AACrB5D,gBAAQC,IAAI,uFAAuFS,aAAAA,EAAe;AAClH,eAAOkB,mBAAkBnB,UAAU,KAAK;UAAEoB,QAAQ;UAAKC,SAAS;QAA0C,CAAA;MAC5G;AAEA,YAAMjC,QAAQ2B,MAAMuC,oBAAoB;QAAErD;MAAc,CAAA;AAExD,aAAOD,SAASoB,OAAO,GAAA,EAAK0B,KAAI;IAClC,SAASC,OAAO;AACd,aAAO5B,mBAAkBnB,UAAU,KAAK;QAAEoB,QAAQ;QAAKC,SAAS0B,MAAM1B;MAAQ,GAAG0B,KAAAA;IACnF;EACF,CAAA;AACF;AA3BgBC;AA6BT,SAASO,kCAAkCpE,QAAgBC,SAA2BC,MAA0B;AACrH,MAAIA,MAAMC,YAAY,OAAO;AAC3BC,YAAQC,IAAI,kDAAkD;AAC9D;EACF;AAEA,QAAMC,OAAOJ,MAAMI,QAAQ;AAC3BN,SAAOqE,IAAI/D,MAAME,WAAUN,MAAMO,QAAAA,GAAW,OAAOG,SAAwCC,aAAAA;AACzF,QAAI;AACFT,cAAQC,IAAI,iCAAA;AACZ,YAAMS,gBAAwBF,QAAQmD,OAAOjD;AAE7C,YAAMwD,eAAe,MAAMrE,QAAQ2B,MAAMqC,wBAAwB;QAC/DnD;QACAoD,iBAAiB;MACnB,CAAA;AAEA,UAAI,CAACI,cAAc;AACjBlE,gBAAQC,IAAI,uFAAuFS,aAAAA,EAAe;AAClH,eAAOkB,mBAAkBnB,UAAU,KAAK;UAAEoB,QAAQ;UAAKC,SAAS;QAA0C,CAAA;MAC5G;AAEA,UAAIqC;AACJ,UAAID,aAAarC,WAAW,iCAAiC;AAC3DsC,wBAAgB,MAAMtE,QAAQ2B,MAAM4C,yBAAyB;UAAE1D;UAAeoD,iBAAiB;QAAM,CAAA;MACvG;AACA,YAAMO,eAAeF,iBAAiBD;AAEtC,YAAMI,aAAa;QACjBzC,QAAQwC,aAAaxC;QACrBjB,gBAAgByD,aAAa3D;QAC7BO,UAAUoD,aAAarD;QACvBuD,cAAcF,aAAaG;QAC3B,GAAIL,eAAetC,WAAW4C,iCAAiCC,YAC7DP,cAAcQ,iBAAiBC,UAAa;UAAEC,eAAeV,cAAcQ;QAAa;QAC1F,GAAIN,aAAab,SAAS;UAAE1B,SAASuC,aAAab,MAAM1B;QAAQ;MAClE;AACA9B,cAAQ8E,MAAM,0BAA0BzB,KAAKC,UAAUgB,UAAAA,CAAAA,EAAa;AAEpE,UAAID,aAAaxC,WAAW,SAAS;AACnC,eAAOpB,SAASoB,OAAO,GAAA,EAAK0B,KAAKe,UAAAA;MACnC;AACA,aAAO7D,SAASoB,OAAO,GAAA,EAAK0B,KAAKe,UAAAA;IACnC,SAASd,OAAO;AACd,aAAO5B,mBAAkBnB,UAAU,KAAK;QAAEoB,QAAQ;QAAKC,SAAS0B,MAAM1B;MAAQ,GAAG0B,KAAAA;IACnF;EACF,CAAA;AACF;AA/CgBQ;AAiDT,SAASe,uBAAuBnF,QAAgBC,SAA2BC,MAA0B;AAC1G,MAAIA,MAAMC,YAAY,OAAO;AAC3BC,YAAQC,IAAI,sDAAsD;AAClE;EACF;AAEA,QAAMC,OAAOJ,MAAMI,QAAQ;AAC3BN,SAAOqE,IAAI/D,MAAME,WAAUN,MAAMO,QAAAA,GAAW,OAAOG,SAAkBC,aAAAA;AACnE,QAAI;AACF,YAAMuE,cAAc,MAAMnF,QAAQ2B,MAAMC,kBAAiB;AACzDhB,eAASwE,aAAa;AACtB,aAAOxE,SAAS8C,KAAKyB,WAAAA;IACvB,SAASxB,OAAO;AACd,aAAO5B,mBAAkBnB,UAAU,KAAK;QAAEoB,QAAQ;QAAKC,SAAS0B,MAAM1B;MAAQ,GAAG0B,KAAAA;IACnF;EACF,CAAA;AACF;AAhBgBuB;;;AGlKhB,SAASG,oBAAoB;AAC7B,SAASC,iCAAiD;AAG1D,OAAOC,aAAqD;AAS5D,OAAOC,eAAe;AAEf,IAAMC,oBAAN,MAAMA;EAfb,OAeaA;;;EACMC;EACAC;EACAC;EACAC;EACAC;EAEAC,qBAAqB;EACtC,YAAYC,MAAwG;AAClH,UAAM,EAAEC,OAAOC,KAAI,IAAKF;AACxB,SAAKJ,SAASK;AACdE,8BAA0B;MAAED;MAAME,MAAM;QAAC;QAA2B;QAAoB;;IAA2B,CAAA;AACnH,QAAIF,MAAMG,cAAcC,YAAYC,qBAAqB;AACvDJ,gCAA0B;QAAED;QAAME,MAAM;UAAC;UAAsB;;MAA0B,CAAA;IAC3F;AAEA,SAAKP,QAAQK;AACb,SAAKR,WAAWM,KAAKQ,eAAeC;AACpC,SAAKd,UAAUc,QAAQC,OAAM;AAC7B,UAAMC,UAAUC,aAAaX,KAAAA;AAE7B,UAAMY,WAAWX,MAAMY,kBAAkB;MAAC;MAAa;;AACvDC,YAAQC,IAAI,sCAAsCC,KAAKC,UAAUL,QAAAA,CAAAA,GAAY;AAG7E,QAAIA,SAASM,SAAS,WAAA,GAAc;AAClCC,+CAAyC,KAAKzB,SAASgB,SAAST,MAAMG,cAAcgB,uBAAAA;AACpFC,wCAAkC,KAAK3B,SAASgB,SAAST,MAAMG,cAAckB,gBAAAA;AAC7EC,oDAA8C,KAAK7B,SAASgB,SAAST,MAAMG,cAAcoB,uBAAAA;AACzFC,6BAAuB,KAAK/B,SAASgB,SAAST,MAAMG,cAAcsB,oBAAAA;IACpE;AAGA,QAAId,SAASM,SAAS,MAAA,GAAS;AAC7BS,mCAA6B,KAAKjC,SAASgB,SAAST,MAAMG,cAAcwB,kBAAAA;AACxEC,uCAAiC,KAAKnC,SAASgB,SAAST,MAAMG,cAAc0B,sBAAAA;IAC9E;AACA,SAAKjC,YAAYI,MAAMG,cAAc2B,YAAY;AACjD,SAAKtC,SAASuC,IAAI,