@sphereon/ssi-sdk.siopv2-oid4vp-rp-rest-api 0.34.1-feature.SSISDK.46.42 → 0.34.1-feature.SSISDK.47.43

package/dist/index.cjs

@@ -199,7 +199,7 @@ __name(getAuthRequestSIOPv2Endpoint, "getAuthRequestSIOPv2Endpoint");
 // src/universal-oid4vp-api-functions.ts
 var import_did_auth_siop3 = require("@sphereon/did-auth-siop");
 var import_ssi_express_support2 = require("@sphereon/ssi-express-support");
-var import_ssi_sdk2 = require("@sphereon/ssi-sdk.siopv2-oid4vp-common");
+var import_ssi_sdk = require("@sphereon/ssi-sdk.siopv2-oid4vp-common");
 var import_short_uuid = __toESM(require("short-uuid"), 1);
 
 // src/middleware/validationMiddleware.ts
@@ -231,7 +231,6 @@ var validateData = /* @__PURE__ */ __name((schema) => {
 
 // src/schemas/index.ts
 var import_zod2 = require("zod");
-var import_ssi_sdk = require("@sphereon/ssi-sdk.siopv2-oid4vp-common");
 var import_did_auth_siop2 = require("@sphereon/did-auth-siop");
 var ResponseTypeSchema = import_zod2.z.enum([
   import_did_auth_siop2.ResponseType.VP_TOKEN
@@ -240,18 +239,7 @@ var ResponseModeSchema = import_zod2.z.enum([
   import_did_auth_siop2.ResponseMode.DIRECT_POST,
   import_did_auth_siop2.ResponseMode.DIRECT_POST_JWT
 ]);
-var RequestUriMethodSchema = import_zod2.z.enum([
-  import_did_auth_siop2.RequestUriMethod.GET,
-  import_did_auth_siop2.RequestUriMethod.POST
-]);
-var AuthorizationStatusSchema = import_zod2.z.enum([
-  ...import_ssi_sdk.authorizationRequestStatuses,
-  ...import_ssi_sdk.authorizationResponseStatuses
-]);
-var CallbackOptsSchema = import_zod2.z.object({
-  url: import_zod2.z.string(),
-  status: import_zod2.z.array(AuthorizationStatusSchema).optional()
-});
+var RequestUriMethodSchema = import_zod2.z.enum(Object.values(import_did_auth_siop2.RequestUriMethod));
 var QRCodeOptsSchema = import_zod2.z.object({
   size: import_zod2.z.number().optional(),
   color_dark: import_zod2.z.string().optional(),
@@ -268,7 +256,7 @@ var CreateAuthorizationRequestBodySchema = import_zod2.z.object({
   transaction_data: import_zod2.z.array(import_zod2.z.string()).optional(),
   qr_code: QRCodeOptsSchema.optional(),
   direct_post_response_redirect_uri: import_zod2.z.string().optional(),
-  callback: CallbackOptsSchema.optional()
+  callback: import_did_auth_siop2.CallbackOptsSchema.optional()
 });
 var CreateAuthorizationResponseSchema = import_zod2.z.object({
   correlation_id: import_zod2.z.string(),
@@ -292,6 +280,7 @@ function createAuthRequestUniversalOID4VPEndpoint(router, context, opts) {
       const queryId = request.body.query_id;
       const directPostResponseRedirectUri = request.body.direct_post_response_redirect_uri;
       const requestUriBase = request.body.request_uri_base;
+      const callback = request.body.callback;
       try {
         await context.agent.pdmGetDefinition({
           itemId: queryId
@@ -303,10 +292,10 @@ function createAuthRequestUniversalOID4VPEndpoint(router, context, opts) {
           message: "No query could be found"
         });
       }
-      const requestByReferenceURI = (0, import_ssi_sdk2.uriWithBase)(`/siop/definitions/${queryId}/auth-requests/${correlationId}`, {
+      const requestByReferenceURI = (0, import_ssi_sdk.uriWithBase)(`/siop/definitions/${queryId}/auth-requests/${correlationId}`, {
         baseURI: requestUriBase ?? opts?.siopBaseURI
       });
-      const responseURI = (0, import_ssi_sdk2.uriWithBase)(`/siop/definitions/${queryId}/auth-responses/${correlationId}`, {
+      const responseURI = (0, import_ssi_sdk.uriWithBase)(`/siop/definitions/${queryId}/auth-responses/${correlationId}`, {
         baseURI: opts?.siopBaseURI
       });
       const authRequestURI = await context.agent.siopCreateAuthRequestURI({
@@ -318,7 +307,8 @@ function createAuthRequestUniversalOID4VPEndpoint(router, context, opts) {
         responseURI,
         ...directPostResponseRedirectUri && {
           responseRedirectURI: directPostResponseRedirectUri
-        }
+        },
+        callback
       });
       let qrCodeDataUri;
       if (qrCodeOpts) {
@@ -333,7 +323,7 @@ function createAuthRequestUniversalOID4VPEndpoint(router, context, opts) {
         query_id: queryId,
         correlation_id: correlationId,
         request_uri: authRequestURI,
-        status_uri: `${(0, import_ssi_sdk2.uriWithBase)(opts?.webappAuthStatusPath ?? `/backend/auth/status/${correlationId}`, {
+        status_uri: `${(0, import_ssi_sdk.uriWithBase)(opts?.webappAuthStatusPath ?? `/backend/auth/status/${correlationId}`, {
           baseURI: opts?.webappBaseURI
         })}`,
         ...qrCodeDataUri && {
@@ -461,7 +451,7 @@ function getDefinitionsEndpoint(router, context, opts) {
 __name(getDefinitionsEndpoint, "getDefinitionsEndpoint");
 
 // src/siopv2-rp-api-server.ts
-var import_ssi_sdk3 = require("@sphereon/ssi-sdk.core");
+var import_ssi_sdk2 = require("@sphereon/ssi-sdk.core");
 var import_ssi_express_support3 = require("@sphereon/ssi-express-support");
 var import_express = __toESM(require("express"), 1);
 var import_swagger_ui_express = __toESM(require("swagger-ui-express"), 1);
@@ -498,7 +488,7 @@ var SIOPv2RPApiServer = class {
     this._opts = opts;
     this._express = args.expressSupport.express;
     this._router = import_express.default.Router();
-    const context = (0, import_ssi_sdk3.agentContext)(agent);
+    const context = (0, import_ssi_sdk2.agentContext)(agent);
     const features = opts?.enableFeatures ?? [
       "rp-status",
       "siop"