KAAKnC,WAAW,KAAKoC,MAAM;AAC7C,SAAKxC,SAASyC,IAAI,eAAejC,MAAMG,cAAc+B,cAAc,IAAA;AACnE,SAAKC,eAAc;EACrB;EAEQA,iBAAiB;AACvBC,UAAM,KAAKvC,kBAAkB,EAC1BwC,KAAK,CAACC,QAAQA,IAAIC,KAAI,CAAA,EACtBF,KAAK,CAACG,YAAAA;AACL,YAAMC,UAAU,GAAG,KAAK7C,SAAS;AACjCiB,cAAQC,IAAI,iCAAiC2B,OAAAA,EAAS;AAEtD,WAAKhD,QAAQsC,IACX,aACA,CAACW,KAAcJ,KAAeK,SAAAA;AAC5B,cAAMC,QAAQ,GAAGH,QAAQI,QAAQ,MAAM,GAAA,CAAA,GAAQA,QAAQ,WAAW,EAAA,EAAIA,QAAQ,gBAAgB,EAAA;AAC9FL,gBAAQM,UAAU;UAAC;YAAEC,KAAK,GAAGL,IAAIM,QAAQ,MAAMN,IAAIO,IAAI,MAAA,CAAA,GAAUL,KAAAA;YAASM,aAAa;UAAc;;AAErGR,YAAIS,aAAaX;AACjBG,aAAAA;MACF,GACAS,UAAUC,WAAWb,SAASc,OAAAA,GAC9BF,UAAUG,MAAK,CAAA;IAEnB,CAAA,EACCC,MAAM,CAACC,QAAAA;AACN5C,cAAQC,IAAI,8CAA8C2C,GAAAA,2CAA8C;IAC1G,CAAA;AACF,UAAMH,UAAU,CAEhB;EACF;EACA,IAAI/C,UAAmB;AACrB,WAAO,KAAKf;EACd;EAEA,IAAIwC,SAAiB;AACnB,WAAO,KAAKvC;EACd;EAEA,IAAIM,QAA2B;AAC7B,WAAO,KAAKL;EACd;EAEA,IAAIM,OAAyC;AAC3C,WAAO,KAAKL;EACd;AACF;","names":["checkAuth","sendErrorResponse","CredentialMapper","parseAuthorizationResponse","request","contentType","header","payload","body","JSON","parse","presentation_submission","console","log","vp_token","startsWith","endsWith","CredentialMapper","isJsonLdAsString","Error","verifyAuthResponseSIOPv2Endpoint","router","context","opts","enabled","path","post","checkAuth","endpoint","response","correlationId","queryId","tenantId","version","params","sendErrorResponse","stringify","definitionItems","agent","pdmGetDefinitions","filter","length","statusCode","statusMessage","send","authorizationResponse","definitionItem","verifiedResponse","siopVerifyAuthResponse","dcqlQuery","query","presentation","oid4vpSubmission","Object","keys","authorizationChallengeValidationResponse","presentation_during_issuance_session","is_first_party","setHeader","responseRedirectURI","siopGetRedirectURI","state","redirect_uri","error","getAuthRequestSIOPv2Endpoint","get","definitionId","requestState","siopGetAuthRequestState","errorOnNotFound","requestObject","toJwt","e","message","undefined","siopUpdateAuthRequestState","AuthorizationResponseStateStatus","checkAuth","sendErrorResponse","uriWithBase","uuid","ZodError","validateData","schema","req","res","next","parse","body","error","ZodError","errorMessages","issues","map","issue","message","path","join","status","json","error_details","CallbackOptsSchema","ResponseMode","ResponseType","z","ResponseTypeSchema","enum","VP_TOKEN","ResponseModeSchema","DIRECT_POST","DIRECT_POST_JWT","requestUriMethods","RequestUriMethodSchema","QRCodeOptsSchema","object","size","number","optional","color_dark","string","color_light","CreateAuthorizationRequestBodySchema","query_id","client_id","request_uri_base","correlation_id","request_uri_method","response_type","response_mode","transaction_data","array","qr_code","direct_post_response_redirect_uri","callback","CreateAuthorizationResponseSchema","request_uri","status_uri","qr_uri","createAuthRequestUniversalOID4VPEndpoint","router","context","opts","enabled","console","log","path","post","checkAuth","endpoint","validateData","CreateAuthorizationRequestBodySchema","request","response","correlationId","body","correlation_id","uuid","qrCodeOpts","qr_code","queryId","query_id","directPostResponseRedirectUri","direct_post_response_redirect_uri","requestUriBase","request_uri_base","callback","definitionItems","agent","pdmGetDefinitions","filter","length","sendErrorResponse","status","message","requestByReferenceURI","uriWithBase","baseURI","siopBaseURI","responseURI","authRequestURI","siopCreateAuthRequestURI","nonce","responseURIType","responseRedirectURI","qrCodeDataUri","AwesomeQR","qrCode","text","draw","toString","authRequestBody","request_uri","status_uri","webappAuthStatusPath","webappBaseURI","qr_uri","JSON","stringify","json","error","removeAuthRequestStateUniversalOID4VPEndpoint","delete","params","authRequestState","siopGetAuthRequestState","errorOnNotFound","siopDeleteAuthState","authStatusUniversalOID4VPEndpoint","get","requestState","responseState","siopGetAuthResponseState","overallState","statusBody","last_updated","lastUpdated","AuthorizationResponseStateStatus","VERIFIED","verifiedData","undefined","verified_data","debug","getDefinitionsEndpoint","definitions","statusCode","agentContext","copyGlobalAuthToEndpoints","express","swaggerUi","SIOPv2RPApiServer","_express","_router","_agent","_opts","_basePath","OID4VP_SWAGGER_URL","args","agent","opts","copyGlobalAuthToEndpoints","keys","endpointOpts","globalAuth","secureSiopEndpoints","expressSupport","express","Router","context","agentContext","features","enableFeatures","console","log","JSON","stringify","includes","createAuthRequestUniversalOID4VPEndpoint","webappCreateAuthRequest","authStatusUniversalOID4VPEndpoint","webappAuthStatus","removeAuthRequestStateUniversalOID4VPEndpoint","webappDeleteAuthRequest","getDefinitionsEndpoint","webappGetDefinitions","getAuthRequestSIOPv2Endpoint","siopGetAuthRequest","verifyAuthResponseSIOPv2Endpoint","siopVerifyAuthResponse","basePath","use","router","set","trustProxy","setupSwaggerUi","fetch","then","res","json","swagger","apiDocs","req","next","regex","replace","servers","url","protocol","get","description","swaggerDoc","swaggerUi","serveFiles","options","setup","catch","err"]}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@sphereon/ssi-sdk.siopv2-oid4vp-rp-rest-api",
-  "version": "0.34.1-feature.SSISDK.45.135+c34457e7",
+  "version": "0.34.1-feature.SSISDK.45.189+b7e0c23f",
   "source": "src/index.ts",
   "type": "module",
   "main": "./dist/index.cjs",
@@ -23,16 +23,16 @@
     "start:dev": "ts-node __tests__/RestAPI.ts"
   },
   "dependencies": {
-    "@sphereon/did-auth-siop": "0.19.1-feature.SSISDK.45.120",
-    "@sphereon/ssi-express-support": "0.34.1-feature.SSISDK.45.135+c34457e7",
-    "@sphereon/ssi-sdk.core": "0.34.1-feature.SSISDK.45.135+c34457e7",
-    "@sphereon/ssi-sdk.credential-validation": "0.34.1-feature.SSISDK.45.135+c34457e7",
-    "@sphereon/ssi-sdk.kv-store-temp": "0.34.1-feature.SSISDK.45.135+c34457e7",