package/dist/index.cjs.map

@@ -1 +1 @@
-{"version":3,"sources":["../src/index.ts","../src/siop-api-functions.ts","../src/universal-oid4vp-api-functions.ts","../src/middleware/validationMiddleware.ts","../src/schemas/index.ts","../src/siopv2-rp-api-server.ts"],"sourcesContent":["/**\n * @public\n */\nexport * from './siop-api-functions'\nexport * from './universal-oid4vp-api-functions'\nexport * from './types'\nexport * from './siopv2-rp-api-server'\n","import { AuthorizationResponsePayload, PresentationDefinitionLocation } from '@sphereon/did-auth-siop'\nimport { checkAuth, ISingleEndpointOpts, sendErrorResponse } from '@sphereon/ssi-express-support'\nimport { CredentialMapper } from '@sphereon/ssi-types'\nimport { AuthorizationChallengeValidationResponse } from '@sphereon/ssi-sdk.siopv2-oid4vp-common'\nimport { Request, Response, Router } from 'express'\nimport { IRequiredContext } from './types'\n\nconst parseAuthorizationResponse = (request: Request): AuthorizationResponsePayload => {\n  const contentType = request.header('content-type')\n\n  if (contentType === 'application/json') {\n    const payload = typeof request.body === 'string' ? JSON.parse(request.body) : request.body\n    return payload as AuthorizationResponsePayload\n  }\n\n  if (contentType === 'application/x-www-form-urlencoded') {\n    const payload = request.body as AuthorizationResponsePayload\n\n    // Parse presentation_submission if it's a string\n    if (typeof payload.presentation_submission === 'string') {\n      console.log(`Supplied presentation_submission was a string instead of JSON. Correcting, but external party should fix their implementation!`)\n      payload.presentation_submission = JSON.parse(payload.presentation_submission)\n    }\n\n    // when using FORM_URL_ENCODED, vp_token comes back as string not matter whether the input was string, object or array. Handled below.\n    if (typeof payload.vp_token === 'string') {\n      const { vp_token } = payload\n\n      // The only use case where vp_object is an object is JsonLdAsString atm. For arrays, any objects will be parsed along with the array\n      // (Leaving the vp_token JsonLdAsString causes problems because the original credential will remain string and will be interpreted as JWT in some parts of the code)\n      if ((vp_token.startsWith('[') && vp_token.endsWith(']')) || CredentialMapper.isJsonLdAsString(vp_token)) {\n        payload.vp_token = JSON.parse(vp_token)\n      }\n    }\n\n    return payload\n  }\n\n  throw new Error(\n    `Unsupported content type: ${contentType}. Currently only application/x-www-form-urlencoded and application/json (for direct_post) are supported`,\n  )\n}\n\nexport function verifyAuthResponseSIOPv2Endpoint(\n  router: Router,\n  context: IRequiredContext,\n  opts?: ISingleEndpointOpts & { presentationDefinitionLocation?: PresentationDefinitionLocation },\n) {\n  if (opts?.enabled === false) {\n    console.log(`verifyAuthResponse SIOP endpoint is disabled`)\n    return\n  }\n  const path = opts?.path ?? '/siop/definitions/:definitionId/auth-responses/:correlationId'\n  router.post(path, checkAuth(opts?.endpoint), async (request: Request, response: Response) => {\n    try {\n      const { correlationId, definitionId, tenantId, version } = request.params\n      if (!correlationId || !definitionId) {\n        console.log(`No authorization request could be found for the given url. correlationId: ${correlationId}, definitionId: ${definitionId}`)\n        return sendErrorResponse(response, 404, 'No authorization request could be found')\n      }\n      console.log('Authorization Response (siop-sessions')\n      console.log(JSON.stringify(request.body, null, 2))\n      const definitionItems = await context.agent.pdmGetDefinitions({ filter: [{ definitionId, tenantId, version }] })\n      if (definitionItems.length === 0) {\n        console.log(`Could not get definition ${definitionId} from agent. Will return 404`)\n        response.statusCode = 404\n        response.statusMessage = `No definition ${definitionId}`\n        return response.send()\n      }\n\n      const authorizationResponse = parseAuthorizationResponse(request)\n      console.log(`URI: ${JSON.stringify(authorizationResponse)}`)\n\n      const definitionItem = definitionItems[0]\n      const verifiedResponse = await context.agent.siopVerifyAuthResponse({\n        authorizationResponse,\n        correlationId,\n        queryId: definitionId,\n        presentationDefinitions: [\n          {\n            location: opts?.presentationDefinitionLocation ?? PresentationDefinitionLocation.TOPLEVEL_PRESENTATION_DEF,\n            definition: definitionItem.definitionPayload,\n          },\n        ],\n        dcqlQuery: definitionItem.dcqlPayload,\n      })\n\n      const wrappedPresentation = verifiedResponse?.oid4vpSubmission?.presentations[0]\n      if (wrappedPresentation) {\n        // const credentialSubject = wrappedPresentation.presentation.verifiableCredential[0]?.credential?.credentialSubject\n        // console.log(JSON.stringify(credentialSubject, null, 2))\n        console.log('PRESENTATION:' + JSON.stringify(wrappedPresentation.presentation, null, 2))\n        response.statusCode = 200\n\n        const authorizationChallengeValidationResponse: AuthorizationChallengeValidationResponse = {\n          presentation_during_issuance_session: verifiedResponse.correlationId,\n        }\n        if (authorizationResponse.is_first_party) {\n          response.setHeader('Content-Type', 'application/json')\n          return response.send(JSON.stringify(authorizationChallengeValidationResponse))\n        }\n\n        const responseRedirectURI = await context.agent.siopGetRedirectURI({ correlationId, queryId: definitionId, state: verifiedResponse.state })\n        if (responseRedirectURI) {\n          response.setHeader('Content-Type', 'application/json')\n          return response.send(JSON.stringify({ redirect_uri: responseRedirectURI }))\n        }\n        // todo: delete session\n      } else {\n        console.log('Missing Presentation (Verifiable Credentials)')\n        response.statusCode = 500\n        response.statusMessage = 'Missing Presentation (Verifiable Credentials)'\n      }\n      return response.send()\n    } catch (error) {\n      console.error(error)\n      return sendErrorResponse(response, 500, 'Could not verify auth status', error)\n    }\n  })\n}\n\nexport function getAuthRequestSIOPv2Endpoint(router: Router, context: IRequiredContext, opts?: ISingleEndpointOpts) {\n  if (opts?.enabled === false) {\n    console.log(`getAuthRequest SIOP endpoint is disabled`)\n    return\n  }\n  const path = opts?.path ?? '/siop/definitions/:definitionId/auth-requests/:correlationId'\n  router.get(path, checkAuth(opts?.endpoint), async (request: Request, response: Response) => {\n    try {\n      const correlationId = request.params.correlationId\n      const definitionId = request.params.definitionId\n      if (!correlationId || !definitionId) {\n        console.log(`No authorization request could be found for the given url. correlationId: ${correlationId}, definitionId: ${definitionId}`)\n        return sendErrorResponse(response, 404, 'No authorization request could be found')\n      }\n      const requestState = await context.agent.siopGetAuthRequestState({\n        correlationId,\n        queryId: definitionId,\n        errorOnNotFound: false,\n      })\n      if (!requestState) {\n        console.log(\n          `No authorization request could be found for the given url in the state manager. correlationId: ${correlationId}, definitionId: ${definitionId}`,\n        )\n        return sendErrorResponse(response, 404, `No authorization request could be found`)\n      }\n      const requestObject = await requestState.request?.requestObject?.toJwt()\n      console.log('JWT Request object:')\n      console.log(requestObject)\n\n      let error: string | undefined\n      try {\n        response.statusCode = 200\n        response.setHeader('Content-Type', 'application/jwt')\n        return response.send(requestObject)\n      } catch (e) {\n        error = typeof e === 'string' ? e : e instanceof Error ? e.message : undefined\n        return sendErrorResponse(response, 500, 'Could not get authorization request', e)\n      } finally {\n        await context.agent.siopUpdateAuthRequestState({\n          correlationId,\n          queryId: definitionId,\n          state: 'authorization_request_created',\n          error,\n        })\n      }\n    } catch (error) {\n      return sendErrorResponse(response, 500, 'Could not get authorization request', error)\n    }\n  })\n}\n","import { AuthorizationResponseStateStatus } from '@sphereon/did-auth-siop'\nimport { checkAuth, ISingleEndpointOpts, sendErrorResponse } from '@sphereon/ssi-express-support'\nimport { uriWithBase } from '@sphereon/ssi-sdk.siopv2-oid4vp-common'\nimport { Request, Response, Router } from 'express'\nimport uuid from 'short-uuid'\nimport { validateData } from './middleware/validationMiddleware'\nimport { CreateAuthorizationRequestBodySchema } from './schemas'\nimport {\n  CreateAuthorizationRequest,\n  CreateAuthorizationRequestResponse,\n  CreateAuthorizationResponse,\n  DeleteAuthorizationRequest,\n  GetAuthorizationRequestStatus,\n  GetAuthStatusResponse,\n  ICreateAuthRequestWebappEndpointOpts,\n  IRequiredContext\n} from './types'\n\nexport function createAuthRequestUniversalOID4VPEndpoint(router: Router, context: IRequiredContext, opts?: ICreateAuthRequestWebappEndpointOpts) {\n  if (opts?.enabled === false) {\n    console.log(`createAuthRequest universal OID4VP endpoint is disabled`)\n    return\n  }\n\n  const path = opts?.path ?? '/backend/auth/requests'\n  router.post(path, checkAuth(opts?.endpoint), validateData(CreateAuthorizationRequestBodySchema), async (request: CreateAuthorizationRequest, response: CreateAuthorizationResponse) => {\n    try {\n      const correlationId = request.body.correlation_id ?? uuid.uuid()\n      const qrCodeOpts = request.body.qr_code ?? opts?.qrCodeOpts\n      const queryId = request.body.query_id\n      const directPostResponseRedirectUri = request.body.direct_post_response_redirect_uri // TODO Uri not URI\n      const requestUriBase = request.body.request_uri_base\n\n      try {\n        await context.agent.pdmGetDefinition({ itemId: queryId })\n      } catch(e) {\n        console.log(`No query could be found for the given id. Query id: ${queryId}`)\n        return sendErrorResponse(response, 404, { status: 404, message: 'No query could be found' })\n      }\n\n      const requestByReferenceURI = uriWithBase(`/siop/definitions/${queryId}/auth-requests/${correlationId}`, {\n        baseURI: requestUriBase ?? opts?.siopBaseURI,\n      })\n      const responseURI = uriWithBase(`/siop/definitions/${queryId}/auth-responses/${correlationId}`, { baseURI: opts?.siopBaseURI })\n\n      const authRequestURI = await context.agent.siopCreateAuthRequestURI({\n        queryId,\n        correlationId,\n        nonce: uuid.uuid(),\n        requestByReferenceURI,\n        responseURIType: 'response_uri',\n        responseURI,\n        ...(directPostResponseRedirectUri && { responseRedirectURI: directPostResponseRedirectUri }),\n      })\n\n      let qrCodeDataUri: string | undefined\n      if (qrCodeOpts) {\n        const { AwesomeQR } = await import('awesome-qr')\n        const qrCode = new AwesomeQR({ ...qrCodeOpts, text: authRequestURI })\n        qrCodeDataUri = `data:image/png;base64,${(await qrCode.draw())!.toString('base64')}`\n      }\n\n      const authRequestBody = {\n        query_id: queryId,\n        correlation_id: correlationId,\n        request_uri: authRequestURI,\n        status_uri: `${uriWithBase(opts?.webappAuthStatusPath ?? `/backend/auth/status/${correlationId}`, { baseURI: opts?.webappBaseURI })}`,\n        ...(qrCodeDataUri && { qr_uri: qrCodeDataUri }),\n      } satisfies CreateAuthorizationRequestResponse\n      console.log(`Auth Request URI data to send back: ${JSON.stringify(authRequestBody)}`)\n\n      return response.status(201).json(authRequestBody)\n    } catch (error) {\n      return sendErrorResponse(response, 500, { status: 500, message: 'Could not create an authorization request URI' }, error)\n    }\n  })\n}\n\nexport function removeAuthRequestStateUniversalOID4VPEndpoint(router: Router, context: IRequiredContext, opts?: ISingleEndpointOpts) {\n  if (opts?.enabled === false) {\n    console.log(`removeAuthStatus universal OID4VP endpoint is disabled`)\n    return\n  }\n\n  const path = opts?.path ?? '/backend/auth/requests/:correlationId'\n  router.delete(path, checkAuth(opts?.endpoint), async (request: DeleteAuthorizationRequest, response: Response) => {\n    try {\n      const correlationId: string = request.params.correlationId\n\n      const authRequestState = await context.agent.siopGetAuthRequestState({\n        correlationId,\n        errorOnNotFound: false\n      })\n      if (!authRequestState) {\n        console.log(`No authorization request could be found for the given correlationId. correlationId: ${correlationId}`)\n        return sendErrorResponse(response, 404, { status: 404, message: 'No authorization request could be found' })\n      }\n\n      await context.agent.siopDeleteAuthState({ correlationId })\n\n      return response.status(204).json()\n    } catch (error) {\n      return sendErrorResponse(response, 500, { status: 500, message: error.message }, error)\n    }\n  })\n}\n\nexport function authStatusUniversalOID4VPEndpoint(router: Router, context: IRequiredContext, opts?: ISingleEndpointOpts) {\n  if (opts?.enabled === false) {\n    console.log(`authStatus universal OID4VP endpoint is disabled`)\n    return\n  }\n\n  const path = opts?.path ?? '/backend/auth/status/:correlationId'\n  router.get(path, checkAuth(opts?.endpoint), async (request: GetAuthorizationRequestStatus, response: Response) => {\n    try {\n      console.log('Received auth-status request...')\n      const correlationId: string = request.params.correlationId\n\n      const requestState = await context.agent.siopGetAuthRequestState({\n        correlationId,\n        errorOnNotFound: false\n      })\n\n      if (!requestState) {\n        console.log(`No authorization request could be found for the given correlationId. correlationId: ${correlationId}`)\n        return sendErrorResponse(response, 404, { status: 404, message: 'No authorization request could be found' })\n      }\n\n      let responseState\n      if (requestState.status === 'authorization_request_created') {\n        responseState = (await context.agent.siopGetAuthResponseState({ correlationId, errorOnNotFound: false }))\n      }\n      const overallState = responseState ?? requestState\n\n      const statusBody = {\n        status: overallState.status,\n        correlation_id: overallState.correlationId,\n        query_id: overallState.queryId,\n        last_updated: overallState.lastUpdated,\n        ...((responseState?.status === AuthorizationResponseStateStatus.VERIFIED && responseState.verifiedData !== undefined) && { verifiedData: responseState.verifiedData }),\n        ...(overallState.error && { message: overallState.error.message })\n      } satisfies GetAuthStatusResponse\n      console.debug(`Will send auth status: ${JSON.stringify(statusBody)}`)\n\n      if (overallState.status === 'error') {\n        return response.status(500).json(statusBody)\n      }\n      return response.status(200).json(statusBody)\n    } catch (error) {\n      return sendErrorResponse(response, 500, { status: 500, message: error.message }, error)\n    }\n  })\n}\n\nexport function getDefinitionsEndpoint(router: Router, context: IRequiredContext, opts?: ISingleEndpointOpts) {\n  if (opts?.enabled === false) {\n    console.log(`getDefinitions universal OID4VP endpoint is disabled`)\n    return\n  }\n\n  const path = opts?.path ?? '/backend/definitions'\n  router.get(path, checkAuth(opts?.endpoint), async (request: Request, response: Response) => {\n    try {\n      const definitions = await context.agent.pdmGetDefinitions()\n      response.statusCode = 200\n      return response.json(definitions)\n    } catch (error) {\n      return sendErrorResponse(response, 500, { status: 500, message: error.message }, error)\n    }\n  })\n}\n","import { Request, Response, NextFunction } from 'express';\nimport { z, ZodError } from 'zod';\n\nexport const validateData = (schema: z.ZodObject<any, any>) => {\n  return (req: Request, res: Response, next: NextFunction) => {\n    try {\n      schema.parse(req.body);\n      next();\n    } catch (error) {\n      if (error instanceof ZodError) {\n        const errorMessages = error.issues.map((issue: any) => ({\n          message: `${issue.path.join('.')