-    "@sphereon/ssi-sdk.pd-manager": "0.34.1-feature.SSISDK.45.135+c34457e7",
-    "@sphereon/ssi-sdk.presentation-exchange": "0.34.1-feature.SSISDK.45.135+c34457e7",
-    "@sphereon/ssi-sdk.siopv2-oid4vp-common": "0.34.1-feature.SSISDK.45.135+c34457e7",
-    "@sphereon/ssi-sdk.siopv2-oid4vp-rp-auth": "0.34.1-feature.SSISDK.45.135+c34457e7",
-    "@sphereon/ssi-types": "0.34.1-feature.SSISDK.45.135+c34457e7",
+    "@sphereon/did-auth-siop": "0.19.1-feature.DIIPv4.161",
+    "@sphereon/ssi-express-support": "0.34.1-feature.SSISDK.45.189+b7e0c23f",
+    "@sphereon/ssi-sdk.core": "0.34.1-feature.SSISDK.45.189+b7e0c23f",
+    "@sphereon/ssi-sdk.credential-validation": "0.34.1-feature.SSISDK.45.189+b7e0c23f",
+    "@sphereon/ssi-sdk.kv-store-temp": "0.34.1-feature.SSISDK.45.189+b7e0c23f",
+    "@sphereon/ssi-sdk.pd-manager": "0.34.1-feature.SSISDK.45.189+b7e0c23f",
+    "@sphereon/ssi-sdk.presentation-exchange": "0.34.1-feature.SSISDK.45.189+b7e0c23f",
+    "@sphereon/ssi-sdk.siopv2-oid4vp-common": "0.34.1-feature.SSISDK.45.189+b7e0c23f",
+    "@sphereon/ssi-sdk.siopv2-oid4vp-rp-auth": "0.34.1-feature.SSISDK.45.189+b7e0c23f",
+    "@sphereon/ssi-types": "0.34.1-feature.SSISDK.45.189+b7e0c23f",
     "@veramo/core": "4.2.0",
     "@veramo/credential-w3c": "4.2.0",
     "awesome-qr": "^2.1.5-rc.0",
@@ -49,16 +49,14 @@
   },
   "devDependencies": {
     "@decentralized-identity/ion-sdk": "^0.6.0",
-    "@sphereon/did-auth-siop-adapter": "0.19.1-feature.SSISDK.45.120",
+    "@sphereon/did-auth-siop-adapter": "0.19.1-feature.DIIPv4.161",
     "@sphereon/did-uni-client": "^0.6.3",
-    "@sphereon/pex": "5.0.0-unstable.28",
-    "@sphereon/pex-models": "^2.3.2",
-    "@sphereon/ssi-sdk-ext.did-provider-jwk": "0.34.1-feature.SSISDK.45.135+c34457e7",
-    "@sphereon/ssi-sdk-ext.identifier-resolution": "0.34.1-feature.SSISDK.45.135+c34457e7",
-    "@sphereon/ssi-sdk-ext.jwt-service": "0.34.1-feature.SSISDK.45.135+c34457e7",
-    "@sphereon/ssi-sdk.credential-vcdm": "0.34.1-feature.SSISDK.45.135+c34457e7",
-    "@sphereon/ssi-sdk.credential-vcdm-jsonld-provider": "0.34.1-feature.SSISDK.45.135+c34457e7",
-    "@sphereon/ssi-sdk.data-store": "0.34.1-feature.SSISDK.45.135+c34457e7",
+    "@sphereon/ssi-sdk-ext.did-provider-jwk": "0.34.1-feature.SSISDK.45.189+b7e0c23f",
+    "@sphereon/ssi-sdk-ext.identifier-resolution": "0.34.1-feature.SSISDK.45.189+b7e0c23f",
+    "@sphereon/ssi-sdk-ext.jwt-service": "0.34.1-feature.SSISDK.45.189+b7e0c23f",
+    "@sphereon/ssi-sdk.credential-vcdm": "0.34.1-feature.SSISDK.45.189+b7e0c23f",
+    "@sphereon/ssi-sdk.credential-vcdm-jsonld-provider": "0.34.1-feature.SSISDK.45.189+b7e0c23f",
+    "@sphereon/ssi-sdk.data-store": "0.34.1-feature.SSISDK.45.189+b7e0c23f",
     "@types/body-parser": "^1.19.5",
     "@types/cookie-parser": "^1.4.7",
     "@types/cors": "^2.8.17",
@@ -117,5 +115,5 @@
     "OpenID Connect",
     "Authenticator"
   ],
-  "gitHead": "c34457e783e778691ef94a2a266dca8bc8a44404"
+  "gitHead": "b7e0c23f77ccaa650fc21d52315e28de54f38188"
 }

package/src/schemas/index.ts

@@ -1,22 +1,17 @@
+import { CallbackOptsSchema, RequestUriMethod, ResponseMode, ResponseType } from '@sphereon/did-auth-siop'
 import { z } from 'zod'
-import {
-  ResponseMode,
-  ResponseType,
-  RequestUriMethod,
-  CallbackOptsSchema
-} from '@sphereon/did-auth-siop'
 
-export const ResponseTypeSchema = z.enum([ResponseType.VP_TOKEN]);
+export const ResponseTypeSchema = z.enum([ResponseType.VP_TOKEN])
 
-export const ResponseModeSchema = z.enum([ResponseMode.DIRECT_POST, ResponseMode.DIRECT_POST_JWT]);
-
-export const RequestUriMethodSchema = z.enum(Object.values(RequestUriMethod));
+export const ResponseModeSchema = z.enum([ResponseMode.DIRECT_POST, ResponseMode.DIRECT_POST_JWT])
 
+const requestUriMethods = ['get', 'post'] as const satisfies Array<RequestUriMethod>
+export const RequestUriMethodSchema = z.enum(requestUriMethods)
 export const QRCodeOptsSchema = z.object({
   size: z.number().optional(),
   color_dark: z.string().optional(),
   color_light: z.string().optional(),
-});
+})
 
 export const CreateAuthorizationRequestBodySchema = z.object({
   query_id: z.string(),
@@ -30,7 +25,7 @@ export const CreateAuthorizationRequestBodySchema = z.object({
   qr_code: QRCodeOptsSchema.optional(),
   direct_post_response_redirect_uri: z.string().optional(),
   callback: CallbackOptsSchema.optional(),
-});
+})
 
 export const CreateAuthorizationResponseSchema = z.object({
   correlation_id: z.string(),
@@ -38,4 +33,4 @@ export const CreateAuthorizationResponseSchema = z.object({
   request_uri: z.string(),
   status_uri: z.string(),
   qr_uri: z.string().optional(),
-});
+})

package/src/siop-api-functions.ts

@@ -49,20 +49,18 @@ export function verifyAuthResponseSIOPv2Endpoint(router: Router, context: IRequi
   const path = opts?.path ?? '/siop/definitions/:definitionId/auth-responses/:correlationId'
   router.post(path, checkAuth(opts?.endpoint), async (request: Request, response: Response) => {
     try {
-      const { correlationId, tenantId, version, credentialQueryId } = request.params // TODO Can credentialQueryId be a request param
-      if (!correlationId || !credentialQueryId) {
-        console.log(
-          `No authorization request could be found for the given url. correlationId: ${correlationId}, credentialQueryId: ${credentialQueryId}`,
-        )
+      const { correlationId, queryId, tenantId, version } = request.params
+      if (!correlationId || !queryId) {
+        console.log(`No authorization request could be found for the given url. correlationId: ${correlationId}, queryId: ${queryId}`)
         return sendErrorResponse(response, 404, 'No authorization request could be found')
       }
       console.log('Authorization Response (siop-sessions')
       console.log(JSON.stringify(request.body, null, 2))
-      const definitionItems = await context.agent.pdmGetDefinitions({ filter: [{ definitionId: credentialQueryId, tenantId, version }] })
+      const definitionItems = await context.agent.pdmGetDefinitions({ filter: [{ queryId, tenantId, version }] })
       if (definitionItems.length === 0) {
-        console.log(`Could not get definition ${credentialQueryId} from agent. Will return 404`)
+        console.log(`Could not get definition ${queryId} from agent. Will return 404`)
         response.statusCode = 404
-        response.statusMessage = `No definition ${credentialQueryId}`
+        response.statusMessage = `No definition ${queryId}`
         return response.send()
       }
 