} is ${issue.message}`,\n        }))\n        res.status(400).json({ status: 400, message: 'Invalid data', error_details: errorMessages[0].message });\n      } else {\n        res.status(500).json({ status: 500, message: 'Internal Server Error' });\n      }\n    }\n  };\n}\n","import { z } from 'zod';\nimport {\n  authorizationRequestStatuses,\n  authorizationResponseStatuses\n} from '@sphereon/ssi-sdk.siopv2-oid4vp-common'\nimport { ResponseMode, ResponseType, RequestUriMethod } from '@sphereon/did-auth-siop'\n\nexport const ResponseTypeSchema = z.enum([ResponseType.VP_TOKEN]);\n\nexport const ResponseModeSchema = z.enum([ResponseMode.DIRECT_POST, ResponseMode.DIRECT_POST_JWT]);\n\nexport const RequestUriMethodSchema = z.enum([RequestUriMethod.GET, RequestUriMethod.POST]);\n\nexport const AuthorizationStatusSchema = z.enum([\n  ...authorizationRequestStatuses,\n  ...authorizationResponseStatuses\n]);\n\nexport const CallbackOptsSchema = z.object({\n  url: z.string(),\n  status: z.array(AuthorizationStatusSchema).optional(),\n});\n\nexport const QRCodeOptsSchema = z.object({\n  size: z.number().optional(),\n  color_dark: z.string().optional(),\n  color_light: z.string().optional(),\n});\n\nexport const CreateAuthorizationRequestBodySchema = z.object({\n  query_id: z.string(),\n  client_id: z.string().optional(),\n  request_uri_base: z.string().optional(),\n  correlation_id: z.string().optional(),\n  request_uri_method: RequestUriMethodSchema.optional(),\n  response_type: ResponseTypeSchema.optional(),\n  response_mode: ResponseModeSchema.optional(),\n  transaction_data: z.array(z.string()).optional(),\n  qr_code: QRCodeOptsSchema.optional(),\n  direct_post_response_redirect_uri: z.string().optional(),\n  callback: CallbackOptsSchema.optional(),\n});\n\nexport const CreateAuthorizationResponseSchema = z.object({\n  correlation_id: z.string(),\n  query_id: z.string(),\n  request_uri: z.string(),\n  status_uri: z.string(),\n  qr_uri: z.string().optional(),\n});\n","import { agentContext } from '@sphereon/ssi-sdk.core'\nimport { copyGlobalAuthToEndpoints, ExpressSupport } from '@sphereon/ssi-express-support'\nimport { IPresentationExchange } from '@sphereon/ssi-sdk.presentation-exchange'\nimport { ISIOPv2RP } from '@sphereon/ssi-sdk.siopv2-oid4vp-rp-auth'\nimport { TAgent } from '@veramo/core'\nimport express, { Express, Request, Response, Router } from 'express'\nimport { getAuthRequestSIOPv2Endpoint, verifyAuthResponseSIOPv2Endpoint } from './siop-api-functions'\nimport { IRequiredPlugins, ISIOPv2RPRestAPIOpts } from './types'\nimport {\n  authStatusUniversalOID4VPEndpoint,\n  createAuthRequestUniversalOID4VPEndpoint,\n  getDefinitionsEndpoint,\n  removeAuthRequestStateUniversalOID4VPEndpoint,\n} from './universal-oid4vp-api-functions'\nimport swaggerUi from 'swagger-ui-express'\n\nexport class SIOPv2RPApiServer {\n  private readonly _express: Express\n  private readonly _router: Router\n  private readonly _agent: TAgent<IPresentationExchange & ISIOPv2RP>\n  private readonly _opts?: ISIOPv2RPRestAPIOpts\n  private readonly _basePath: string\n\n  private readonly OID4VP_SWAGGER_URL = 'https://api.swaggerhub.com/apis/SphereonInt/OID4VP/0.1.0'\n  constructor(args: { agent: TAgent<IRequiredPlugins>; expressSupport: ExpressSupport; opts?: ISIOPv2RPRestAPIOpts }) {\n    const { agent, opts } = args\n    this._agent = agent\n    copyGlobalAuthToEndpoints({ opts, keys: ['webappCreateAuthRequest', 'webappAuthStatus', 'webappDeleteAuthRequest'] })\n    if (opts?.endpointOpts?.globalAuth?.secureSiopEndpoints) {\n      copyGlobalAuthToEndpoints({ opts, keys: ['siopGetAuthRequest', 'siopVerifyAuthResponse'] })\n    }\n\n    this._opts = opts\n    this._express = args.expressSupport.express\n    this._router = express.Router()\n    const context = agentContext(agent)\n\n    const features = opts?.enableFeatures ?? ['rp-status', 'siop']\n    console.log(`SIOPv2 API enabled, with features: ${JSON.stringify(features)}}`)\n\n    // Webapp endpoints\n    if (features.includes('rp-status')) {\n      createAuthRequestUniversalOID4VPEndpoint(this._router, context, opts?.endpointOpts?.webappCreateAuthRequest)\n      authStatusUniversalOID4VPEndpoint(this._router, context, opts?.endpointOpts?.webappAuthStatus)\n      removeAuthRequestStateUniversalOID4VPEndpoint(this._router, context, opts?.endpointOpts?.webappDeleteAuthRequest)\n      getDefinitionsEndpoint(this._router, context, opts?.endpointOpts?.webappGetDefinitions)\n    }\n\n    // SIOPv2 endpoints\n    if (features.includes('siop')) {\n      getAuthRequestSIOPv2Endpoint(this._router, context, opts?.endpointOpts?.siopGetAuthRequest)\n      verifyAuthResponseSIOPv2Endpoint(this._router, context, opts?.endpointOpts?.siopVerifyAuthResponse)\n    }\n    this._basePath = opts?.endpointOpts?.basePath ?? ''\n    this._express.use(this._basePath, this.router)\n    this._express.set('trust proxy', opts?.endpointOpts?.trustProxy ?? true)\n    this.setupSwaggerUi()\n  }\n\n  private setupSwaggerUi() {\n    fetch(this.OID4VP_SWAGGER_URL)\n      .then((res) => res.json())\n      .then((swagger: any) => {\n        const apiDocs = `${this._basePath}/api-docs`\n        console.log(`[OID4P] API docs available at ${apiDocs}`)\n\n        this._router.use(\n          '/api-docs',\n          (req: Request, res: Response, next: any) => {\n            const regex = `${apiDocs.replace(/\\//, '\\/')}`.replace('/oid4vp', '').replace(/\\/api-docs.*/, '')\n            swagger.servers = [{ url: `${req.protocol}://${req.get('host')}${regex}`, description: 'This server' }]\n            // @ts-ignore\n            req.swaggerDoc = swagger\n            next()\n          },\n          swaggerUi.serveFiles(swagger, options),\n          swaggerUi.setup(),\n        )\n      })\n      .catch((err) => {\n        console.log(`[OID4VP] Unable to fetch swagger document: ${err}. Will not host api-docs on this instance`)\n      })\n    const options = {\n      // customCss: '.swagger-ui .topbar { display: none }',\n    }\n  }\n  get express(): Express {\n    return this._express\n  }\n\n  get router(): Router {\n    return this._router\n  }\n\n  get agent(): TAgent<IPresentationExchange & ISIOPv2RP> {\n    return this._agent\n  }\n\n  get opts(): ISIOPv2RPRestAPIOpts | undefined {\n    return this._opts\n  }\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA;;;;;;;;;;;;;ACAA,2BAA6E;AAC7E,iCAAkE;AAClE,uBAAiC;AAKjC,IAAMA,6BAA6B,wBAACC,YAAAA;AAClC,QAAMC,cAAcD,QAAQE,OAAO,cAAA;AAEnC,MAAID,gBAAgB,oBAAoB;AACtC,UAAME,UAAU,OAAOH,QAAQI,SAAS,WAAWC,KAAKC,MAAMN,QAAQI,IAAI,IAAIJ,QAAQI;AACtF,WAAOD;EACT;AAEA,MAAIF,gBAAgB,qCAAqC;AACvD,UAAME,UAAUH,QAAQI;AAGxB,QAAI,OAAOD,QAAQI,4BAA4B,UAAU;AACvDC,cAAQC,IAAI,gIAAgI;AAC5IN,cAAQI,0BAA0BF,KAAKC,MAAMH,QAAQI,uBAAuB;IAC9E;AAGA,QAAI,OAAOJ,QAAQO,aAAa,UAAU;AACxC,YAAM,EAAEA,SAAQ,IAAKP;AAIrB,UAAKO,SAASC,WAAW,GAAA,KAAQD,SAASE,SAAS,GAAA,KAASC,kCAAiBC,iBAAiBJ,QAAAA,GAAW;AACvGP,gBAAQO,WAAWL,KAAKC,MAAMI,QAAAA;MAChC;IACF;AAEA,WAAOP;EACT;AAEA,QAAM,IAAIY,MACR,6BAA6Bd,WAAAA,yGAAoH;AAErJ,GAlCmC;AAoC5B,SAASe,iCACdC,QACAC,SACAC,MAAgG;AAEhG,MAAIA,MAAMC,YAAY,OAAO;AAC3BZ,YAAQC,IAAI,8CAA8C;AAC1D;EACF;AACA,QAAMY,OAAOF,MAAME,QAAQ;AAC3BJ,SAAOK,KAAKD,UAAME,sCAAUJ,MAAMK,QAAAA,GAAW,OAAOxB,SAAkByB,aAAAA;AACpE,QAAI;AACF,YAAM,EAAEC,eAAeC,cAAcC,UAAUC,QAAO,IAAK7B,QAAQ8B;AACnE,UAAI,CAACJ,iBAAiB,CAACC,cAAc;AACnCnB,gBAAQC,IAAI,6EAA6EiB,aAAAA,mBAAgCC,YAAAA,EAAc;AACvI,mBAAOI,8CAAkBN,UAAU,KAAK,yCAAA;MAC1C;AACAjB,cAAQC,IAAI,uCAAA;AACZD,cAAQC,IAAIJ,KAAK2B,UAAUhC,QAAQI,MAAM,MAAM,CAAA,CAAA;AAC/C,YAAM6B,kBAAkB,MAAMf,QAAQgB,MAAMC,kBAAkB;QAAEC,QAAQ;UAAC;YAAET;YAAcC;YAAUC;UAAQ;;MAAG,CAAA;AAC9G,UAAII,gBAAgBI,WAAW,GAAG;AAChC7B,gBAAQC,IAAI,4BAA4BkB,YAAAA,8BAA0C;AAClFF,iBAASa,aAAa;AACtBb,iBAASc,gBAAgB,iBAAiBZ,YAAAA;AAC1C,eAAOF,SAASe,KAAI;MACtB;AAEA,YAAMC,wBAAwB1C,2BAA2BC,OAAAA;AACzDQ,cAAQC,IAAI,QAAQJ,KAAK2B,UAAUS,qBAAAA,CAAAA,EAAwB;AAE3D,YAAMC,iBAAiBT,gBAAgB,CAAA;AACvC,YAAMU,mBAAmB,MAAMzB,QAAQgB,MAAMU,uBAAuB;QAClEH;QACAf;QACAmB,SAASlB;QACTmB,yBAAyB;UACvB;YACEC,UAAU5B,MAAM6B,kCAAkCC,oDAA+BC;YACjFC,YAAYT,eAAeU;UAC7B;;QAEFC,WAAWX,eAAeY;MAC5B,CAAA;AAEA,YAAMC,sBAAsBZ,kBAAkBa,kBAAkBC,cAAc,CAAA;AAC9E,UAAIF,qBAAqB;AAGvB/C,gBAAQC,IAAI,kBAAkBJ,KAAK2B,UAAUuB,oBAAoBG,cAAc,MAAM,CAAA,CAAA;AACrFjC,iBAASa,aAAa;AAEtB,cAAMqB,2CAAqF;UACzFC,sCAAsCjB,iBAAiBjB;QACzD;AACA,YAAIe,sBAAsBoB,gBAAgB;AACxCpC,mBAASqC,UAAU,gBAAgB,kBAAA;AACnC,iBAAOrC,SAASe,KAAKnC,KAAK2B,UAAU2B,wCAAAA,CAAAA;QACtC;AAEA,cAAMI,sBAAsB,MAAM7C,QAAQgB,MAAM8B,mBAAmB;UAAEtC;UAAemB,SAASlB;UAAcsC,OAAOtB,iBAAiBsB;QAAM,CAAA;AACzI,YAAIF,qBAAqB;AACvBtC,mBAASqC,UAAU,gBAAgB,kBAAA;AACnC,iBAAOrC,SAASe,KAAKnC,KAAK2B,UAAU;YAAEkC,cAAcH;UAAoB,CAAA,CAAA;QAC1E;MAEF,OAAO;AACLvD,gBAAQC,IAAI,+CAAA;AACZgB,iBAASa,aAAa;AACtBb,iBAASc,gBAAgB;MAC3B;AACA,aAAOd,SAASe,KAAI;IACtB,SAAS2B,OAAO;AACd3D,cAAQ2D,MAAMA,KAAAA;AACd,iBAAOpC,8CAAkBN,UAAU,KAAK,gCAAgC0C,KAAAA;IAC1E;EACF,CAAA;AACF;AA5EgBnD;AA8ET,SAASoD,6BAA6BnD,QAAgBC,SAA2BC,MAA0B;AAChH,MAAIA,MAAMC,YAAY,OAAO;AAC3BZ,YAAQC,IAAI,0CAA0C;AACtD;EACF;AACA,QAAMY,OAAOF,MAAME,QAAQ;AAC3BJ,SAAOoD,IAAIhD,UAAME,sCAAUJ,MAAMK,QAAAA,GAAW,OAAOxB,SAAkByB,aAAAA;AACnE,QAAI;AACF,YAAMC,gBAAgB1B,QAAQ8B,OAAOJ;AACrC,YAAMC,eAAe3B,QAAQ8B,OAAOH;AACpC,UAAI,CAACD,iBAAiB,CAACC,cAAc;AACnCnB,gBAAQC,IAAI,6EAA6EiB,aAAAA,mBAAgCC,YAAAA,EAAc;AACvI,mBAAOI,8CAAkBN,UAAU,KAAK,yCAAA;MAC1C;AACA,YAAM6C,eAAe,MAAMpD,QAAQgB,MAAMqC,wBAAwB;QAC/D7C;QACAmB,SAASlB;QACT6C,iBAAiB;MACnB,CAAA;AACA,UAAI,CAACF,cAAc;AACjB9D,gBAAQC,IACN,kGAAkGiB,aAAAA,mBAAgCC,YAAAA,EAAc;AAElJ,mBAAOI,8CAAkBN,UAAU,KAAK,yCAAyC;MACnF;AACA,YAAMgD,gBAAgB,MAAMH,aAAatE,SAASyE,eAAeC,MAAAA;AACjElE,cAAQC,IAAI,qBAAA;AACZD,cAAQC,IAAIgE,aAAAA;AAEZ,UAAIN;AACJ,UAAI;AACF1C,iBAASa,aAAa;AACtBb,iBAASqC,UAAU,gBAAgB,iBAAA;AACnC,eAAOrC,SAASe,KAAKiC,aAAAA;MACvB,SAASE,GAAG;AACVR,gBAAQ,OAAOQ,MAAM,WAAWA,IAAIA,aAAa5D,QAAQ4D,EAAEC,UAAUC;AACrE,mBAAO9C,8CAAkBN,UAAU,KAAK,uCAAuCkD,CAAAA;MACjF,UAAA;AACE,cAAMzD,QAAQgB,MAAM4C,2BAA2B;UAC7CpD;UACAmB,SAASlB;UACTsC,OAAO;UACPE;QACF,CAAA;MACF;IACF,SAASA,OAAO;AACd,iBAAOpC,8CAAkBN,UAAU,KAAK,uCAAuC0C,KAAAA;IACjF;EACF,CAAA;AACF;AAjDgBC;;;ACzHhB,IAAAW,wBAAiD;AACjD,IAAAC,8BAAkE;AAClE,IAAAC,kBAA4B;AAE5B,wBAAiB;;;ACHjB,iBAA4B;AAErB,IAAMC,eAAe,wBAACC,WAAAA;AAC3B,SAAO,CAACC,KAAcC,KAAeC,SAAAA;AACnC,QAAI;AACFH,aAAOI,MAAMH,IAAII,IAAI;AACrBF,WAAAA;IACF,SAASG,OAAO;AACd,UAAIA,iBAAiBC,qBAAU;AAC7B,cAAMC,gBAAgBF,MAAMG,OAAOC,IAAI,CAACC,WAAgB;UACtDC,SAAS,GAAGD,MAAME,KAAKC,KAAK,GAAA,CAAA,OAAWH,MAAMC,OAAO;QACtD,EAAA;AACAV,YAAIa,OAAO,GAAA,EAAKC,KAAK;UAAED,QAAQ;UAAKH,SAAS;UAAgBK,eAAeT,cAAc,CAAA,EAAGI;QAAQ,CAAA;MACvG,OAAO;AACLV,YAAIa,OAAO,GAAA,EAAKC,KAAK;UAAED,QAAQ;UAAKH,SAAS;QAAwB,CAAA;MACvE;IACF;EACF;AACF,GAhB4B;;;ACH5B,IAAAM,cAAkB;AAClB,qBAGO;AACP,IAAAC,wBAA6D;AAEtD,IAAMC,qBAAqBC,cAAEC,KAAK;EAACC,mCAAaC;CAAS;AAEzD,IAAMC,qBAAqBJ,cAAEC,KAAK;EAACI,mCAAaC;EAAaD,mCAAaE;CAAgB;AAE1F,IAAMC,yBAAyBR,cAAEC,KAAK;EAACQ,uCAAiBC;EAAKD,uCAAiBE;CAAK;AAEnF,IAAMC,4BAA4BZ,cAAEC,KAAK;KAC3CY;KACAC;CACJ;AAEM,IAAMC,qBAAqBf,cAAEgB,OAAO;EACzCC,KAAKjB,cAAEkB,OAAM;EACbC,QAAQnB,cAAEoB,MAAMR,yBAAAA,EAA2BS,SAAQ;AACrD,CAAA;AAEO,IAAMC,mBAAmBtB,cAAEgB,OAAO;EACvCO,MAAMvB,cAAEwB,OAAM,EAAGH,SAAQ;EACzBI,YAAYzB,cAAEkB,OAAM,EAAGG,SAAQ;EAC/BK,aAAa1B,cAAEkB,OAAM,EAAGG,SAAQ;AAClC,CAAA;AAEO,IAAMM,uCAAuC3B,cAAEgB,OAAO;EAC3DY,UAAU5B,cAAEkB,OAAM;EAClBW,WAAW7B,cAAEkB,OAAM,EAAGG,SAAQ;EAC9BS,kBAAkB9B,cAAEkB,OAAM,EAAGG,SAAQ;EACrCU,gBAAgB/B,cAAEkB,OAAM,EAAGG,SAAQ;EACnCW,oBAAoBxB,uBAAuBa,SAAQ;EACnDY,eAAelC,mBAAmBsB,SAAQ;EAC1Ca,eAAe9B,mBAAmBiB,SAAQ;EAC1Cc,kBAAkBnC,cAAEoB,MAAMpB,cAAEkB,OAAM,CAAA,EAAIG,SAAQ;EAC9Ce,SAASd,iBAAiBD,SAAQ;EAClCgB,mCAAmCrC,cAAEkB,OAAM,EAAGG,SAAQ;EACtDiB,UAAUvB,mBAAmBM,SAAQ;AACvC,CAAA;AAEO,IAAMkB,oCAAoCvC,cAAEgB,OAAO;EACxDe,gBAAgB/B,cAAEkB,OAAM;EACxBU,UAAU5B,cAAEkB,OAAM;EAClBsB,aAAaxC,cAAEkB,OAAM;EACrBuB,YAAYzC,cAAEkB,OAAM;EACpBwB,QAAQ1C,cAAEkB,OAAM,EAAGG,SAAQ;AAC7B,CAAA;;;AF/BO,SAASsB,yCAAyCC,QAAgBC,SAA2BC,MAA2C;AAC7I,MAAIA,MAAMC,YAAY,OAAO;AAC3BC,YAAQC,IAAI,yDAAyD;AACrE;EACF;AAEA,QAAMC,OAAOJ,MAAMI,QAAQ;AAC3BN,SAAOO,KAAKD,UAAME,uCAAUN,MAAMO,QAAAA,GAAWC,aAAaC,oCAAAA,GAAuC,OAAOC,SAAqCC,aAAAA;AAC3I,QAAI;AACF,YAAMC,gBAAgBF,QAAQG,KAAKC,kBAAkBC,kBAAAA,QAAKA,KAAI;AAC9D,YAAMC,aAAaN,QAAQG,KAAKI,WAAWjB,MAAMgB;AACjD,YAAME,UAAUR,QAAQG,KAAKM;AAC7B,YAAMC,gCAAgCV,QAAQG,KAAKQ;AACnD,YAAMC,iBAAiBZ,QAAQG,KAAKU;AAEpC,UAAI;AACF,cAAMxB,QAAQyB,MAAMC,iBAAiB;UAAEC,QAAQR;QAAQ,CAAA;MACzD,SAAQS,GAAG;AACTzB,gBAAQC,IAAI,uDAAuDe,OAAAA,EAAS;AAC5E,mBAAOU,+CAAkBjB,UAAU,KAAK;UAAEkB,QAAQ;UAAKC,SAAS;QAA0B,CAAA;MAC5F;AAEA,YAAMC,4BAAwBC,6BAAY,qBAAqBd,OAAAA,kBAAyBN,aAAAA,IAAiB;QACvGqB,SAASX,kBAAkBtB,MAAMkC;MACnC,CAAA;AACA,YAAMC,kBAAcH,6BAAY,qBAAqBd,OAAAA,mBAA0BN,aAAAA,IAAiB;QAAEqB,SAASjC,MAAMkC;MAAY,CAAA;AAE7H,YAAME,iBAAiB,MAAMrC,QAAQyB,MAAMa,yBAAyB;QAClEnB;QACAN;QACA0B,OAAOvB,kBAAAA,QAAKA,KAAI;QAChBgB;QACAQ,iBAAiB;QACjBJ;QACA,GAAIf,iCAAiC;UAAEoB,qBAAqBpB;QAA8B;MAC5F,CAAA;AAEA,UAAIqB;AACJ,UAAIzB,YAAY;AACd,cAAM,EAAE0B,UAAS,IAAK,MAAM,OAAO,YAAA;AACnC,cAAMC,SAAS,IAAID,UAAU;UAAE,GAAG1B;UAAY4B,MAAMR;QAAe,CAAA;AACnEK,wBAAgB,0BAA0B,MAAME,OAAOE,KAAI,GAAKC,SAAS,QAAA,CAAA;MAC3E;AAEA,YAAMC,kBAAkB;QACtB5B,UAAUD;QACVJ,gBAAgBF;QAChBoC,aAAaZ;QACba,YAAY,OAAGjB,6BAAYhC,MAAMkD,wBAAwB,wBAAwBtC,aAAAA,IAAiB;UAAEqB,SAASjC,MAAMmD;QAAc,CAAA,CAAA;QACjI,GAAIV,iBAAiB;UAAEW,QAAQX;QAAc;MAC/C;AACAvC,cAAQC,IAAI,uCAAuCkD,KAAKC,UAAUP,eAAAA,CAAAA,EAAkB;AAEpF,aAAOpC,SAASkB,OAAO,GAAA,EAAK0B,KAAKR,eAAAA;IACnC,SAASS,OAAO;AACd,iBAAO5B,+CAAkBjB,UAAU,KAAK;QAAEkB,QAAQ;QAAKC,SAAS;MAAgD,GAAG0B,KAAAA;IACrH;EACF,CAAA;AACF;AA1DgB3D;AA4DT,SAAS4D,8CAA8C3D,QAAgBC,SAA2BC,MAA0B;AACjI,MAAIA,MAAMC,YAAY,OAAO;AAC3BC,YAAQC,IAAI,wDAAwD;AACpE;EACF;AAEA,QAAMC,OAAOJ,MAAMI,QAAQ;AAC3BN,SAAO4D,OAAOtD,UAAME,uCAAUN,MAAMO,QAAAA,GAAW,OAAOG,SAAqCC,aAAAA;AACzF,QAAI;AACF,YAAMC,gBAAwBF,QAAQiD,OAAO/C;AAE7C,YAAMgD,mBAAmB,MAAM7D,QAAQyB,MAAMqC,wBAAwB;QACnEjD;QACAkD,iBAAiB;MACnB,CAAA;AACA,UAAI,CAACF,kBAAkB;AACrB1D,gBAAQC,IAAI,uFAAuFS,aAAAA,EAAe;AAClH,mBAAOgB,+CAAkBjB,UAAU,KAAK;UAAEkB,QAAQ;UAAKC,SAAS;QAA0C,CAAA;MAC5G;AAEA,YAAM/B,QAAQyB,MAAMuC,oBAAoB;QAAEnD;MAAc,CAAA;AAExD,aAAOD,SAASkB,OAAO,GAAA,EAAK0B,KAAI;IAClC,SAASC,OAAO;AACd,iBAAO5B,+CAAkBjB,UAAU,KAAK;QAAEkB,QAAQ;QAAKC,SAAS0B,MAAM1B;MAAQ,GAAG0B,KAAAA;IACnF;EACF,CAAA;AACF;AA3BgBC;AA6BT,SAASO,kCAAkClE,QAAgBC,SAA2BC,MAA0B;AACrH,MAAIA,MAAMC,YAAY,OAAO;AAC3BC,YAAQC,IAAI,kDAAkD;AAC9D;EACF;AAEA,QAAMC,OAAOJ,MAAMI,QAAQ;AAC3BN,SAAOmE,IAAI7D,UAAME,uCAAUN,MAAMO,QAAAA,GAAW,OAAOG,SAAwCC,aAAAA;AACzF,QAAI;AACFT,cAAQC,IAAI,iCAAA;AACZ,YAAMS,gBAAwBF,QAAQiD,OAAO/C;AAE7C,YAAMsD,eAAe,MAAMnE,QAAQyB,MAAMqC,wBAAwB;QAC/DjD;QACAkD,iBAAiB;MACnB,CAAA;AAEA,UAAI,CAACI,cAAc;AACjBhE,gBAAQC,IAAI,uFAAuFS,aAAAA,EAAe;AAClH,mBAAOgB,+CAAkBjB,UAAU,KAAK;UAAEkB,QAAQ;UAAKC,SAAS;QAA0C,CAAA;MAC5G;AAEA,UAAIqC;AACJ,UAAID,aAAarC,WAAW,iCAAiC;AAC3DsC,wBAAiB,MAAMpE,QAAQyB,MAAM4C,yBAAyB;UAAExD;UAAekD,iBAAiB;QAAM,CAAA;MACxG;AACA,YAAMO,eAAeF,iBAAiBD;AAEtC,YAAMI,aAAa;QACjBzC,QAAQwC,aAAaxC;QACrBf,gBAAgBuD,aAAazD;QAC7BO,UAAUkD,aAAanD;QACvBqD,cAAcF,aAAaG;QAC3B,GAAKL,eAAetC,WAAW4C,uDAAiCC,YAAYP,cAAcQ,iBAAiBC,UAAc;UAAED,cAAcR,cAAcQ;QAAa;QACpK,GAAIN,aAAab,SAAS;UAAE1B,SAASuC,aAAab,MAAM1B;QAAQ;MAClE;AACA5B,cAAQ2E,MAAM,0BAA0BxB,KAAKC,UAAUgB,UAAAA,CAAAA,EAAa;AAEpE,UAAID,aAAaxC,WAAW,SAAS;AACnC,eAAOlB,SAASkB,OAAO,GAAA,EAAK0B,KAAKe,UAAAA;MACnC;AACA,aAAO3D,SAASkB,OAAO,GAAA,EAAK0B,KAAKe,UAAAA;IACnC,SAASd,OAAO;AACd,iBAAO5B,+CAAkBjB,UAAU,KAAK;QAAEkB,QAAQ;QAAKC,SAAS0B,MAAM1B;MAAQ,GAAG0B,KAAAA;IACnF;EACF,CAAA;AACF;AA9CgBQ;AAgDT,SAASc,uBAAuBhF,QAAgBC,SAA2BC,MAA0B;AAC1G,MAAIA,MAAMC,YAAY,OAAO;AAC3BC,YAAQC,IAAI,sDAAsD;AAClE;EACF;AAEA,QAAMC,OAAOJ,MAAMI,QAAQ;AAC3BN,SAAOmE,IAAI7D,UAAME,uCAAUN,MAAMO,QAAAA,GAAW,OAAOG,SAAkBC,aAAAA;AACnE,QAAI;AACF,YAAMoE,cAAc,MAAMhF,QAAQyB,MAAMwD,kBAAiB;AACzDrE,eAASsE,aAAa;AACtB,aAAOtE,SAAS4C,KAAKwB,WAAAA;IACvB,SAASvB,OAAO;AACd,iBAAO5B,+CAAkBjB,UAAU,KAAK;QAAEkB,QAAQ;QAAKC,SAAS0B,MAAM1B;MAAQ,GAAG0B,KAAAA;IACnF;EACF,CAAA;AACF;AAhBgBsB;;;AG3JhB,IAAAI,kBAA6B;AAC7B,IAAAC,8BAA0D;AAI1D,qBAA4D;AAS5D,gCAAsB;AAEf,IAAMC,oBAAN,MAAMA;EAhBb,OAgBaA;;;EACMC;EACAC;EACAC;EACAC;EACAC;EAEAC,qBAAqB;EACtC,YAAYC,MAAwG;AAClH,UAAM,EAAEC,OAAOC,KAAI,IAAKF;AACxB,SAAKJ,SAASK;AACdE,+DAA0B;MAAED;MAAME,MAAM;QAAC;QAA2B;QAAoB;;IAA2B,CAAA;AACnH,QAAIF,MAAMG,cAAcC,YAAYC,qBAAqB;AACvDJ,iEAA0B;QAAED;QAAME,MAAM;UAAC;UAAsB;;MAA0B,CAAA;IAC3F;AAEA,SAAKP,QAAQK;AACb,SAAKR,WAAWM,KAAKQ,eAAeC;AACpC,SAAKd,UAAUc,eAAAA,QAAQC,OAAM;AAC7B,UAAMC,cAAUC,8BAAaX,KAAAA;AAE7B,UAAMY,WAAWX,MAAMY,kBAAkB;MAAC;MAAa;;AACvDC,YAAQC,IAAI,sCAAsCC,KAAKC,UAAUL,QAAAA,CAAAA,GAAY;AAG7E,QAAIA,SAASM,SAAS,WAAA,GAAc;AAClCC,+CAAyC,KAAKzB,SAASgB,SAAST,MAAMG,cAAcgB,uBAAAA;AACpFC,wCAAkC,KAAK3B,SAASgB,SAAST,MAAMG,cAAckB,gBAAAA;AAC7EC,oDAA8C,KAAK7B,SAASgB,SAAST,MAAMG,cAAcoB,uBAAAA;AACzFC,6BAAuB,KAAK/B,SAASgB,SAAST,MAAMG,cAAcsB,oBAAAA;IACpE;AAGA,QAAId,SAASM,SAAS,MAAA,GAAS;AAC7BS,mCAA6B,KAAKjC,SAASgB,SAAST,MAAMG,cAAcwB,kBAAAA;AACxEC,uCAAiC,KAAKnC,SAASgB,SAAST,MAAMG,cAAc0B,sBAAAA;IAC9E;AACA,SAAKjC,YAAYI,MAAMG,cAAc2B,YAAY;AACjD,SAAKtC,SAASuC,IAAI,KAAKnC,WAAW,KAAKoC,MAAM;AAC7C,SAAKxC,SAASyC,IAAI,eAAejC,MAAMG,cAAc+B,cAAc,IAAA;AACnE,SAAKC,eAAc;EACrB;EAEQA,iBAAiB;AACvBC,UAAM,KAAKvC,kBAAkB,EAC1BwC,KAAK,CAACC,QAAQA,IAAIC,KAAI,CAAA,EACtBF,KAAK,CAACG,YAAAA;AACL,YAAMC,UAAU,GAAG,KAAK7C,SAAS;AACjCiB,cAAQC,IAAI,iCAAiC2B,OAAAA,EAAS;AAEtD,WAAKhD,QAAQsC,IACX,aACA,CAACW,KAAcJ,KAAeK,SAAAA;AAC5B,cAAMC,QAAQ,GAAGH,QAAQI,QAAQ,MAAM,GAAA,CAAA,GAAQA,QAAQ,WAAW,EAAA,EAAIA,QAAQ,gBAAgB,EAAA;AAC9FL,gBAAQM,UAAU;UAAC;YAAEC,KAAK,GAAGL,IAAIM,QAAQ,MAAMN,IAAIO,IAAI,MAAA,CAAA,GAAUL,KAAAA;YAASM,aAAa;UAAc;;AAErGR,YAAIS,aAAaX;AACjBG,aAAAA;MACF,GACAS,0BAAAA,QAAUC,WAAWb,SAASc,OAAAA,GAC9BF,0BAAAA,QAAUG,MAAK,CAAA;IAEnB,CAAA,EACCC,MAAM,CAACC,QAAAA;AACN5C,cAAQC,IAAI,8CAA8C2C,GAAAA,2CAA8C;IAC1G,CAAA;AACF,UAAMH,UAAU,CAEhB;EACF;EACA,IAAI/C,UAAmB;AACrB,WAAO,KAAKf;EACd;EAEA,IAAIwC,SAAiB;AACnB,WAAO,KAAKvC;EACd;EAEA,IAAIM,QAAmD;AACrD,WAAO,KAAKL;EACd;EAEA,IAAIM,OAAyC;AAC3C,WAAO,KAAKL;EACd;AACF;","names":["parseAuthorizationResponse","request","contentType","header","payload","body","JSON","parse","presentation_submission","console","log","vp_token","startsWith","endsWith","CredentialMapper","isJsonLdAsString","Error","verifyAuthResponseSIOPv2Endpoint","router","context","opts","enabled","path","post","checkAuth","endpoint","response","correlationId","definitionId","tenantId","version","params","sendErrorResponse","stringify","definitionItems","agent","pdmGetDefinitions","filter","length","statusCode","statusMessage","send","authorizationResponse","definitionItem","verifiedResponse","siopVerifyAuthResponse","queryId","presentationDefinitions","location","presentationDefinitionLocation","PresentationDefinitionLocation","TOPLEVEL_PRESENTATION_DEF","definition","definitionPayload","dcqlQuery","dcqlPayload","wrappedPresentation","oid4vpSubmission","presentations","presentation","authorizationChallengeValidationResponse","presentation_during_issuance_session","is_first_party","setHeader","responseRedirectURI","siopGetRedirectURI","state","redirect_uri","error","getAuthRequestSIOPv2Endpoint","get","requestState","siopGetAuthRequestState","errorOnNotFound","requestObject","toJwt","e","message","undefined","siopUpdateAuthRequestState","import_did_auth_siop","import_ssi_express_support","import_ssi_sdk","validateData","schema","req","res","next","parse","body","error","ZodError","errorMessages","issues","map","issue","message","path","join","status","json","error_details","import_zod","import_did_auth_siop","ResponseTypeSchema","z","enum","ResponseType","VP_TOKEN","ResponseModeSchema","ResponseMode","DIRECT_POST","DIRECT_POST_JWT","RequestUriMethodSchema","RequestUriMethod","GET","POST","AuthorizationStatusSchema","authorizationRequestStatuses","authorizationResponseStatuses","CallbackOptsSchema","object","url","string","status","array","optional","QRCodeOptsSchema","size","number","color_dark","color_light","CreateAuthorizationRequestBodySchema","query_id","client_id","request_uri_base","correlation_id","request_uri_method","response_type","response_mode","transaction_data","qr_code","direct_post_response_redirect_uri","callback","CreateAuthorizationResponseSchema","request_uri","status_uri","qr_uri","createAuthRequestUniversalOID4VPEndpoint","router","context","opts","enabled","console","log","path","post","checkAuth","endpoint","validateData","CreateAuthorizationRequestBodySchema","request","response","correlationId","body","correlation_id","uuid","qrCodeOpts","qr_code","queryId","query_id","directPostResponseRedirectUri","direct_post_response_redirect_uri","requestUriBase","request_uri_base","agent","pdmGetDefinition","itemId","e","sendErrorResponse","status","message","requestByReferenceURI","uriWithBase","baseURI","siopBaseURI","responseURI","authRequestURI","siopCreateAuthRequestURI","nonce","responseURIType","responseRedirectURI","qrCodeDataUri","AwesomeQR","qrCode","text","draw","toString","authRequestBody","request_uri","status_uri","webappAuthStatusPath","webappBaseURI","qr_uri","JSON","stringify","json","error","removeAuthRequestStateUniversalOID4VPEndpoint","delete","params","authRequestState","siopGetAuthRequestState","errorOnNotFound","siopDeleteAuthState","authStatusUniversalOID4VPEndpoint","get","requestState","responseState","siopGetAuthResponseState","overallState","statusBody","last_updated","lastUpdated","AuthorizationResponseStateStatus","VERIFIED","verifiedData","undefined","debug","getDefinitionsEndpoint","definitions","pdmGetDefinitions","statusCode","import_ssi_sdk","import_ssi_express_support","SIOPv2RPApiServer","_express","_router","_agent","_opts","_basePath","OID4VP_SWAGGER_URL","args","agent","opts","copyGlobalAuthToEndpoints","keys","endpointOpts","globalAuth","secureSiopEndpoints","expressSupport","express","Router","context","agentContext","features","enableFeatures","console","log","JSON","stringify","includes","createAuthRequestUniversalOID4VPEndpoint","webappCreateAuthRequest","authStatusUniversalOID4VPEndpoint","webappAuthStatus","removeAuthRequestStateUniversalOID4VPEndpoint","webappDeleteAuthRequest","getDefinitionsEndpoint","webappGetDefinitions","getAuthRequestSIOPv2Endpoint","siopGetAuthRequest","verifyAuthResponseSIOPv2Endpoint","siopVerifyAuthResponse","basePath","use","router","set","trustProxy","setupSwaggerUi","fetch","then","res","json","swagger","apiDocs","req","next","regex","replace","servers","url","protocol","get","description","swaggerDoc","swaggerUi","serveFiles","options","setup","catch","err"]}