@@ -73,15 +71,14 @@ export function verifyAuthResponseSIOPv2Endpoint(router: Router, context: IRequi
       const verifiedResponse = await context.agent.siopVerifyAuthResponse({
         authorizationResponse,
         correlationId,
-        queryId: credentialQueryId,
-        dcqlQueryPayload: definitionItem.dcqlPayload,
+        queryId,
+        dcqlQuery: definitionItem.query,
       })
 
-      const wrappedPresentation = verifiedResponse?.oid4vpSubmission?.presentation[credentialQueryId]
-      if (wrappedPresentation) {
-        // const credentialSubject = wrappedPresentation.presentation.verifiableCredential[0]?.credential?.credentialSubject
-        // console.log(JSON.stringify(credentialSubject, null, 2))
-        console.log('PRESENTATION:' + JSON.stringify(wrappedPresentation.presentation, null, 2))
+      // FIXME SSISDK-55 add proper support for checking for DCQL presentations
+      const presentation = verifiedResponse?.oid4vpSubmission?.presentation
+      if (presentation && Object.keys(presentation).length > 0) {
+        console.log('PRESENTATIONS:' + JSON.stringify(verifiedResponse?.oid4vpSubmission?.presentation, null, 2))
         response.statusCode = 200
 
         const authorizationChallengeValidationResponse: AuthorizationChallengeValidationResponse = {
@@ -92,11 +89,7 @@ export function verifyAuthResponseSIOPv2Endpoint(router: Router, context: IRequi
           return response.send(JSON.stringify(authorizationChallengeValidationResponse))
         }
 
-        const responseRedirectURI = await context.agent.siopGetRedirectURI({
-          correlationId,
-          queryId: credentialQueryId,
-          state: verifiedResponse.state,
-        })
+        const responseRedirectURI = await context.agent.siopGetRedirectURI({ correlationId, queryId: queryId, state: verifiedResponse.state })
         if (responseRedirectURI) {
           response.setHeader('Content-Type', 'application/json')
           return response.send(JSON.stringify({ redirect_uri: responseRedirectURI }))

package/src/siopv2-rp-api-server.ts

@@ -1,6 +1,5 @@
 import { agentContext } from '@sphereon/ssi-sdk.core'
 import { copyGlobalAuthToEndpoints, ExpressSupport } from '@sphereon/ssi-express-support'
-import { IPresentationExchange } from '@sphereon/ssi-sdk.presentation-exchange'
 import { ISIOPv2RP } from '@sphereon/ssi-sdk.siopv2-oid4vp-rp-auth'
 import { TAgent } from '@veramo/core'
 import express, { Express, Request, Response, Router } from 'express'
@@ -17,7 +16,7 @@ import swaggerUi from 'swagger-ui-express'
 export class SIOPv2RPApiServer {
   private readonly _express: Express
   private readonly _router: Router
-  private readonly _agent: TAgent<IPresentationExchange & ISIOPv2RP>
+  private readonly _agent: TAgent<ISIOPv2RP>
   private readonly _opts?: ISIOPv2RPRestAPIOpts
   private readonly _basePath: string
 
@@ -92,7 +91,7 @@ export class SIOPv2RPApiServer {
     return this._router
   }
 
-  get agent(): TAgent<IPresentationExchange & ISIOPv2RP> {
+  get agent(): TAgent<ISIOPv2RP> {
     return this._agent
   }
 

package/src/types/types.ts

@@ -1,6 +1,5 @@
 import { IAgentContext, ICredentialVerifier } from '@veramo/core'
 import { GenericAuthArgs, ISingleEndpointOpts } from '@sphereon/ssi-express-support'
-import { IPresentationExchange } from '@sphereon/ssi-sdk.presentation-exchange'
 import { ISIOPv2RP } from '@sphereon/ssi-sdk.siopv2-oid4vp-rp-auth'
 import { IPDManager } from '@sphereon/ssi-sdk.pd-manager'
 import { AdditionalClaims } from '@sphereon/ssi-types'
@@ -34,7 +33,7 @@ export interface ICreateAuthRequestWebappEndpointOpts extends ISingleEndpointOpt
   responseRedirectURI?: string
 }
 