+{"version":3,"sources":["../src/index.ts","../src/siop-api-functions.ts","../src/universal-oid4vp-api-functions.ts","../src/middleware/validationMiddleware.ts","../src/schemas/index.ts","../src/siopv2-rp-api-server.ts"],"sourcesContent":["/**\n * @public\n */\nexport * from './siop-api-functions'\nexport * from './universal-oid4vp-api-functions'\nexport * from './types'\nexport * from './siopv2-rp-api-server'\n","import { AuthorizationResponsePayload, PresentationDefinitionLocation } from '@sphereon/did-auth-siop'\nimport { checkAuth, ISingleEndpointOpts, sendErrorResponse } from '@sphereon/ssi-express-support'\nimport { CredentialMapper } from '@sphereon/ssi-types'\nimport { AuthorizationChallengeValidationResponse } from '@sphereon/ssi-sdk.siopv2-oid4vp-common'\nimport { Request, Response, Router } from 'express'\nimport { IRequiredContext } from './types'\n\nconst parseAuthorizationResponse = (request: Request): AuthorizationResponsePayload => {\n  const contentType = request.header('content-type')\n\n  if (contentType === 'application/json') {\n    const payload = typeof request.body === 'string' ? JSON.parse(request.body) : request.body\n    return payload as AuthorizationResponsePayload\n  }\n\n  if (contentType === 'application/x-www-form-urlencoded') {\n    const payload = request.body as AuthorizationResponsePayload\n\n    // Parse presentation_submission if it's a string\n    if (typeof payload.presentation_submission === 'string') {\n      console.log(`Supplied presentation_submission was a string instead of JSON. Correcting, but external party should fix their implementation!`)\n      payload.presentation_submission = JSON.parse(payload.presentation_submission)\n    }\n\n    // when using FORM_URL_ENCODED, vp_token comes back as string not matter whether the input was string, object or array. Handled below.\n    if (typeof payload.vp_token === 'string') {\n      const { vp_token } = payload\n\n      // The only use case where vp_object is an object is JsonLdAsString atm. For arrays, any objects will be parsed along with the array\n      // (Leaving the vp_token JsonLdAsString causes problems because the original credential will remain string and will be interpreted as JWT in some parts of the code)\n      if ((vp_token.startsWith('[') && vp_token.endsWith(']')) || CredentialMapper.isJsonLdAsString(vp_token)) {\n        payload.vp_token = JSON.parse(vp_token)\n      }\n    }\n\n    return payload\n  }\n\n  throw new Error(\n    `Unsupported content type: ${contentType}. Currently only application/x-www-form-urlencoded and application/json (for direct_post) are supported`,\n  )\n}\n\nexport function verifyAuthResponseSIOPv2Endpoint(\n  router: Router,\n  context: IRequiredContext,\n  opts?: ISingleEndpointOpts & { presentationDefinitionLocation?: PresentationDefinitionLocation },\n) {\n  if (opts?.enabled === false) {\n    console.log(`verifyAuthResponse SIOP endpoint is disabled`)\n    return\n  }\n  const path = opts?.path ?? '/siop/definitions/:definitionId/auth-responses/:correlationId'\n  router.post(path, checkAuth(opts?.endpoint), async (request: Request, response: Response) => {\n    try {\n      const { correlationId, definitionId, tenantId, version } = request.params\n      if (!correlationId || !definitionId) {\n        console.log(`No authorization request could be found for the given url. correlationId: ${correlationId}, definitionId: ${definitionId}`)\n        return sendErrorResponse(response, 404, 'No authorization request could be found')\n      }\n      console.log('Authorization Response (siop-sessions')\n      console.log(JSON.stringify(request.body, null, 2))\n      const definitionItems = await context.agent.pdmGetDefinitions({ filter: [{ definitionId, tenantId, version }] })\n      if (definitionItems.length === 0) {\n        console.log(`Could not get definition ${definitionId} from agent. Will return 404`)\n        response.statusCode = 404\n        response.statusMessage = `No definition ${definitionId}`\n        return response.send()\n      }\n\n      const authorizationResponse = parseAuthorizationResponse(request)\n      console.log(`URI: ${JSON.stringify(authorizationResponse)}`)\n\n      const definitionItem = definitionItems[0]\n      const verifiedResponse = await context.agent.siopVerifyAuthResponse({\n        authorizationResponse,\n        correlationId,\n        queryId: definitionId,\n        presentationDefinitions: [\n          {\n            location: opts?.presentationDefinitionLocation ?? PresentationDefinitionLocation.TOPLEVEL_PRESENTATION_DEF,\n            definition: definitionItem.definitionPayload,\n          },\n        ],\n        dcqlQuery: definitionItem.dcqlPayload,\n      })\n\n      const wrappedPresentation = verifiedResponse?.oid4vpSubmission?.presentations[0]\n      if (wrappedPresentation) {\n        // const credentialSubject = wrappedPresentation.presentation.verifiableCredential[0]?.credential?.credentialSubject\n        // console.log(JSON.stringify(credentialSubject, null, 2))\n        console.log('PRESENTATION:' + JSON.stringify(wrappedPresentation.presentation, null, 2))\n        response.statusCode = 200\n\n        const authorizationChallengeValidationResponse: AuthorizationChallengeValidationResponse = {\n          presentation_during_issuance_session: verifiedResponse.correlationId,\n        }\n        if (authorizationResponse.is_first_party) {\n          response.setHeader('Content-Type', 'application/json')\n          return response.send(JSON.stringify(authorizationChallengeValidationResponse))\n        }\n\n        const responseRedirectURI = await context.agent.siopGetRedirectURI({ correlationId, queryId: definitionId, state: verifiedResponse.state })\n        if (responseRedirectURI) {\n          response.setHeader('Content-Type', 'application/json')\n          return response.send(JSON.stringify({ redirect_uri: responseRedirectURI }))\n        }\n        // todo: delete session\n      } else {\n        console.log('Missing Presentation (Verifiable Credentials)')\n        response.statusCode = 500\n        response.statusMessage = 'Missing Presentation (Verifiable Credentials)'\n      }\n      return response.send()\n    } catch (error) {\n      console.error(error)\n      return sendErrorResponse(response, 500, 'Could not verify auth status', error)\n    }\n  })\n}\n\nexport function getAuthRequestSIOPv2Endpoint(router: Router, context: IRequiredContext, opts?: ISingleEndpointOpts) {\n  if (opts?.enabled === false) {\n    console.log(`getAuthRequest SIOP endpoint is disabled`)\n    return\n  }\n  const path = opts?.path ?? '/siop/definitions/:definitionId/auth-requests/:correlationId'\n  router.get(path, checkAuth(opts?.endpoint), async (request: Request, response: Response) => {\n    try {\n      const correlationId = request.params.correlationId\n      const definitionId = request.params.definitionId\n      if (!correlationId || !definitionId) {\n        console.log(`No authorization request could be found for the given url. correlationId: ${correlationId}, definitionId: ${definitionId}`)\n        return sendErrorResponse(response, 404, 'No authorization request could be found')\n      }\n      const requestState = await context.agent.siopGetAuthRequestState({\n        correlationId,\n        queryId: definitionId,\n        errorOnNotFound: false,\n      })\n      if (!requestState) {\n        console.log(\n          `No authorization request could be found for the given url in the state manager. correlationId: ${correlationId}, definitionId: ${definitionId}`,\n        )\n        return sendErrorResponse(response, 404, `No authorization request could be found`)\n      }\n      const requestObject = await requestState.request?.requestObject?.toJwt()\n      console.log('JWT Request object:')\n      console.log(requestObject)\n\n      let error: string | undefined\n      try {\n        response.statusCode = 200\n        response.setHeader('Content-Type', 'application/jwt')\n        return response.send(requestObject)\n      } catch (e) {\n        error = typeof e === 'string' ? e : e instanceof Error ? e.message : undefined\n        return sendErrorResponse(response, 500, 'Could not get authorization request', e)\n      } finally {\n        await context.agent.siopUpdateAuthRequestState({\n          correlationId,\n          queryId: definitionId,\n          state: 'authorization_request_created',\n          error,\n        })\n      }\n    } catch (error) {\n      return sendErrorResponse(response, 500, 'Could not get authorization request', error)\n    }\n  })\n}\n","import { AuthorizationResponseStateStatus } from '@sphereon/did-auth-siop'\nimport { checkAuth, ISingleEndpointOpts, sendErrorResponse } from '@sphereon/ssi-express-support'\nimport { uriWithBase } from '@sphereon/ssi-sdk.siopv2-oid4vp-common'\nimport { Request, Response, Router } from 'express'\nimport uuid from 'short-uuid'\nimport { validateData } from './middleware/validationMiddleware'\nimport { CreateAuthorizationRequestBodySchema } from './schemas'\nimport {\n  CreateAuthorizationRequest,\n  CreateAuthorizationRequestResponse,\n  CreateAuthorizationResponse,\n  DeleteAuthorizationRequest,\n  GetAuthorizationRequestStatus,\n  AuthStatusResponse,\n  ICreateAuthRequestWebappEndpointOpts,\n  IRequiredContext\n} from './types'\n\nexport function createAuthRequestUniversalOID4VPEndpoint(router: Router, context: IRequiredContext, opts?: ICreateAuthRequestWebappEndpointOpts) {\n  if (opts?.enabled === false) {\n    console.log(`createAuthRequest universal OID4VP endpoint is disabled`)\n    return\n  }\n\n  const path = opts?.path ?? '/backend/auth/requests'\n  router.post(path, checkAuth(opts?.endpoint), validateData(CreateAuthorizationRequestBodySchema), async (request: CreateAuthorizationRequest, response: CreateAuthorizationResponse) => {\n    try {\n      const correlationId = request.body.correlation_id ?? uuid.uuid()\n      const qrCodeOpts = request.body.qr_code ?? opts?.qrCodeOpts\n      const queryId = request.body.query_id\n      const directPostResponseRedirectUri = request.body.direct_post_response_redirect_uri // TODO Uri not URI\n      const requestUriBase = request.body.request_uri_base\n      const callback = request.body.callback\n\n      try {\n        await context.agent.pdmGetDefinition({ itemId: queryId })\n      } catch(e) {\n        console.log(`No query could be found for the given id. Query id: ${queryId}`)\n        return sendErrorResponse(response, 404, { status: 404, message: 'No query could be found' })\n      }\n\n      const requestByReferenceURI = uriWithBase(`/siop/definitions/${queryId}/auth-requests/${correlationId}`, {\n        baseURI: requestUriBase ?? opts?.siopBaseURI,\n      })\n      const responseURI = uriWithBase(`/siop/definitions/${queryId}/auth-responses/${correlationId}`, { baseURI: opts?.siopBaseURI })\n\n      const authRequestURI = await context.agent.siopCreateAuthRequestURI({\n        queryId,\n        correlationId,\n        nonce: uuid.uuid(),\n        requestByReferenceURI,\n        responseURIType: 'response_uri',\n        responseURI,\n        ...(directPostResponseRedirectUri && { responseRedirectURI: directPostResponseRedirectUri }),\n        callback\n      })\n\n      let qrCodeDataUri: string | undefined\n      if (qrCodeOpts) {\n        const { AwesomeQR } = await import('awesome-qr')\n        const qrCode = new AwesomeQR({ ...qrCodeOpts, text: authRequestURI })\n        qrCodeDataUri = `data:image/png;base64,${(await qrCode.draw())!.toString('base64')}`\n      }\n\n      const authRequestBody = {\n        query_id: queryId,\n        correlation_id: correlationId,\n        request_uri: authRequestURI,\n        status_uri: `${uriWithBase(opts?.webappAuthStatusPath ?? `/backend/auth/status/${correlationId}`, { baseURI: opts?.webappBaseURI })}`,\n        ...(qrCodeDataUri && { qr_uri: qrCodeDataUri }),\n      } satisfies CreateAuthorizationRequestResponse\n      console.log(`Auth Request URI data to send back: ${JSON.stringify(authRequestBody)}`)\n\n      return response.status(201).json(authRequestBody)\n    } catch (error) {\n      return sendErrorResponse(response, 500, { status: 500, message: 'Could not create an authorization request URI' }, error)\n    }\n  })\n}\n\nexport function removeAuthRequestStateUniversalOID4VPEndpoint(router: Router, context: IRequiredContext, opts?: ISingleEndpointOpts) {\n  if (opts?.enabled === false) {\n    console.log(`removeAuthStatus universal OID4VP endpoint is disabled`)\n    return\n  }\n\n  const path = opts?.path ?? '/backend/auth/requests/:correlationId'\n  router.delete(path, checkAuth(opts?.endpoint), async (request: DeleteAuthorizationRequest, response: Response) => {\n    try {\n      const correlationId: string = request.params.correlationId\n\n      const authRequestState = await context.agent.siopGetAuthRequestState({\n        correlationId,\n        errorOnNotFound: false\n      })\n      if (!authRequestState) {\n        console.log(`No authorization request could be found for the given correlationId. correlationId: ${correlationId}`)\n        return sendErrorResponse(response, 404, { status: 404, message: 'No authorization request could be found' })\n      }\n\n      await context.agent.siopDeleteAuthState({ correlationId })\n\n      return response.status(204).json()\n    } catch (error) {\n      return sendErrorResponse(response, 500, { status: 500, message: error.message }, error)\n    }\n  })\n}\n\nexport function authStatusUniversalOID4VPEndpoint(router: Router, context: IRequiredContext, opts?: ISingleEndpointOpts) {\n  if (opts?.enabled === false) {\n    console.log(`authStatus universal OID4VP endpoint is disabled`)\n    return\n  }\n\n  const path = opts?.path ?? '/backend/auth/status/:correlationId'\n  router.get(path, checkAuth(opts?.endpoint), async (request: GetAuthorizationRequestStatus, response: Response) => {\n    try {\n      console.log('Received auth-status request...')\n      const correlationId: string = request.params.correlationId\n\n      const requestState = await context.agent.siopGetAuthRequestState({\n        correlationId,\n        errorOnNotFound: false\n      })\n\n      if (!requestState) {\n        console.log(`No authorization request could be found for the given correlationId. correlationId: ${correlationId}`)\n        return sendErrorResponse(response, 404, { status: 404, message: 'No authorization request could be found' })\n      }\n\n      let responseState\n      if (requestState.status === 'authorization_request_created') {\n        responseState = (await context.agent.siopGetAuthResponseState({ correlationId, errorOnNotFound: false }))\n      }\n      const overallState = responseState ?? requestState\n\n      const statusBody = {\n        status: overallState.status,\n        correlation_id: overallState.correlationId,\n        query_id: overallState.queryId,\n        last_updated: overallState.lastUpdated,\n        ...((responseState?.status === AuthorizationResponseStateStatus.VERIFIED && responseState.verifiedData !== undefined) && { verifiedData: responseState.verifiedData }),\n        ...(overallState.error && { message: overallState.error.message })\n      } satisfies AuthStatusResponse\n      console.debug(`Will send auth status: ${JSON.stringify(statusBody)}`)\n\n      if (overallState.status === 'error') {\n        return response.status(500).json(statusBody)\n      }\n      return response.status(200).json(statusBody)\n    } catch (error) {\n      return sendErrorResponse(response, 500, { status: 500, message: error.message }, error)\n    }\n  })\n}\n\nexport function getDefinitionsEndpoint(router: Router, context: IRequiredContext, opts?: ISingleEndpointOpts) {\n  if (opts?.enabled === false) {\n    console.log(`getDefinitions universal OID4VP endpoint is disabled`)\n    return\n  }\n\n  const path = opts?.path ?? '/backend/definitions'\n  router.get(path, checkAuth(opts?.endpoint), async (request: Request, response: Response) => {\n    try {\n      const definitions = await context.agent.pdmGetDefinitions()\n      response.statusCode = 200\n      return response.json(definitions)\n    } catch (error) {\n      return sendErrorResponse(response, 500, { status: 500, message: error.message }, error)\n    }\n  })\n}\n","import { Request, Response, NextFunction } from 'express';\nimport { z, ZodError } from 'zod';\n\nexport const validateData = (schema: z.ZodObject<any, any>) => {\n  return (req: Request, res: Response, next: NextFunction) => {\n    try {\n      schema.parse(req.body);\n      next();\n    } catch (error) {\n      if (error instanceof ZodError) {\n        const errorMessages = error.issues.map((issue: any) => ({\n          message: `${issue.path.join('.')} is ${issue.message}`,\n        }))\n        res.status(400).json({ status: 400, message: 'Invalid data', error_details: errorMessages[0].message });\n      } else {\n        res.status(500).json({ status: 500, message: 'Internal Server Error' });\n      }\n    }\n  };\n}\n","import { z } from 'zod'\nimport {\n  ResponseMode,\n  ResponseType,\n  RequestUriMethod,\n  CallbackOptsSchema\n} from '@sphereon/did-auth-siop'\n\nexport const ResponseTypeSchema = z.enum([ResponseType.VP_TOKEN]);\n\nexport const ResponseModeSchema = z.enum([ResponseMode.DIRECT_POST, ResponseMode.DIRECT_POST_JWT]);\n\nexport const RequestUriMethodSchema = z.enum(Object.values(RequestUriMethod));\n\nexport const QRCodeOptsSchema = z.object({\n  size: z.number().optional(),\n  color_dark: z.string().optional(),\n  color_light: z.string().optional(),\n});\n\nexport const CreateAuthorizationRequestBodySchema = z.object({\n  query_id: z.string(),\n  client_id: z.string().optional(),\n  request_uri_base: z.string().optional(),\n  correlation_id: z.string().optional(),\n  request_uri_method: RequestUriMethodSchema.optional(),\n  response_type: ResponseTypeSchema.optional(),\n  response_mode: ResponseModeSchema.optional(),\n  transaction_data: z.array(z.string()).optional(),\n  qr_code: QRCodeOptsSchema.optional(),\n  direct_post_response_redirect_uri: z.string().optional(),\n  callback: CallbackOptsSchema.optional(),\n});\n\nexport const CreateAuthorizationResponseSchema = z.object({\n  correlation_id: z.string(),\n  query_id: z.string(),\n  request_uri: z.string(),\n  status_uri: z.string(),\n  qr_uri: z.string().optional(),\n});\n","import { agentContext } from '@sphereon/ssi-sdk.core'\nimport { copyGlobalAuthToEndpoints, ExpressSupport } from '@sphereon/ssi-express-support'\nimport { IPresentationExchange } from '@sphereon/ssi-sdk.presentation-exchange'\nimport { ISIOPv2RP } from '@sphereon/ssi-sdk.siopv2-oid4vp-rp-auth'\nimport { TAgent } from '@veramo/core'\nimport express, { Express, Request, Response, Router } from 'express'\nimport { getAuthRequestSIOPv2Endpoint, verifyAuthResponseSIOPv2Endpoint } from './siop-api-functions'\nimport { IRequiredPlugins, ISIOPv2RPRestAPIOpts } from './types'\nimport {\n  authStatusUniversalOID4VPEndpoint,\n  createAuthRequestUniversalOID4VPEndpoint,\n  getDefinitionsEndpoint,\n  removeAuthRequestStateUniversalOID4VPEndpoint,\n} from './universal-oid4vp-api-functions'\nimport swaggerUi from 'swagger-ui-express'\n\nexport class SIOPv2RPApiServer {\n  private readonly _express: Express\n  private readonly _router: Router\n  private readonly _agent: TAgent<IPresentationExchange & ISIOPv2RP>\n  private readonly _opts?: ISIOPv2RPRestAPIOpts\n  private readonly _basePath: string\n\n  private readonly OID4VP_SWAGGER_URL = 'https://api.swaggerhub.com/apis/SphereonInt/OID4VP/0.1.0'\n  constructor(args: { agent: TAgent<IRequiredPlugins>; expressSupport: ExpressSupport; opts?: ISIOPv2RPRestAPIOpts }) {\n    const { agent, opts } = args\n    this._agent = agent\n    copyGlobalAuthToEndpoints({ opts, keys: ['webappCreateAuthRequest', 'webappAuthStatus', 'webappDeleteAuthRequest'] })\n    if (opts?.endpointOpts?.globalAuth?.secureSiopEndpoints) {\n      copyGlobalAuthToEndpoints({ opts, keys: ['siopGetAuthRequest', 'siopVerifyAuthResponse'] })\n    }\n\n    this._opts = opts\n    this._express = args.expressSupport.express\n    this._router = express.Router()\n    const context = agentContext(agent)\n\n    const features = opts?.enableFeatures ?? ['rp-status', 'siop']\n    console.log(`SIOPv2 API enabled, with features: ${JSON.stringify(features)}}`)\n\n    // Webapp endpoints\n    if (features.includes('rp-status')) {\n      createAuthRequestUniversalOID4VPEndpoint(this._router, context, opts?.endpointOpts?.webappCreateAuthRequest)\n      authStatusUniversalOID4VPEndpoint(this._router, context, opts?.endpointOpts?.webappAuthStatus)\n      removeAuthRequestStateUniversalOID4VPEndpoint(this._router, context, opts?.endpointOpts?.webappDeleteAuthRequest)\n      getDefinitionsEndpoint(this._router, context, opts?.endpointOpts?.webappGetDefinitions)\n    }\n\n    // SIOPv2 endpoints\n    if (features.includes('siop')) {\n      getAuthRequestSIOPv2Endpoint(this._router, context, opts?.endpointOpts?.siopGetAuthRequest)\n      verifyAuthResponseSIOPv2Endpoint(this._router, context, opts?.endpointOpts?.siopVerifyAuthResponse)\n    }\n    this._basePath = opts?.endpointOpts?.basePath ?? ''\n    this._express.use(this._basePath, this.router)\n    this._express.set('trust proxy', opts?.endpointOpts?.trustProxy ?? true)\n    this.setupSwaggerUi()\n  }\n\n  private setupSwaggerUi() {\n    fetch(this.OID4VP_SWAGGER_URL)\n      .then((res) => res.json())\n      .then((swagger: any) => {\n        const apiDocs = `${this._basePath}/api-docs`\n        console.log(`[OID4P] API docs available at ${apiDocs}`)\n\n        this._router.use(\n          '/api-docs',\n          (req: Request, res: Response, next: any) => {\n            const regex = `${apiDocs.replace(/\\//, '\\/')}`.replace('/oid4vp', '').replace(/\\/api-docs.*/, '')\n            swagger.servers = [{ url: `${req.protocol}://${req.get('host')}${regex}`, description: 'This server' }]\n            // @ts-ignore\n            req.swaggerDoc = swagger\n            next()\n          },\n          swaggerUi.serveFiles(swagger, options),\n          swaggerUi.setup(),\n        )\n      })\n      .catch((err) => {\n        console.log(`[OID4VP] Unable to fetch swagger document: ${err}. Will not host api-docs on this instance`)\n      })\n    const options = {\n      // customCss: '.swagger-ui .topbar { display: none }',\n    }\n  }\n  get express(): Express {\n    return this._express\n  }\n\n  get router(): Router {\n    return this._router\n  }\n\n  get agent(): TAgent<IPresentationExchange & ISIOPv2RP> {\n    return this._agent\n  }\n\n  get opts(): ISIOPv2RPRestAPIOpts | undefined {\n    return this._opts\n  }\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA;;;;;;;;;;;;;ACAA,2BAA6E;AAC7E,iCAAkE;AAClE,uBAAiC;AAKjC,IAAMA,6BAA6B,wBAACC,YAAAA;AAClC,QAAMC,cAAcD,QAAQE,OAAO,cAAA;AAEnC,MAAID,gBAAgB,oBAAoB;AACtC,UAAME,UAAU,OAAOH,QAAQI,SAAS,WAAWC,KAAKC,MAAMN,QAAQI,IAAI,IAAIJ,QAAQI;AACtF,WAAOD;EACT;AAEA,MAAIF,gBAAgB,qCAAqC;AACvD,UAAME,UAAUH,QAAQI;AAGxB,QAAI,OAAOD,QAAQI,4BAA4B,UAAU;AACvDC,cAAQC,IAAI,gIAAgI;AAC5IN,cAAQI,0BAA0BF,KAAKC,MAAMH,QAAQI,uBAAuB;IAC9E;AAGA,QAAI,OAAOJ,QAAQO,aAAa,UAAU;AACxC,YAAM,EAAEA,SAAQ,IAAKP;AAIrB,UAAKO,SAASC,WAAW,GAAA,KAAQD,SAASE,SAAS,GAAA,KAASC,kCAAiBC,iBAAiBJ,QAAAA,GAAW;AACvGP,gBAAQO,WAAWL,KAAKC,MAAMI,QAAAA;MAChC;IACF;AAEA,WAAOP;EACT;AAEA,QAAM,IAAIY,MACR,6BAA6Bd,WAAAA,yGAAoH;AAErJ,GAlCmC;AAoC5B,SAASe,iCACdC,QACAC,SACAC,MAAgG;AAEhG,MAAIA,MAAMC,YAAY,OAAO;AAC3BZ,YAAQC,IAAI,8CAA8C;AAC1D;EACF;AACA,QAAMY,OAAOF,MAAME,QAAQ;AAC3BJ,SAAOK,KAAKD,UAAME,sCAAUJ,MAAMK,QAAAA,GAAW,OAAOxB,SAAkByB,aAAAA;AACpE,QAAI;AACF,YAAM,EAAEC,eAAeC,cAAcC,UAAUC,QAAO,IAAK7B,QAAQ8B;AACnE,UAAI,CAACJ,iBAAiB,CAACC,cAAc;AACnCnB,gBAAQC,IAAI,6EAA6EiB,aAAAA,mBAAgCC,YAAAA,EAAc;AACvI,mBAAOI,8CAAkBN,UAAU,KAAK,yCAAA;MAC1C;AACAjB,cAAQC,IAAI,uCAAA;AACZD,cAAQC,IAAIJ,KAAK2B,UAAUhC,QAAQI,MAAM,MAAM,CAAA,CAAA;AAC/C,YAAM6B,kBAAkB,MAAMf,QAAQgB,MAAMC,kBAAkB;QAAEC,QAAQ;UAAC;YAAET;YAAcC;YAAUC;UAAQ;;MAAG,CAAA;AAC9G,UAAII,gBAAgBI,WAAW,GAAG;AAChC7B,gBAAQC,IAAI,4BAA4BkB,YAAAA,8BAA0C;AAClFF,iBAASa,aAAa;AACtBb,iBAASc,gBAAgB,iBAAiBZ,YAAAA;AAC1C,eAAOF,SAASe,KAAI;MACtB;AAEA,YAAMC,wBAAwB1C,2BAA2BC,OAAAA;AACzDQ,cAAQC,IAAI,QAAQJ,KAAK2B,UAAUS,qBAAAA,CAAAA,EAAwB;AAE3D,YAAMC,iBAAiBT,gBAAgB,CAAA;AACvC,YAAMU,mBAAmB,MAAMzB,QAAQgB,MAAMU,uBAAuB;QAClEH;QACAf;QACAmB,SAASlB;QACTmB,yBAAyB;UACvB;YACEC,UAAU5B,MAAM6B,kCAAkCC,oDAA+BC;YACjFC,YAAYT,eAAeU;UAC7B;;QAEFC,WAAWX,eAAeY;MAC5B,CAAA;AAEA,YAAMC,sBAAsBZ,kBAAkBa,kBAAkBC,cAAc,CAAA;AAC9E,UAAIF,qBAAqB;AAGvB/C,gBAAQC,IAAI,kBAAkBJ,KAAK2B,UAAUuB,oBAAoBG,cAAc,MAAM,CAAA,CAAA;AACrFjC,iBAASa,aAAa;AAEtB,cAAMqB,2CAAqF;UACzFC,sCAAsCjB,iBAAiBjB;QACzD;AACA,YAAIe,sBAAsBoB,gBAAgB;AACxCpC,mBAASqC,UAAU,gBAAgB,kBAAA;AACnC,iBAAOrC,SAASe,KAAKnC,KAAK2B,UAAU2B,wCAAAA,CAAAA;QACtC;AAEA,cAAMI,sBAAsB,MAAM7C,QAAQgB,MAAM8B,mBAAmB;UAAEtC;UAAemB,SAASlB;UAAcsC,OAAOtB,iBAAiBsB;QAAM,CAAA;AACzI,YAAIF,qBAAqB;AACvBtC,mBAASqC,UAAU,gBAAgB,kBAAA;AACnC,iBAAOrC,SAASe,KAAKnC,KAAK2B,UAAU;YAAEkC,cAAcH;UAAoB,CAAA,CAAA;QAC1E;MAEF,OAAO;AACLvD,gBAAQC,IAAI,+CAAA;AACZgB,iBAASa,aAAa;AACtBb,iBAASc,gBAAgB;MAC3B;AACA,aAAOd,SAASe,KAAI;IACtB,SAAS2B,OAAO;AACd3D,cAAQ2D,MAAMA,KAAAA;AACd,iBAAOpC,8CAAkBN,UAAU,KAAK,gCAAgC0C,KAAAA;IAC1E;EACF,CAAA;AACF;AA5EgBnD;AA8ET,SAASoD,6BAA6BnD,QAAgBC,SAA2BC,MAA0B;AAChH,MAAIA,MAAMC,YAAY,OAAO;AAC3BZ,YAAQC,IAAI,0CAA0C;AACtD;EACF;AACA,QAAMY,OAAOF,MAAME,QAAQ;AAC3BJ,SAAOoD,IAAIhD,UAAME,sCAAUJ,MAAMK,QAAAA,GAAW,OAAOxB,SAAkByB,aAAAA;AACnE,QAAI;AACF,YAAMC,gBAAgB1B,QAAQ8B,OAAOJ;AACrC,YAAMC,eAAe3B,QAAQ8B,OAAOH;AACpC,UAAI,CAACD,iBAAiB,CAACC,cAAc;AACnCnB,gBAAQC,IAAI,6EAA6EiB,aAAAA,mBAAgCC,YAAAA,EAAc;AACvI,mBAAOI,8CAAkBN,UAAU,KAAK,yCAAA;MAC1C;AACA,YAAM6C,eAAe,MAAMpD,QAAQgB,MAAMqC,wBAAwB;QAC/D7C;QACAmB,SAASlB;QACT6C,iBAAiB;MACnB,CAAA;AACA,UAAI,CAACF,cAAc;AACjB9D,gBAAQC,IACN,kGAAkGiB,aAAAA,mBAAgCC,YAAAA,EAAc;AAElJ,mBAAOI,8CAAkBN,UAAU,KAAK,yCAAyC;MACnF;AACA,YAAMgD,gBAAgB,MAAMH,aAAatE,SAASyE,eAAeC,MAAAA;AACjElE,cAAQC,IAAI,qBAAA;AACZD,cAAQC,IAAIgE,aAAAA;AAEZ,UAAIN;AACJ,UAAI;AACF1C,iBAASa,aAAa;AACtBb,iBAASqC,UAAU,gBAAgB,iBAAA;AACnC,eAAOrC,SAASe,KAAKiC,aAAAA;MACvB,SAASE,GAAG;AACVR,gBAAQ,OAAOQ,MAAM,WAAWA,IAAIA,aAAa5D,QAAQ4D,EAAEC,UAAUC;AACrE,mBAAO9C,8CAAkBN,UAAU,KAAK,uCAAuCkD,CAAAA;MACjF,UAAA;AACE,cAAMzD,QAAQgB,MAAM4C,2BAA2B;UAC7CpD;UACAmB,SAASlB;UACTsC,OAAO;UACPE;QACF,CAAA;MACF;IACF,SAASA,OAAO;AACd,iBAAOpC,8CAAkBN,UAAU,KAAK,uCAAuC0C,KAAAA;IACjF;EACF,CAAA;AACF;AAjDgBC;;;ACzHhB,IAAAW,wBAAiD;AACjD,IAAAC,8BAAkE;AAClE,qBAA4B;AAE5B,wBAAiB;;;ACHjB,iBAA4B;AAErB,IAAMC,eAAe,wBAACC,WAAAA;AAC3B,SAAO,CAACC,KAAcC,KAAeC,SAAAA;AACnC,QAAI;AACFH,aAAOI,MAAMH,IAAII,IAAI;AACrBF,WAAAA;IACF,SAASG,OAAO;AACd,UAAIA,iBAAiBC,qBAAU;AAC7B,cAAMC,gBAAgBF,MAAMG,OAAOC,IAAI,CAACC,WAAgB;UACtDC,SAAS,GAAGD,MAAME,KAAKC,KAAK,GAAA,CAAA,OAAWH,MAAMC,OAAO;QACtD,EAAA;AACAV,YAAIa,OAAO,GAAA,EAAKC,KAAK;UAAED,QAAQ;UAAKH,SAAS;UAAgBK,eAAeT,cAAc,CAAA,EAAGI;QAAQ,CAAA;MACvG,OAAO;AACLV,YAAIa,OAAO,GAAA,EAAKC,KAAK;UAAED,QAAQ;UAAKH,SAAS;QAAwB,CAAA;MACvE;IACF;EACF;AACF,GAhB4B;;;ACH5B,IAAAM,cAAkB;AAClB,IAAAC,wBAKO;AAEA,IAAMC,qBAAqBC,cAAEC,KAAK;EAACC,mCAAaC;CAAS;AAEzD,IAAMC,qBAAqBJ,cAAEC,KAAK;EAACI,mCAAaC;EAAaD,mCAAaE;CAAgB;AAE1F,IAAMC,yBAAyBR,cAAEC,KAAKQ,OAAOC,OAAOC,sCAAAA,CAAAA;AAEpD,IAAMC,mBAAmBZ,cAAEa,OAAO;EACvCC,MAAMd,cAAEe,OAAM,EAAGC,SAAQ;EACzBC,YAAYjB,cAAEkB,OAAM,EAAGF,SAAQ;EAC/BG,aAAanB,cAAEkB,OAAM,EAAGF,SAAQ;AAClC,CAAA;AAEO,IAAMI,uCAAuCpB,cAAEa,OAAO;EAC3DQ,UAAUrB,cAAEkB,OAAM;EAClBI,WAAWtB,cAAEkB,OAAM,EAAGF,SAAQ;EAC9BO,kBAAkBvB,cAAEkB,OAAM,EAAGF,SAAQ;EACrCQ,gBAAgBxB,cAAEkB,OAAM,EAAGF,SAAQ;EACnCS,oBAAoBjB,uBAAuBQ,SAAQ;EACnDU,eAAe3B,mBAAmBiB,SAAQ;EAC1CW,eAAevB,mBAAmBY,SAAQ;EAC1CY,kBAAkB5B,cAAE6B,MAAM7B,cAAEkB,OAAM,CAAA,EAAIF,SAAQ;EAC9Cc,SAASlB,iBAAiBI,SAAQ;EAClCe,mCAAmC/B,cAAEkB,OAAM,EAAGF,SAAQ;EACtDgB,UAAUC,yCAAmBjB,SAAQ;AACvC,CAAA;AAEO,IAAMkB,oCAAoClC,cAAEa,OAAO;EACxDW,gBAAgBxB,cAAEkB,OAAM;EACxBG,UAAUrB,cAAEkB,OAAM;EAClBiB,aAAanC,cAAEkB,OAAM;EACrBkB,YAAYpC,cAAEkB,OAAM;EACpBmB,QAAQrC,cAAEkB,OAAM,EAAGF,SAAQ;AAC7B,CAAA;;;AFtBO,SAASsB,yCAAyCC,QAAgBC,SAA2BC,MAA2C;AAC7I,MAAIA,MAAMC,YAAY,OAAO;AAC3BC,YAAQC,IAAI,yDAAyD;AACrE;EACF;AAEA,QAAMC,OAAOJ,MAAMI,QAAQ;AAC3BN,SAAOO,KAAKD,UAAME,uCAAUN,MAAMO,QAAAA,GAAWC,aAAaC,oCAAAA,GAAuC,OAAOC,SAAqCC,aAAAA;AAC3I,QAAI;AACF,YAAMC,gBAAgBF,QAAQG,KAAKC,kBAAkBC,kBAAAA,QAAKA,KAAI;AAC9D,YAAMC,aAAaN,QAAQG,KAAKI,WAAWjB,MAAMgB;AACjD,YAAME,UAAUR,QAAQG,KAAKM;AAC7B,YAAMC,gCAAgCV,QAAQG,KAAKQ;AACnD,YAAMC,iBAAiBZ,QAAQG,KAAKU;AACpC,YAAMC,WAAWd,QAAQG,KAAKW;AAE9B,UAAI;AACF,cAAMzB,QAAQ0B,MAAMC,iBAAiB;UAAEC,QAAQT;QAAQ,CAAA;MACzD,SAAQU,GAAG;AACT1B,gBAAQC,IAAI,uDAAuDe,OAAAA,EAAS;AAC5E,mBAAOW,+CAAkBlB,UAAU,KAAK;UAAEmB,QAAQ;UAAKC,SAAS;QAA0B,CAAA;MAC5F;AAEA,YAAMC,4BAAwBC,4BAAY,qBAAqBf,OAAAA,kBAAyBN,aAAAA,IAAiB;QACvGsB,SAASZ,kBAAkBtB,MAAMmC;MACnC,CAAA;AACA,YAAMC,kBAAcH,4BAAY,qBAAqBf,OAAAA,mBAA0BN,aAAAA,IAAiB;QAAEsB,SAASlC,MAAMmC;MAAY,CAAA;AAE7H,YAAME,iBAAiB,MAAMtC,QAAQ0B,MAAMa,yBAAyB;QAClEpB;QACAN;QACA2B,OAAOxB,kBAAAA,QAAKA,KAAI;QAChBiB;QACAQ,iBAAiB;QACjBJ;QACA,GAAIhB,iCAAiC;UAAEqB,qBAAqBrB;QAA8B;QAC1FI;MACF,CAAA;AAEA,UAAIkB;AACJ,UAAI1B,YAAY;AACd,cAAM,EAAE2B,UAAS,IAAK,MAAM,OAAO,YAAA;AACnC,cAAMC,SAAS,IAAID,UAAU;UAAE,GAAG3B;UAAY6B,MAAMR;QAAe,CAAA;AACnEK,wBAAgB,0BAA0B,MAAME,OAAOE,KAAI,GAAKC,SAAS,QAAA,CAAA;MAC3E;AAEA,YAAMC,kBAAkB;QACtB7B,UAAUD;QACVJ,gBAAgBF;QAChBqC,aAAaZ;QACba,YAAY,OAAGjB,4BAAYjC,MAAMmD,wBAAwB,wBAAwBvC,aAAAA,IAAiB;UAAEsB,SAASlC,MAAMoD;QAAc,CAAA,CAAA;QACjI,GAAIV,iBAAiB;UAAEW,QAAQX;QAAc;MAC/C;AACAxC,cAAQC,IAAI,uCAAuCmD,KAAKC,UAAUP,eAAAA,CAAAA,EAAkB;AAEpF,aAAOrC,SAASmB,OAAO,GAAA,EAAK0B,KAAKR,eAAAA;IACnC,SAASS,OAAO;AACd,iBAAO5B,+CAAkBlB,UAAU,KAAK;QAAEmB,QAAQ;QAAKC,SAAS;MAAgD,GAAG0B,KAAAA;IACrH;EACF,CAAA;AACF;AA5DgB5D;AA8DT,SAAS6D,8CAA8C5D,QAAgBC,SAA2BC,MAA0B;AACjI,MAAIA,MAAMC,YAAY,OAAO;AAC3BC,YAAQC,IAAI,wDAAwD;AACpE;EACF;AAEA,QAAMC,OAAOJ,MAAMI,QAAQ;AAC3BN,SAAO6D,OAAOvD,UAAME,uCAAUN,MAAMO,QAAAA,GAAW,OAAOG,SAAqCC,aAAAA;AACzF,QAAI;AACF,YAAMC,gBAAwBF,QAAQkD,OAAOhD;AAE7C,YAAMiD,mBAAmB,MAAM9D,QAAQ0B,MAAMqC,wBAAwB;QACnElD;QACAmD,iBAAiB;MACnB,CAAA;AACA,UAAI,CAACF,kBAAkB;AACrB3D,gBAAQC,IAAI,uFAAuFS,aAAAA,EAAe;AAClH,mBAAOiB,+CAAkBlB,UAAU,KAAK;UAAEmB,QAAQ;UAAKC,SAAS;QAA0C,CAAA;MAC5G;AAEA,YAAMhC,QAAQ0B,MAAMuC,oBAAoB;QAAEpD;MAAc,CAAA;AAExD,aAAOD,SAASmB,OAAO,GAAA,EAAK0B,KAAI;IAClC,SAASC,OAAO;AACd,iBAAO5B,+CAAkBlB,UAAU,KAAK;QAAEmB,QAAQ;QAAKC,SAAS0B,MAAM1B;MAAQ,GAAG0B,KAAAA;IACnF;EACF,CAAA;AACF;AA3BgBC;AA6BT,SAASO,kCAAkCnE,QAAgBC,SAA2BC,MAA0B;AACrH,MAAIA,MAAMC,YAAY,OAAO;AAC3BC,YAAQC,IAAI,kDAAkD;AAC9D;EACF;AAEA,QAAMC,OAAOJ,MAAMI,QAAQ;AAC3BN,SAAOoE,IAAI9D,UAAME,uCAAUN,MAAMO,QAAAA,GAAW,OAAOG,SAAwCC,aAAAA;AACzF,QAAI;AACFT,cAAQC,IAAI,iCAAA;AACZ,YAAMS,gBAAwBF,QAAQkD,OAAOhD;AAE7C,YAAMuD,eAAe,MAAMpE,QAAQ0B,MAAMqC,wBAAwB;QAC/DlD;QACAmD,iBAAiB;MACnB,CAAA;AAEA,UAAI,CAACI,cAAc;AACjBjE,gBAAQC,IAAI,uFAAuFS,aAAAA,EAAe;AAClH,mBAAOiB,+CAAkBlB,UAAU,KAAK;UAAEmB,QAAQ;UAAKC,SAAS;QAA0C,CAAA;MAC5G;AAEA,UAAIqC;AACJ,UAAID,aAAarC,WAAW,iCAAiC;AAC3DsC,wBAAiB,MAAMrE,QAAQ0B,MAAM4C,yBAAyB;UAAEzD;UAAemD,iBAAiB;QAAM,CAAA;MACxG;AACA,YAAMO,eAAeF,iBAAiBD;AAEtC,YAAMI,aAAa;QACjBzC,QAAQwC,aAAaxC;QACrBhB,gBAAgBwD,aAAa1D;QAC7BO,UAAUmD,aAAapD;QACvBsD,cAAcF,aAAaG;QAC3B,GAAKL,eAAetC,WAAW4C,uDAAiCC,YAAYP,cAAcQ,iBAAiBC,UAAc;UAAED,cAAcR,cAAcQ;QAAa;QACpK,GAAIN,aAAab,SAAS;UAAE1B,SAASuC,aAAab,MAAM1B;QAAQ;MAClE;AACA7B,cAAQ4E,MAAM,0BAA0BxB,KAAKC,UAAUgB,UAAAA,CAAAA,EAAa;AAEpE,UAAID,aAAaxC,WAAW,SAAS;AACnC,eAAOnB,SAASmB,OAAO,GAAA,EAAK0B,KAAKe,UAAAA;MACnC;AACA,aAAO5D,SAASmB,OAAO,GAAA,EAAK0B,KAAKe,UAAAA;IACnC,SAASd,OAAO;AACd,iBAAO5B,+CAAkBlB,UAAU,KAAK;QAAEmB,QAAQ;QAAKC,SAAS0B,MAAM1B;MAAQ,GAAG0B,KAAAA;IACnF;EACF,CAAA;AACF;AA9CgBQ;AAgDT,SAASc,uBAAuBjF,QAAgBC,SAA2BC,MAA0B;AAC1G,MAAIA,MAAMC,YAAY,OAAO;AAC3BC,YAAQC,IAAI,sDAAsD;AAClE;EACF;AAEA,QAAMC,OAAOJ,MAAMI,QAAQ;AAC3BN,SAAOoE,IAAI9D,UAAME,uCAAUN,MAAMO,QAAAA,GAAW,OAAOG,SAAkBC,aAAAA;AACnE,QAAI;AACF,YAAMqE,cAAc,MAAMjF,QAAQ0B,MAAMwD,kBAAiB;AACzDtE,eAASuE,aAAa;AACtB,aAAOvE,SAAS6C,KAAKwB,WAAAA;IACvB,SAASvB,OAAO;AACd,iBAAO5B,+CAAkBlB,UAAU,KAAK;QAAEmB,QAAQ;QAAKC,SAAS0B,MAAM1B;MAAQ,GAAG0B,KAAAA;IACnF;EACF,CAAA;AACF;AAhBgBsB;;;AG7JhB,IAAAI,kBAA6B;AAC7B,IAAAC,8BAA0D;AAI1D,qBAA4D;AAS5D,gCAAsB;AAEf,IAAMC,oBAAN,MAAMA;EAhBb,OAgBaA;;;EACMC;EACAC;EACAC;EACAC;EACAC;EAEAC,qBAAqB;EACtC,YAAYC,MAAwG;AAClH,UAAM,EAAEC,OAAOC,KAAI,IAAKF;AACxB,SAAKJ,SAASK;AACdE,+DAA0B;MAAED;MAAME,MAAM;QAAC;QAA2B;QAAoB;;IAA2B,CAAA;AACnH,QAAIF,MAAMG,cAAcC,YAAYC,qBAAqB;AACvDJ,iEAA0B;QAAED;QAAME,MAAM;UAAC;UAAsB;;MAA0B,CAAA;IAC3F;AAEA,SAAKP,QAAQK;AACb,SAAKR,WAAWM,KAAKQ,eAAeC;AACpC,SAAKd,UAAUc,eAAAA,QAAQC,OAAM;AAC7B,UAAMC,cAAUC,8BAAaX,KAAAA;AAE7B,UAAMY,WAAWX,MAAMY,kBAAkB;MAAC;MAAa;;AACvDC,YAAQC,IAAI,sCAAsCC,KAAKC,UAAUL,QAAAA,CAAAA,GAAY;AAG7E,QAAIA,SAASM,SAAS,WAAA,GAAc;AAClCC,+CAAyC,KAAKzB,SAASgB,SAAST,MAAMG,cAAcgB,uBAAAA;AACpFC,wCAAkC,KAAK3B,SAASgB,SAAST,MAAMG,cAAckB,gBAAAA;AAC7EC,oDAA8C,KAAK7B,SAASgB,SAAST,MAAMG,cAAcoB,uBAAAA;AACzFC,6BAAuB,KAAK/B,SAASgB,SAAST,MAAMG,cAAcsB,oBAAAA;IACpE;AAGA,QAAId,SAASM,SAAS,MAAA,GAAS;AAC7BS,mCAA6B,KAAKjC,SAASgB,SAAST,MAAMG,cAAcwB,kBAAAA;AACxEC,uCAAiC,KAAKnC,SAASgB,SAAST,MAAMG,cAAc0B,sBAAAA;IAC9E;AACA,SAAKjC,YAAYI,MAAMG,cAAc2B,YAAY;AACjD,SAAKtC,SAASuC,IAAI,KAAKnC,WAAW,KAAKoC,MAAM;AAC7C,SAAKxC,SAASyC,IAAI,eAAejC,MAAMG,cAAc+B,cAAc,IAAA;AACnE,SAAKC,eAAc;EACrB;EAEQA,iBAAiB;AACvBC,UAAM,KAAKvC,kBAAkB,EAC1BwC,KAAK,CAACC,QAAQA,IAAIC,KAAI,CAAA,EACtBF,KAAK,CAACG,YAAAA;AACL,YAAMC,UAAU,GAAG,KAAK7C,SAAS;AACjCiB,cAAQC,IAAI,iCAAiC2B,OAAAA,EAAS;AAEtD,WAAKhD,QAAQsC,IACX,aACA,CAACW,KAAcJ,KAAeK,SAAAA;AAC5B,cAAMC,QAAQ,GAAGH,QAAQI,QAAQ,MAAM,GAAA,CAAA,GAAQA,QAAQ,WAAW,EAAA,EAAIA,QAAQ,gBAAgB,EAAA;AAC9FL,gBAAQM,UAAU;UAAC;YAAEC,KAAK,GAAGL,IAAIM,QAAQ,MAAMN,IAAIO,IAAI,MAAA,CAAA,GAAUL,KAAAA;YAASM,aAAa;UAAc;;AAErGR,YAAIS,aAAaX;AACjBG,aAAAA;MACF,GACAS,0BAAAA,QAAUC,WAAWb,SAASc,OAAAA,GAC9BF,0BAAAA,QAAUG,MAAK,CAAA;IAEnB,CAAA,EACCC,MAAM,CAACC,QAAAA;AACN5C,cAAQC,IAAI,8CAA8C2C,GAAAA,2CAA8C;IAC1G,CAAA;AACF,UAAMH,UAAU,CAEhB;EACF;EACA,IAAI/C,UAAmB;AACrB,WAAO,KAAKf;EACd;EAEA,IAAIwC,SAAiB;AACnB,WAAO,KAAKvC;EACd;EAEA,IAAIM,QAAmD;AACrD,WAAO,KAAKL;EACd;EAEA,IAAIM,OAAyC;AAC3C,WAAO,KAAKL;EACd;AACF;","names":["parseAuthorizationResponse","request","contentType","header","payload","body","JSON","parse","presentation_submission","console","log","vp_token","startsWith","endsWith","CredentialMapper","isJsonLdAsString","Error","verifyAuthResponseSIOPv2Endpoint","router","context","opts","enabled","path","post","checkAuth","endpoint","response","correlationId","definitionId","tenantId","version","params","sendErrorResponse","stringify","definitionItems","agent","pdmGetDefinitions","filter","length","statusCode","statusMessage","send","authorizationResponse","definitionItem","verifiedResponse","siopVerifyAuthResponse","queryId","presentationDefinitions","location","presentationDefinitionLocation","PresentationDefinitionLocation","TOPLEVEL_PRESENTATION_DEF","definition","definitionPayload","dcqlQuery","dcqlPayload","wrappedPresentation","oid4vpSubmission","presentations","presentation","authorizationChallengeValidationResponse","presentation_during_issuance_session","is_first_party","setHeader","responseRedirectURI","siopGetRedirectURI","state","redirect_uri","error","getAuthRequestSIOPv2Endpoint","get","requestState","siopGetAuthRequestState","errorOnNotFound","requestObject","toJwt","e","message","undefined","siopUpdateAuthRequestState","import_did_auth_siop","import_ssi_express_support","validateData","schema","req","res","next","parse","body","error","ZodError","errorMessages","issues","map","issue","message","path","join","status","json","error_details","import_zod","import_did_auth_siop","ResponseTypeSchema","z","enum","ResponseType","VP_TOKEN","ResponseModeSchema","ResponseMode","DIRECT_POST","DIRECT_POST_JWT","RequestUriMethodSchema","Object","values","RequestUriMethod","QRCodeOptsSchema","object","size","number","optional","color_dark","string","color_light","CreateAuthorizationRequestBodySchema","query_id","client_id","request_uri_base","correlation_id","request_uri_method","response_type","response_mode","transaction_data","array","qr_code","direct_post_response_redirect_uri","callback","CallbackOptsSchema","CreateAuthorizationResponseSchema","request_uri","status_uri","qr_uri","createAuthRequestUniversalOID4VPEndpoint","router","context","opts","enabled","console","log","path","post","checkAuth","endpoint","validateData","CreateAuthorizationRequestBodySchema","request","response","correlationId","body","correlation_id","uuid","qrCodeOpts","qr_code","queryId","query_id","directPostResponseRedirectUri","direct_post_response_redirect_uri","requestUriBase","request_uri_base","callback","agent","pdmGetDefinition","itemId","e","sendErrorResponse","status","message","requestByReferenceURI","uriWithBase","baseURI","siopBaseURI","responseURI","authRequestURI","siopCreateAuthRequestURI","nonce","responseURIType","responseRedirectURI","qrCodeDataUri","AwesomeQR","qrCode","text","draw","toString","authRequestBody","request_uri","status_uri","webappAuthStatusPath","webappBaseURI","qr_uri","JSON","stringify","json","error","removeAuthRequestStateUniversalOID4VPEndpoint","delete","params","authRequestState","siopGetAuthRequestState","errorOnNotFound","siopDeleteAuthState","authStatusUniversalOID4VPEndpoint","get","requestState","responseState","siopGetAuthResponseState","overallState","statusBody","last_updated","lastUpdated","AuthorizationResponseStateStatus","VERIFIED","verifiedData","undefined","debug","getDefinitionsEndpoint","definitions","pdmGetDefinitions","statusCode","import_ssi_sdk","import_ssi_express_support","SIOPv2RPApiServer","_express","_router","_agent","_opts","_basePath","OID4VP_SWAGGER_URL","args","agent","opts","copyGlobalAuthToEndpoints","keys","endpointOpts","globalAuth","secureSiopEndpoints","expressSupport","express","Router","context","agentContext","features","enableFeatures","console","log","JSON","stringify","includes","createAuthRequestUniversalOID4VPEndpoint","webappCreateAuthRequest","authStatusUniversalOID4VPEndpoint","webappAuthStatus","removeAuthRequestStateUniversalOID4VPEndpoint","webappDeleteAuthRequest","getDefinitionsEndpoint","webappGetDefinitions","getAuthRequestSIOPv2Endpoint","siopGetAuthRequest","verifyAuthResponseSIOPv2Endpoint","siopVerifyAuthResponse","basePath","use","router","set","trustProxy","setupSwaggerUi","fetch","then","res","json","swagger","apiDocs","req","next","regex","replace","servers","url","protocol","get","description","swaggerDoc","swaggerUi","serveFiles","options","setup","catch","err"]}