-export type IRequiredPlugins = ICredentialVerifier & ISIOPv2RP & IPresentationExchange & IPDManager
+export type IRequiredPlugins = ICredentialVerifier & ISIOPv2RP & IPDManager
 export type IRequiredContext = IAgentContext<IRequiredPlugins>
 
 export type CreateAuthorizationRequest = Request<Record<string, never>, any, CreateAuthorizationRequestBody, Record<string, never>>

package/src/universal-oid4vp-api-functions.ts

@@ -13,7 +13,7 @@ import {
   GetAuthorizationRequestStatus,
   AuthStatusResponse,
   ICreateAuthRequestWebappEndpointOpts,
-  IRequiredContext
+  IRequiredContext,
 } from './types'
 
 export function createAuthRequestUniversalOID4VPEndpoint(router: Router, context: IRequiredContext, opts?: ICreateAuthRequestWebappEndpointOpts) {
@@ -23,58 +23,63 @@ export function createAuthRequestUniversalOID4VPEndpoint(router: Router, context
   }
 
   const path = opts?.path ?? '/backend/auth/requests'
-  router.post(path, checkAuth(opts?.endpoint), validateData(CreateAuthorizationRequestBodySchema), async (request: CreateAuthorizationRequest, response: CreateAuthorizationResponse) => {
-    try {
-      const correlationId = request.body.correlation_id ?? uuid.uuid()
-      const qrCodeOpts = request.body.qr_code ?? opts?.qrCodeOpts
-      const queryId = request.body.query_id
-      const directPostResponseRedirectUri = request.body.direct_post_response_redirect_uri // TODO Uri not URI
-      const requestUriBase = request.body.request_uri_base
-      const callback = request.body.callback
-
-      const definitionItems = await context.agent.pdmGetDefinitions({ filter: [{ definitionId: queryId }] })
-      if (definitionItems.length === 0) {
+  router.post(
+    path,
+    checkAuth(opts?.endpoint),
+    validateData(CreateAuthorizationRequestBodySchema),
+    async (request: CreateAuthorizationRequest, response: CreateAuthorizationResponse) => {
+      try {
+        const correlationId = request.body.correlation_id ?? uuid.uuid()
+        const qrCodeOpts = request.body.qr_code ?? opts?.qrCodeOpts
+        const queryId = request.body.query_id
+        const directPostResponseRedirectUri = request.body.direct_post_response_redirect_uri // TODO Uri not URI
+        const requestUriBase = request.body.request_uri_base
+        const callback = request.body.callback
+
+        const definitionItems = await context.agent.pdmGetDefinitions({ filter: [{ queryId }] })
+        if (definitionItems.length === 0) {
           console.log(`No query could be found for the given id. Query id: ${queryId}`)
           return sendErrorResponse(response, 404, { status: 404, message: 'No query could be found' })
+        }
+
+        const requestByReferenceURI = uriWithBase(`/siop/definitions/${queryId}/auth-requests/${correlationId}`, {
+          baseURI: requestUriBase ?? opts?.siopBaseURI,
+        })
+        const responseURI = uriWithBase(`/siop/definitions/${queryId}/auth-responses/${correlationId}`, { baseURI: opts?.siopBaseURI })
+
+        const authRequestURI = await context.agent.siopCreateAuthRequestURI({
+          queryId,
+          correlationId,
+          nonce: uuid.uuid(),
+          requestByReferenceURI,
+          responseURIType: 'response_uri',
+          responseURI,
+          ...(directPostResponseRedirectUri && { responseRedirectURI: directPostResponseRedirectUri }),
+          callback,
+        })
+
+        let qrCodeDataUri: string | undefined
+        if (qrCodeOpts) {
+          const { AwesomeQR } = await import('awesome-qr')
+          const qrCode = new AwesomeQR({ ...qrCodeOpts, text: authRequestURI })
+          qrCodeDataUri = `data:image/png;base64,${(await qrCode.draw())!.toString('base64')}`
+        }
+
+        const authRequestBody = {
+          query_id: queryId,
+          correlation_id: correlationId,
+          request_uri: authRequestURI,
+          status_uri: `${uriWithBase(opts?.webappAuthStatusPath ?? `/backend/auth/status/${correlationId}`, { baseURI: opts?.webappBaseURI })}`,
+          ...(qrCodeDataUri && { qr_uri: qrCodeDataUri }),
+        } satisfies CreateAuthorizationRequestResponse
+        console.log(`Auth Request URI data to send back: ${JSON.stringify(authRequestBody)}`)
+
+        return response.status(201).json(authRequestBody)
+      } catch (error) {
+        return sendErrorResponse(response, 500, { status: 500, message: 'Could not create an authorization request URI' }, error)
       }
-
-      const requestByReferenceURI = uriWithBase(`/siop/definitions/${queryId}/auth-requests/${correlationId}`, {
-        baseURI: requestUriBase ?? opts?.siopBaseURI,
-      })
-      const responseURI = uriWithBase(`/siop/definitions/${queryId}/auth-responses/${correlationId}`, { baseURI: opts?.siopBaseURI })
-
-      const authRequestURI = await context.agent.siopCreateAuthRequestURI({
-        queryId,
-        correlationId,
-        nonce: uuid.uuid(),
-        requestByReferenceURI,
-        responseURIType: 'response_uri',
-        responseURI,
-        ...(directPostResponseRedirectUri && { responseRedirectURI: directPostResponseRedirectUri }),
-        callback
-      })
-
-      let qrCodeDataUri: string | undefined
-      if (qrCodeOpts) {
-        const { AwesomeQR } = await import('awesome-qr')
-        const qrCode = new AwesomeQR({ ...qrCodeOpts, text: authRequestURI })
-        qrCodeDataUri = `data:image/png;base64,${(await qrCode.draw())!.toString('base64')}`
-      }
-
-      const authRequestBody = {
-        query_id: queryId,
-        correlation_id: correlationId,
-        request_uri: authRequestURI,
-        status_uri: `${uriWithBase(opts?.webappAuthStatusPath ?? `/backend/auth/status/${correlationId}`, { baseURI: opts?.webappBaseURI })}`,
-        ...(qrCodeDataUri && { qr_uri: qrCodeDataUri }),
-      } satisfies CreateAuthorizationRequestResponse
-      console.log(`Auth Request URI data to send back: ${JSON.stringify(authRequestBody)}`)
-
-      return response.status(201).json(authRequestBody)
-    } catch (error) {
-      return sendErrorResponse(response, 500, { status: 500, message: 'Could not create an authorization request URI' }, error)
-    }
-  })
+    },
+  )
 }
 
 export function removeAuthRequestStateUniversalOID4VPEndpoint(router: Router, context: IRequiredContext, opts?: ISingleEndpointOpts) {
@@ -90,7 +95,7 @@ export function removeAuthRequestStateUniversalOID4VPEndpoint(router: Router, co
 
       const authRequestState = await context.agent.siopGetAuthRequestState({
         correlationId,
-        errorOnNotFound: false
+        errorOnNotFound: false,
       })
       if (!authRequestState) {
         console.log(`No authorization request could be found for the given correlationId. correlationId: ${correlationId}`)
@@ -120,7 +125,7 @@ export function authStatusUniversalOID4VPEndpoint(router: Router, context: IRequ
 
       const requestState = await context.agent.siopGetAuthRequestState({
         correlationId,
-        errorOnNotFound: false
+        errorOnNotFound: false,
       })
 
       if (!requestState) {
@@ -130,7 +135,7 @@ export function authStatusUniversalOID4VPEndpoint(router: Router, context: IRequ
 
       let responseState
       if (requestState.status === 'authorization_request_created') {
-        responseState = (await context.agent.siopGetAuthResponseState({ correlationId, errorOnNotFound: false }))
+        responseState = await context.agent.siopGetAuthResponseState({ correlationId, errorOnNotFound: false })
       }
       const overallState = responseState ?? requestState
 
@@ -139,8 +144,9 @@ export function authStatusUniversalOID4VPEndpoint(router: Router, context: IRequ
         correlation_id: overallState.correlationId,
         query_id: overallState.queryId,
         last_updated: overallState.lastUpdated,
-        ...((responseState?.status === AuthorizationResponseStateStatus.VERIFIED && responseState.verifiedData !== undefined) && { verifiedData: responseState.verifiedData }),
-        ...(overallState.error && { message: overallState.error.message })
+        ...(responseState?.status === AuthorizationResponseStateStatus.VERIFIED &&
+          responseState.verifiedData !== undefined && { verified_data: responseState.verifiedData }),
+        ...(overallState.error && { message: overallState.error.message }),
       } satisfies AuthStatusResponse
       console.debug(`Will send auth status: ${JSON.stringify(statusBody)}`)