package/dist/index.d.cts

@@ -1,3 +1,4 @@
+import * as _sphereon_did_auth_siop from '@sphereon/did-auth-siop';
 import { RequestUriMethod, ResponseType, ResponseMode, PresentationDefinitionLocation } from '@sphereon/did-auth-siop';
 import { ISingleEndpointOpts, GenericAuthArgs, ExpressSupport } from '@sphereon/ssi-express-support';
 import { Request, Response, Router, Express } from 'express';
@@ -34,12 +35,18 @@ declare const CreateAuthorizationRequestBodySchema: z.ZodObject<{
     direct_post_response_redirect_uri: z.ZodOptional<z.ZodString>;
     callback: z.ZodOptional<z.ZodObject<{
         url: z.ZodString;
+        verified_data: z.ZodOptional<z.ZodObject<{
+            modes: z.ZodOptional<z.ZodArray<z.ZodEnum<{
+                authorization_response: _sphereon_did_auth_siop.VerifiedDataMode.AUTHORIZATION_RESPONSE;
+                credential_claims_deserialized: _sphereon_did_auth_siop.VerifiedDataMode.CREDENTIAL_CLAIMS_DESERIALIZED;
+                vp_token: _sphereon_did_auth_siop.VerifiedDataMode.VP_TOKEN;
+            }>>>;
+        }, z.core.$strip>>;
         status: z.ZodOptional<z.ZodArray<z.ZodEnum<{
-            authorization_request_created: "authorization_request_created";
-            authorization_request_retrieved: "authorization_request_retrieved";
-            error: "error";
-            authorization_response_received: "authorization_response_received";
-            authorization_response_verified: "authorization_response_verified";
+            authorization_request_created: _sphereon_did_auth_siop.AuthorizationRequestStateStatus.CREATED;
+            authorization_request_retrieved: _sphereon_did_auth_siop.AuthorizationRequestStateStatus.RETRIEVED;
+            authorization_response_received: _sphereon_did_auth_siop.AuthorizationResponseStateStatus.RECEIVED;
+            authorization_response_verified: _sphereon_did_auth_siop.AuthorizationResponseStateStatus.VERIFIED;
         }>>>;
     }, z.core.$strip>>;
 }, z.core.$strip>;
@@ -298,7 +305,7 @@ type RequestError = {
     message: string;
     error_details?: string;
 };
-interface GetAuthStatusResponse {
+interface AuthStatusResponse {
     status: AuthorizationRequestStateStatus | AuthorizationResponseStateStatus;
     correlation_id: string;
     query_id: string;
@@ -336,4 +343,4 @@ declare class SIOPv2RPApiServer {
     get opts(): ISIOPv2RPRestAPIOpts | undefined;
 }
 
-export { type ComponentOptions, type CreateAuthorizationRequest, type CreateAuthorizationRequestBody, type CreateAuthorizationRequestResponse, type CreateAuthorizationResponse, type DeleteAuthorizationRequest, type DeleteAuthorizationRequestPathParameters, type GetAuthStatusResponse, type GetAuthorizationRequestStatus, type GetAuthorizationRequestStatusPathParameters, type ICreateAuthRequestWebappEndpointOpts, type IRequiredContext, type IRequiredPlugins, type ISIOPv2RPRestAPIOpts, type QRCodeOpts, type RequestError, SIOPv2RPApiServer, type SiopFeatures, authStatusUniversalOID4VPEndpoint, createAuthRequestUniversalOID4VPEndpoint, getAuthRequestSIOPv2Endpoint, getDefinitionsEndpoint, removeAuthRequestStateUniversalOID4VPEndpoint, verifyAuthResponseSIOPv2Endpoint };
+export { type AuthStatusResponse, type ComponentOptions, type CreateAuthorizationRequest, type CreateAuthorizationRequestBody, type CreateAuthorizationRequestResponse, type CreateAuthorizationResponse, type DeleteAuthorizationRequest, type DeleteAuthorizationRequestPathParameters, type GetAuthorizationRequestStatus, type GetAuthorizationRequestStatusPathParameters, type ICreateAuthRequestWebappEndpointOpts, type IRequiredContext, type IRequiredPlugins, type ISIOPv2RPRestAPIOpts, type QRCodeOpts, type RequestError, SIOPv2RPApiServer, type SiopFeatures, authStatusUniversalOID4VPEndpoint, createAuthRequestUniversalOID4VPEndpoint, getAuthRequestSIOPv2Endpoint, getDefinitionsEndpoint, removeAuthRequestStateUniversalOID4VPEndpoint, verifyAuthResponseSIOPv2Endpoint };

package/dist/index.d.ts

@@ -1,3 +1,4 @@
+import * as _sphereon_did_auth_siop from '@sphereon/did-auth-siop';
 import { RequestUriMethod, ResponseType, ResponseMode, PresentationDefinitionLocation } from '@sphereon/did-auth-siop';
 import { ISingleEndpointOpts, GenericAuthArgs, ExpressSupport } from '@sphereon/ssi-express-support';
 import { Request, Response, Router, Express } from 'express';
@@ -34,12 +35,18 @@ declare const CreateAuthorizationRequestBodySchema: z.ZodObject<{
     direct_post_response_redirect_uri: z.ZodOptional<z.ZodString>;
     callback: z.ZodOptional<z.ZodObject<{
         url: z.ZodString;
+        verified_data: z.ZodOptional<z.ZodObject<{
+            modes: z.ZodOptional<z.ZodArray<z.ZodEnum<{
+                authorization_response: _sphereon_did_auth_siop.VerifiedDataMode.AUTHORIZATION_RESPONSE;
+                credential_claims_deserialized: _sphereon_did_auth_siop.VerifiedDataMode.CREDENTIAL_CLAIMS_DESERIALIZED;
+                vp_token: _sphereon_did_auth_siop.VerifiedDataMode.VP_TOKEN;
+            }>>>;
+        }, z.core.$strip>>;
         status: z.ZodOptional<z.ZodArray<z.ZodEnum<{
-            authorization_request_created: "authorization_request_created";
-            authorization_request_retrieved: "authorization_request_retrieved";
-            error: "error";
-            authorization_response_received: "authorization_response_received";
-            authorization_response_verified: "authorization_response_verified";
+            authorization_request_created: _sphereon_did_auth_siop.AuthorizationRequestStateStatus.CREATED;
+            authorization_request_retrieved: _sphereon_did_auth_siop.AuthorizationRequestStateStatus.RETRIEVED;
+            authorization_response_received: _sphereon_did_auth_siop.AuthorizationResponseStateStatus.RECEIVED;
+            authorization_response_verified: _sphereon_did_auth_siop.AuthorizationResponseStateStatus.VERIFIED;
         }>>>;
     }, z.core.$strip>>;
 }, z.core.$strip>;
@@ -298,7 +305,7 @@ type RequestError = {
     message: string;
     error_details?: string;
 };
-interface GetAuthStatusResponse {
+interface AuthStatusResponse {
     status: AuthorizationRequestStateStatus | AuthorizationResponseStateStatus;
     correlation_id: string;
     query_id: string;
@@ -336,4 +343,4 @@ declare class SIOPv2RPApiServer {
     get opts(): ISIOPv2RPRestAPIOpts | undefined;
 }
 
-export { type ComponentOptions, type CreateAuthorizationRequest, type CreateAuthorizationRequestBody, type CreateAuthorizationRequestResponse, type CreateAuthorizationResponse, type DeleteAuthorizationRequest, type DeleteAuthorizationRequestPathParameters, type GetAuthStatusResponse, type GetAuthorizationRequestStatus, type GetAuthorizationRequestStatusPathParameters, type ICreateAuthRequestWebappEndpointOpts, type IRequiredContext, type IRequiredPlugins, type ISIOPv2RPRestAPIOpts, type QRCodeOpts, type RequestError, SIOPv2RPApiServer, type SiopFeatures, authStatusUniversalOID4VPEndpoint, createAuthRequestUniversalOID4VPEndpoint, getAuthRequestSIOPv2Endpoint, getDefinitionsEndpoint, removeAuthRequestStateUniversalOID4VPEndpoint, verifyAuthResponseSIOPv2Endpoint };
+export { type AuthStatusResponse, type ComponentOptions, type CreateAuthorizationRequest, type CreateAuthorizationRequestBody, type CreateAuthorizationRequestResponse, type CreateAuthorizationResponse, type DeleteAuthorizationRequest, type DeleteAuthorizationRequestPathParameters, type GetAuthorizationRequestStatus, type GetAuthorizationRequestStatusPathParameters, type ICreateAuthRequestWebappEndpointOpts, type IRequiredContext, type IRequiredPlugins, type ISIOPv2RPRestAPIOpts, type QRCodeOpts, type RequestError, SIOPv2RPApiServer, type SiopFeatures, authStatusUniversalOID4VPEndpoint, createAuthRequestUniversalOID4VPEndpoint, getAuthRequestSIOPv2Endpoint, getDefinitionsEndpoint, removeAuthRequestStateUniversalOID4VPEndpoint, verifyAuthResponseSIOPv2Endpoint };

package/dist/index.js

@@ -191,8 +191,7 @@ var validateData = /* @__PURE__ */ __name((schema) => {
 
 // src/schemas/index.ts
 import { z } from "zod";
-import { authorizationRequestStatuses, authorizationResponseStatuses } from "@sphereon/ssi-sdk.siopv2-oid4vp-common";
-import { ResponseMode, ResponseType, RequestUriMethod } from "@sphereon/did-auth-siop";
+import { ResponseMode, ResponseType, RequestUriMethod, CallbackOptsSchema } from "@sphereon/did-auth-siop";
 var ResponseTypeSchema = z.enum([
   ResponseType.VP_TOKEN
 ]);
@@ -200,18 +199,7 @@ var ResponseModeSchema = z.enum([
   ResponseMode.DIRECT_POST,
   ResponseMode.DIRECT_POST_JWT
 ]);
-var RequestUriMethodSchema = z.enum([
-  RequestUriMethod.GET,
-  RequestUriMethod.POST
-]);
-var AuthorizationStatusSchema = z.enum([
-  ...authorizationRequestStatuses,
-  ...authorizationResponseStatuses
-]);
-var CallbackOptsSchema = z.object({
-  url: z.string(),
-  status: z.array(AuthorizationStatusSchema).optional()
-});
+var RequestUriMethodSchema = z.enum(Object.values(RequestUriMethod));
 var QRCodeOptsSchema = z.object({
   size: z.number().optional(),
   color_dark: z.string().optional(),
@@ -252,6 +240,7 @@ function createAuthRequestUniversalOID4VPEndpoint(router, context, opts) {
       const queryId = request.body.query_id;
       const directPostResponseRedirectUri = request.body.direct_post_response_redirect_uri;
       const requestUriBase = request.body.request_uri_base;
+      const callback = request.body.callback;
       try {
         await context.agent.pdmGetDefinition({
           itemId: queryId
@@ -278,7 +267,8 @@ function createAuthRequestUniversalOID4VPEndpoint(router, context, opts) {
         responseURI,
         ...directPostResponseRedirectUri && {
           responseRedirectURI: directPostResponseRedirectUri
-        }
+        },
+        callback
       });
       let qrCodeDataUri;
       if (qrCodeOpts) {

package/dist/index.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../src/siop-api-functions.ts","../src/universal-oid4vp-api-functions.ts","../src/middleware/validationMiddleware.ts","../src/schemas/index.ts","../src/siopv2-rp-api-server.ts"],"sourcesContent":["import { AuthorizationResponsePayload, PresentationDefinitionLocation } from '@sphereon/did-auth-siop'\nimport { checkAuth, ISingleEndpointOpts, sendErrorResponse } from '@sphereon/ssi-express-support'\nimport { CredentialMapper } from '@sphereon/ssi-types'\nimport { AuthorizationChallengeValidationResponse } from '@sphereon/ssi-sdk.siopv2-oid4vp-common'\nimport { Request, Response, Router } from 'express'\nimport { IRequiredContext } from './types'\n\nconst parseAuthorizationResponse = (request: Request): AuthorizationResponsePayload => {\n  const contentType = request.header('content-type')\n\n  if (contentType === 'application/json') {\n    const payload = typeof request.body === 'string' ? JSON.parse(request.body) : request.body\n    return payload as AuthorizationResponsePayload\n  }\n\n  if (contentType === 'application/x-www-form-urlencoded') {\n    const payload = request.body as AuthorizationResponsePayload\n\n    // Parse presentation_submission if it's a string\n    if (typeof payload.presentation_submission === 'string') {\n      console.log(`Supplied presentation_submission was a string instead of JSON. Correcting, but external party should fix their implementation!`)\n      payload.presentation_submission = JSON.parse(payload.presentation_submission)\n    }\n\n    // when using FORM_URL_ENCODED, vp_token comes back as string not matter whether the input was string, object or array. Handled below.\n    if (typeof payload.vp_token === 'string') {\n      const { vp_token } = payload\n\n      // The only use case where vp_object is an object is JsonLdAsString atm. For arrays, any objects will be parsed along with the array\n      // (Leaving the vp_token JsonLdAsString causes problems because the original credential will remain string and will be interpreted as JWT in some parts of the code)\n      if ((vp_token.startsWith('[') && vp_token.endsWith(']')) || CredentialMapper.isJsonLdAsString(vp_token)) {\n        payload.vp_token = JSON.parse(vp_token)\n      }\n    }\n\n    return payload\n  }\n\n  throw new Error(\n    `Unsupported content type: ${contentType}. Currently only application/x-www-form-urlencoded and application/json (for direct_post) are supported`,\n  )\n}\n\nexport function verifyAuthResponseSIOPv2Endpoint(\n  router: Router,\n  context: IRequiredContext,\n  opts?: ISingleEndpointOpts & { presentationDefinitionLocation?: PresentationDefinitionLocation },\n) {\n  if (opts?.enabled === false) {\n    console.log(`verifyAuthResponse SIOP endpoint is disabled`)\n    return\n  }\n  const path = opts?.path ?? '/siop/definitions/:definitionId/auth-responses/:correlationId'\n  router.post(path, checkAuth(opts?.endpoint), async (request: Request, response: Response) => {\n    try {\n      const { correlationId, definitionId, tenantId, version } = request.params\n      if (!correlationId || !definitionId) {\n        console.log(`No authorization request could be found for the given url. correlationId: ${correlationId}, definitionId: ${definitionId}`)\n        return sendErrorResponse(response, 404, 'No authorization request could be found')\n      }\n      console.log('Authorization Response (siop-sessions')\n      console.log(JSON.stringify(request.body, null, 2))\n      const definitionItems = await context.agent.pdmGetDefinitions({ filter: [{ definitionId, tenantId, version }] })\n      if (definitionItems.length === 0) {\n        console.log(`Could not get definition ${definitionId} from agent. Will return 404`)\n        response.statusCode = 404\n        response.statusMessage = `No definition ${definitionId}`\n        return response.send()\n      }\n\n      const authorizationResponse = parseAuthorizationResponse(request)\n      console.log(`URI: ${JSON.stringify(authorizationResponse)}`)\n\n      const definitionItem = definitionItems[0]\n      const verifiedResponse = await context.agent.siopVerifyAuthResponse({\n        authorizationResponse,\n        correlationId,\n        queryId: definitionId,\n        presentationDefinitions: [\n          {\n            location: opts?.presentationDefinitionLocation ?? PresentationDefinitionLocation.TOPLEVEL_PRESENTATION_DEF,\n            definition: definitionItem.definitionPayload,\n          },\n        ],\n        dcqlQuery: definitionItem.dcqlPayload,\n      })\n\n      const wrappedPresentation = verifiedResponse?.oid4vpSubmission?.presentations[0]\n      if (wrappedPresentation) {\n        // const credentialSubject = wrappedPresentation.presentation.verifiableCredential[0]?.credential?.credentialSubject\n        // console.log(JSON.stringify(credentialSubject, null, 2))\n        console.log('PRESENTATION:' + JSON.stringify(wrappedPresentation.presentation, null, 2))\n        response.statusCode = 200\n\n        const authorizationChallengeValidationResponse: AuthorizationChallengeValidationResponse = {\n          presentation_during_issuance_session: verifiedResponse.correlationId,\n        }\n        if (authorizationResponse.is_first_party) {\n          response.setHeader('Content-Type', 'application/json')\n          return response.send(JSON.stringify(authorizationChallengeValidationResponse))\n        }\n\n        const responseRedirectURI = await context.agent.siopGetRedirectURI({ correlationId, queryId: definitionId, state: verifiedResponse.state })\n        if (responseRedirectURI) {\n          response.setHeader('Content-Type', 'application/json')\n          return response.send(JSON.stringify({ redirect_uri: responseRedirectURI }))\n        }\n        // todo: delete session\n      } else {\n        console.log('Missing Presentation (Verifiable Credentials)')\n        response.statusCode = 500\n        response.statusMessage = 'Missing Presentation (Verifiable Credentials)'\n      }\n      return response.send()\n    } catch (error) {\n      console.error(error)\n      return sendErrorResponse(response, 500, 'Could not verify auth status', error)\n    }\n  })\n}\n\nexport function getAuthRequestSIOPv2Endpoint(router: Router, context: IRequiredContext, opts?: ISingleEndpointOpts) {\n  if (opts?.enabled === false) {\n    console.log(`getAuthRequest SIOP endpoint is disabled`)\n    return\n  }\n  const path = opts?.path ?? '/siop/definitions/:definitionId/auth-requests/:correlationId'\n  router.get(path, checkAuth(opts?.endpoint), async (request: Request, response: Response) => {\n    try {\n      const correlationId = request.params.correlationId\n      const definitionId = request.params.definitionId\n      if (!correlationId || !definitionId) {\n        console.log(`No authorization request could be found for the given url. correlationId: ${correlationId}, definitionId: ${definitionId}`)\n        return sendErrorResponse(response, 404, 'No authorization request could be found')\n      }\n      const requestState = await context.agent.siopGetAuthRequestState({\n        correlationId,\n        queryId: definitionId,\n        errorOnNotFound: false,\n      })\n      if (!requestState) {\n        console.log(\n          `No authorization request could be found for the given url in the state manager. correlationId: ${correlationId}, definitionId: ${definitionId}`,\n        )\n        return sendErrorResponse(response, 404, `No authorization request could be found`)\n      }\n      const requestObject = await requestState.request?.requestObject?.toJwt()\n      console.log('JWT Request object:')\n      console.log(requestObject)\n\n      let error: string | undefined\n      try {\n        response.statusCode = 200\n        response.setHeader('Content-Type', 'application/jwt')\n        return response.send(requestObject)\n      } catch (e) {\n        error = typeof e === 'string' ? e : e instanceof Error ? e.message : undefined\n        return sendErrorResponse(response, 500, 'Could not get authorization request', e)\n      } finally {\n        await context.agent.siopUpdateAuthRequestState({\n          correlationId,\n          queryId: definitionId,\n          state: 'authorization_request_created',\n          error,\n        })\n      }\n    } catch (error) {\n      return sendErrorResponse(response, 500, 'Could not get authorization request', error)\n    }\n  })\n}\n","import { AuthorizationResponseStateStatus } from '@sphereon/did-auth-siop'\nimport { checkAuth, ISingleEndpointOpts, sendErrorResponse } from '@sphereon/ssi-express-support'\nimport { uriWithBase } from '@sphereon/ssi-sdk.siopv2-oid4vp-common'\nimport { Request, Response, Router } from 'express'\nimport uuid from 'short-uuid'\nimport { validateData } from './middleware/validationMiddleware'\nimport { CreateAuthorizationRequestBodySchema } from './schemas'\nimport {\n  CreateAuthorizationRequest,\n  CreateAuthorizationRequestResponse,\n  CreateAuthorizationResponse,\n  DeleteAuthorizationRequest,\n  GetAuthorizationRequestStatus,\n  GetAuthStatusResponse,\n  ICreateAuthRequestWebappEndpointOpts,\n  IRequiredContext\n} from './types'\n\nexport function createAuthRequestUniversalOID4VPEndpoint(router: Router, context: IRequiredContext, opts?: ICreateAuthRequestWebappEndpointOpts) {\n  if (opts?.enabled === false) {\n    console.log(`createAuthRequest universal OID4VP endpoint is disabled`)\n    return\n  }\n\n  const path = opts?.path ?? '/backend/auth/requests'\n  router.post(path, checkAuth(opts?.endpoint), validateData(CreateAuthorizationRequestBodySchema), async (request: CreateAuthorizationRequest, response: CreateAuthorizationResponse) => {\n    try {\n      const correlationId = request.body.correlation_id ?? uuid.uuid()\n      const qrCodeOpts = request.body.qr_code ?? opts?.qrCodeOpts\n      const queryId = request.body.query_id\n      const directPostResponseRedirectUri = request.body.direct_post_response_redirect_uri // TODO Uri not URI\n      const requestUriBase = request.body.request_uri_base\n\n      try {\n        await context.agent.pdmGetDefinition({ itemId: queryId })\n      } catch(e) {\n        console.log(`No query could be found for the given id. Query id: ${queryId}`)\n        return sendErrorResponse(response, 404, { status: 404, message: 'No query could be found' })\n      }\n\n      const requestByReferenceURI = uriWithBase(`/siop/definitions/${queryId}/auth-requests/${correlationId}`, {\n        baseURI: requestUriBase ?? opts?.siopBaseURI,\n      })\n      const responseURI = uriWithBase(`/siop/definitions/${queryId}/auth-responses/${correlationId}`, { baseURI: opts?.siopBaseURI })\n\n      const authRequestURI = await context.agent.siopCreateAuthRequestURI({\n        queryId,\n        correlationId,\n        nonce: uuid.uuid(),\n        requestByReferenceURI,\n        responseURIType: 'response_uri',\n        responseURI,\n        ...(directPostResponseRedirectUri && { responseRedirectURI: directPostResponseRedirectUri }),\n      })\n\n      let qrCodeDataUri: string | undefined\n      if (qrCodeOpts) {\n        const { AwesomeQR } = await import('awesome-qr')\n        const qrCode = new AwesomeQR({ ...qrCodeOpts, text: authRequestURI })\n        qrCodeDataUri = `data:image/png;base64,${(await qrCode.draw())!.toString('base64')}`\n      }\n\n      const authRequestBody = {\n        query_id: queryId,\n        correlation_id: correlationId,\n        request_uri: authRequestURI,\n        status_uri: `${uriWithBase(opts?.webappAuthStatusPath ?? `/backend/auth/status/${correlationId}`, { baseURI: opts?.webappBaseURI })}`,\n        ...(qrCodeDataUri && { qr_uri: qrCodeDataUri }),\n      } satisfies CreateAuthorizationRequestResponse\n      console.log(`Auth Request URI data to send back: ${JSON.stringify(authRequestBody)}`)\n\n      return response.status(201).json(authRequestBody)\n    } catch (error) {\n      return sendErrorResponse(response, 500, { status: 500, message: 'Could not create an authorization request URI' }, error)\n    }\n  })\n}\n\nexport function removeAuthRequestStateUniversalOID4VPEndpoint(router: Router, context: IRequiredContext, opts?: ISingleEndpointOpts) {\n  if (opts?.enabled === false) {\n    console.log(`removeAuthStatus universal OID4VP endpoint is disabled`)\n    return\n  }\n\n  const path = opts?.path ?? '/backend/auth/requests/:correlationId'\n  router.delete(path, checkAuth(opts?.endpoint), async (request: DeleteAuthorizationRequest, response: Response) => {\n    try {\n      const correlationId: string = request.params.correlationId\n\n      const authRequestState = await context.agent.siopGetAuthRequestState({\n        correlationId,\n        errorOnNotFound: false\n      })\n      if (!authRequestState) {\n        console.log(`No authorization request could be found for the given correlationId. correlationId: ${correlationId}`)\n        return sendErrorResponse(response, 404, { status: 404, message: 'No authorization request could be found' })\n      }\n\n      await context.agent.siopDeleteAuthState({ correlationId })\n\n      return response.status(204).json()\n    } catch (error) {\n      return sendErrorResponse(response, 500, { status: 500, message: error.message }, error)\n    }\n  })\n}\n\nexport function authStatusUniversalOID4VPEndpoint(router: Router, context: IRequiredContext, opts?: ISingleEndpointOpts) {\n  if (opts?.enabled === false) {\n    console.log(`authStatus universal OID4VP endpoint is disabled`)\n    return\n  }\n\n  const path = opts?.path ?? '/backend/auth/status/:correlationId'\n  router.get(path, checkAuth(opts?.endpoint), async (request: GetAuthorizationRequestStatus, response: Response) => {\n    try {\n      console.log('Received auth-status request...')\n      const correlationId: string = request.params.correlationId\n\n      const requestState = await context.agent.siopGetAuthRequestState({\n        correlationId,\n        errorOnNotFound: false\n      })\n\n      if (!requestState) {\n        console.log(`No authorization request could be found for the given correlationId. correlationId: ${correlationId}`)\n        return sendErrorResponse(response, 404, { status: 404, message: 'No authorization request could be found' })\n      }\n\n      let responseState\n      if (requestState.status === 'authorization_request_created') {\n        responseState = (await context.agent.siopGetAuthResponseState({ correlationId, errorOnNotFound: false }))\n      }\n      const overallState = responseState ?? requestState\n\n      const statusBody = {\n        status: overallState.status,\n        correlation_id: overallState.correlationId,\n        query_id: overallState.queryId,\n        last_updated: overallState.lastUpdated,\n        ...((responseState?.status === AuthorizationResponseStateStatus.VERIFIED && responseState.verifiedData !== undefined) && { verifiedData: responseState.verifiedData }),\n        ...(overallState.error && { message: overallState.error.message })\n      } satisfies GetAuthStatusResponse\n      console.debug(`Will send auth status: ${JSON.stringify(statusBody)}`)\n\n      if (overallState.status === 'error') {\n        return response.status(500).json(statusBody)\n      }\n      return response.status(200).json(statusBody)\n    } catch (error) {\n      return sendErrorResponse(response, 500, { status: 500, message: error.message }, error)\n    }\n  })\n}\n\nexport function getDefinitionsEndpoint(router: Router, context: IRequiredContext, opts?: ISingleEndpointOpts) {\n  if (opts?.enabled === false) {\n    console.log(`getDefinitions universal OID4VP endpoint is disabled`)\n    return\n  }\n\n  const path = opts?.path ?? '/backend/definitions'\n  router.get(path, checkAuth(opts?.endpoint), async (request: Request, response: Response) => {\n    try {\n      const definitions = await context.agent.pdmGetDefinitions()\n      response.statusCode = 200\n      return response.json(definitions)\n    } catch (error) {\n      return sendErrorResponse(response, 500, { status: 500, message: error.message }, error)\n    }\n  })\n}\n","import { Request, Response, NextFunction } from 'express';\nimport { z, ZodError } from 'zod';\n\nexport const validateData = (schema: z.ZodObject<any, any>) => {\n  return (req: Request, res: Response, next: NextFunction) => {\n    try {\n      schema.parse(req.body);\n      next();\n    } catch (error) {\n      if (error instanceof ZodError) {\n        const errorMessages = error.issues.map((issue: any) => ({\n          message: `${issue.path.join('.')} is ${issue.message}`,\n        }))\n        res.status(400).json({ status: 400, message: 'Invalid data', error_details: errorMessages[0].message });\n      } else {\n        res.status(500).json({ status: 500, message: 'Internal Server Error' });\n      }\n    }\n  };\n}\n","import { z } from 'zod';\nimport {\n  authorizationRequestStatuses,\n  authorizationResponseStatuses\n} from '@sphereon/ssi-sdk.siopv2-oid4vp-common'\nimport { ResponseMode, ResponseType, RequestUriMethod } from '@sphereon/did-auth-siop'\n\nexport const ResponseTypeSchema = z.enum([ResponseType.VP_TOKEN]);\n\nexport const ResponseModeSchema = z.enum([ResponseMode.DIRECT_POST, ResponseMode.DIRECT_POST_JWT]);\n\nexport const RequestUriMethodSchema = z.enum([RequestUriMethod.GET, RequestUriMethod.POST]);\n\nexport const AuthorizationStatusSchema = z.enum([\n  ...authorizationRequestStatuses,\n  ...authorizationResponseStatuses\n]);\n\nexport const CallbackOptsSchema = z.object({\n  url: z.string(),\n  status: z.array(AuthorizationStatusSchema).optional(),\n});\n\nexport const QRCodeOptsSchema = z.object({\n  size: z.number().optional(),\n  color_dark: z.string().optional(),\n  color_light: z.string().optional(),\n});\n\nexport const CreateAuthorizationRequestBodySchema = z.object({\n  query_id: z.string(),\n  client_id: z.string().optional(),\n  request_uri_base: z.string().optional(),\n  correlation_id: z.string().optional(),\n  request_uri_method: RequestUriMethodSchema.optional(),\n  response_type: ResponseTypeSchema.optional(),\n  response_mode: ResponseModeSchema.optional(),\n  transaction_data: z.array(z.string()).optional(),\n  qr_code: QRCodeOptsSchema.optional(),\n  direct_post_response_redirect_uri: z.string().optional(),\n  callback: CallbackOptsSchema.optional(),\n});\n\nexport const CreateAuthorizationResponseSchema = z.object({\n  correlation_id: z.string(),\n  query_id: z.string(),\n  request_uri: z.string(),\n  status_uri: z.string(),\n  qr_uri: z.string().optional(),\n});\n","import { agentContext } from '@sphereon/ssi-sdk.core'\nimport { copyGlobalAuthToEndpoints, ExpressSupport } from '@sphereon/ssi-express-support'\nimport { IPresentationExchange } from '@sphereon/ssi-sdk.presentation-exchange'\nimport { ISIOPv2RP } from '@sphereon/ssi-sdk.siopv2-oid4vp-rp-auth'\nimport { TAgent } from '@veramo/core'\nimport express, { Express, Request, Response, Router } from 'express'\nimport { getAuthRequestSIOPv2Endpoint, verifyAuthResponseSIOPv2Endpoint } from './siop-api-functions'\nimport { IRequiredPlugins, ISIOPv2RPRestAPIOpts } from './types'\nimport {\n  authStatusUniversalOID4VPEndpoint,\n  createAuthRequestUniversalOID4VPEndpoint,\n  getDefinitionsEndpoint,\n  removeAuthRequestStateUniversalOID4VPEndpoint,\n} from './universal-oid4vp-api-functions'\nimport swaggerUi from 'swagger-ui-express'\n\nexport class SIOPv2RPApiServer {\n  private readonly _express: Express\n  private readonly _router: Router\n  private readonly _agent: TAgent<IPresentationExchange & ISIOPv2RP>\n  private readonly _opts?: ISIOPv2RPRestAPIOpts\n  private readonly _basePath: string\n\n  private readonly OID4VP_SWAGGER_URL = 'https://api.swaggerhub.com/apis/SphereonInt/OID4VP/0.1.0'\n  constructor(args: { agent: TAgent<IRequiredPlugins>; expressSupport: ExpressSupport; opts?: ISIOPv2RPRestAPIOpts }) {\n    const { agent, opts } = args\n    this._agent = agent\n    copyGlobalAuthToEndpoints({ opts, keys: ['webappCreateAuthRequest', 'webappAuthStatus', 'webappDeleteAuthRequest'] })\n    if (opts?.endpointOpts?.globalAuth?.secureSiopEndpoints) {\n      copyGlobalAuthToEndpoints({ opts, keys: ['siopGetAuthRequest', 'siopVerifyAuthResponse'] })\n    }\n\n    this._opts = opts\n    this._express = args.expressSupport.express\n    this._router = express.Router()\n    const context = agentContext(agent)\n\n    const features = opts?.enableFeatures ?? ['rp-status', 'siop']\n    console.log(`SIOPv2 API enabled, with features: ${JSON.stringify(features)}}`)\n\n    // Webapp endpoints\n    if (features.includes('rp-status')) {\n      createAuthRequestUniversalOID4VPEndpoint(this._router, context, opts?.endpointOpts?.webappCreateAuthRequest)\n      authStatusUniversalOID4VPEndpoint(this._router, context, opts?.endpointOpts?.webappAuthStatus)\n      removeAuthRequestStateUniversalOID4VPEndpoint(this._router, context, opts?.endpointOpts?.webappDeleteAuthRequest)\n      getDefinitionsEndpoint(this._router, context, opts?.endpointOpts?.webappGetDefinitions)\n    }\n\n    // SIOPv2 endpoints\n    if (features.includes('siop')) {\n      getAuthRequestSIOPv2Endpoint(this._router, context, opts?.endpointOpts?.siopGetAuthRequest)\n      verifyAuthResponseSIOPv2Endpoint(this._router, context, opts?.endpointOpts?.siopVerifyAuthResponse)\n    }\n    this._basePath = opts?.endpointOpts?.basePath ?? ''\n    this._express.use(this._basePath, this.router)\n    this._express.set('trust proxy', opts?.endpointOpts?.trustProxy ?? true)\n    this.setupSwaggerUi()\n  }\n\n  private setupSwaggerUi() {\n    fetch(this.OID4VP_SWAGGER_URL)\n      .then((res) => res.json())\n      .then((swagger: any) => {\n        const apiDocs = `${this._basePath}/api-docs`\n        console.log(`[OID4P] API docs available at ${apiDocs}`)\n\n        this._router.use(\n          '/api-docs',\n          (req: Request, res: Response, next: any) => {\n            const regex = `${apiDocs.replace(/\\//, '\\/')}`.replace('/oid4vp', '').replace(/\\/api-docs.*/, '')\n            swagger.servers = [{ url: `${req.protocol}://${req.get('host')}${regex}`, description: 'This server' }]\n            // @ts-ignore\n            req.swaggerDoc = swagger\n            next()\n          },\n          swaggerUi.serveFiles(swagger, options),\n          swaggerUi.setup(),\n        )\n      })\n      .catch((err) => {\n        console.log(`[OID4VP] Unable to fetch swagger document: ${err}. Will not host api-docs on this instance`)\n      })\n    const options = {\n      // customCss: '.swagger-ui .topbar { display: none }',\n    }\n  }\n  get express(): Express {\n    return this._express\n  }\n\n  get router(): Router {\n    return this._router\n  }\n\n  get agent(): TAgent<IPresentationExchange & ISIOPv2RP> {\n    return this._agent\n  }\n\n  get opts(): ISIOPv2RPRestAPIOpts | undefined {\n    return this._opts\n  }\n}\n"],"mappings":";;;;AAAA,SAAuCA,sCAAsC;AAC7E,SAASC,WAAgCC,yBAAyB;AAClE,SAASC,wBAAwB;AAKjC,IAAMC,6BAA6B,wBAACC,YAAAA;AAClC,QAAMC,cAAcD,QAAQE,OAAO,cAAA;AAEnC,MAAID,gBAAgB,oBAAoB;AACtC,UAAME,UAAU,OAAOH,QAAQI,SAAS,WAAWC,KAAKC,MAAMN,QAAQI,IAAI,IAAIJ,QAAQI;AACtF,WAAOD;EACT;AAEA,MAAIF,gBAAgB,qCAAqC;AACvD,UAAME,UAAUH,QAAQI;AAGxB,QAAI,OAAOD,QAAQI,4BAA4B,UAAU;AACvDC,cAAQC,IAAI,gIAAgI;AAC5IN,cAAQI,0BAA0BF,KAAKC,MAAMH,QAAQI,uBAAuB;IAC9E;AAGA,QAAI,OAAOJ,QAAQO,aAAa,UAAU;AACxC,YAAM,EAAEA,SAAQ,IAAKP;AAIrB,UAAKO,SAASC,WAAW,GAAA,KAAQD,SAASE,SAAS,GAAA,KAASC,iBAAiBC,iBAAiBJ,QAAAA,GAAW;AACvGP,gBAAQO,WAAWL,KAAKC,MAAMI,QAAAA;MAChC;IACF;AAEA,WAAOP;EACT;AAEA,QAAM,IAAIY,MACR,6BAA6Bd,WAAAA,yGAAoH;AAErJ,GAlCmC;AAoC5B,SAASe,iCACdC,QACAC,SACAC,MAAgG;AAEhG,MAAIA,MAAMC,YAAY,OAAO;AAC3BZ,YAAQC,IAAI,8CAA8C;AAC1D;EACF;AACA,QAAMY,OAAOF,MAAME,QAAQ;AAC3BJ,SAAOK,KAAKD,MAAME,UAAUJ,MAAMK,QAAAA,GAAW,OAAOxB,SAAkByB,aAAAA;AACpE,QAAI;AACF,YAAM,EAAEC,eAAeC,cAAcC,UAAUC,QAAO,IAAK7B,QAAQ8B;AACnE,UAAI,CAACJ,iBAAiB,CAACC,cAAc;AACnCnB,gBAAQC,IAAI,6EAA6EiB,aAAAA,mBAAgCC,YAAAA,EAAc;AACvI,eAAOI,kBAAkBN,UAAU,KAAK,yCAAA;MAC1C;AACAjB,cAAQC,IAAI,uCAAA;AACZD,cAAQC,IAAIJ,KAAK2B,UAAUhC,QAAQI,MAAM,MAAM,CAAA,CAAA;AAC/C,YAAM6B,kBAAkB,MAAMf,QAAQgB,MAAMC,kBAAkB;QAAEC,QAAQ;UAAC;YAAET;YAAcC;YAAUC;UAAQ;;MAAG,CAAA;AAC9G,UAAII,gBAAgBI,WAAW,GAAG;AAChC7B,gBAAQC,IAAI,4BAA4BkB,YAAAA,8BAA0C;AAClFF,iBAASa,aAAa;AACtBb,iBAASc,gBAAgB,iBAAiBZ,YAAAA;AAC1C,eAAOF,SAASe,KAAI;MACtB;AAEA,YAAMC,wBAAwB1C,2BAA2BC,OAAAA;AACzDQ,cAAQC,IAAI,QAAQJ,KAAK2B,UAAUS,qBAAAA,CAAAA,EAAwB;AAE3D,YAAMC,iBAAiBT,gBAAgB,CAAA;AACvC,YAAMU,mBAAmB,MAAMzB,QAAQgB,MAAMU,uBAAuB;QAClEH;QACAf;QACAmB,SAASlB;QACTmB,yBAAyB;UACvB;YACEC,UAAU5B,MAAM6B,kCAAkCC,+BAA+BC;YACjFC,YAAYT,eAAeU;UAC7B;;QAEFC,WAAWX,eAAeY;MAC5B,CAAA;AAEA,YAAMC,sBAAsBZ,kBAAkBa,kBAAkBC,cAAc,CAAA;AAC9E,UAAIF,qBAAqB;AAGvB/C,gBAAQC,IAAI,kBAAkBJ,KAAK2B,UAAUuB,oBAAoBG,cAAc,MAAM,CAAA,CAAA;AACrFjC,iBAASa,aAAa;AAEtB,cAAMqB,2CAAqF;UACzFC,sCAAsCjB,iBAAiBjB;QACzD;AACA,YAAIe,sBAAsBoB,gBAAgB;AACxCpC,mBAASqC,UAAU,gBAAgB,kBAAA;AACnC,iBAAOrC,SAASe,KAAKnC,KAAK2B,UAAU2B,wCAAAA,CAAAA;QACtC;AAEA,cAAMI,sBAAsB,MAAM7C,QAAQgB,MAAM8B,mBAAmB;UAAEtC;UAAemB,SAASlB;UAAcsC,OAAOtB,iBAAiBsB;QAAM,CAAA;AACzI,YAAIF,qBAAqB;AACvBtC,mBAASqC,UAAU,gBAAgB,kBAAA;AACnC,iBAAOrC,SAASe,KAAKnC,KAAK2B,UAAU;YAAEkC,cAAcH;UAAoB,CAAA,CAAA;QAC1E;MAEF,OAAO;AACLvD,gBAAQC,IAAI,+CAAA;AACZgB,iBAASa,aAAa;AACtBb,iBAASc,gBAAgB;MAC3B;AACA,aAAOd,SAASe,KAAI;IACtB,SAAS2B,OAAO;AACd3D,cAAQ2D,MAAMA,KAAAA;AACd,aAAOpC,kBAAkBN,UAAU,KAAK,gCAAgC0C,KAAAA;IAC1E;EACF,CAAA;AACF;AA5EgBnD;AA8ET,SAASoD,6BAA6BnD,QAAgBC,SAA2BC,MAA0B;AAChH,MAAIA,MAAMC,YAAY,OAAO;AAC3BZ,YAAQC,IAAI,0CAA0C;AACtD;EACF;AACA,QAAMY,OAAOF,MAAME,QAAQ;AAC3BJ,SAAOoD,IAAIhD,MAAME,UAAUJ,MAAMK,QAAAA,GAAW,OAAOxB,SAAkByB,aAAAA;AACnE,QAAI;AACF,YAAMC,gBAAgB1B,QAAQ8B,OAAOJ;AACrC,YAAMC,eAAe3B,QAAQ8B,OAAOH;AACpC,UAAI,CAACD,iBAAiB,CAACC,cAAc;AACnCnB,gBAAQC,IAAI,6EAA6EiB,aAAAA,mBAAgCC,YAAAA,EAAc;AACvI,eAAOI,kBAAkBN,UAAU,KAAK,yCAAA;MAC1C;AACA,YAAM6C,eAAe,MAAMpD,QAAQgB,MAAMqC,wBAAwB;QAC/D7C;QACAmB,SAASlB;QACT6C,iBAAiB;MACnB,CAAA;AACA,UAAI,CAACF,cAAc;AACjB9D,gBAAQC,IACN,kGAAkGiB,aAAAA,mBAAgCC,YAAAA,EAAc;AAElJ,eAAOI,kBAAkBN,UAAU,KAAK,yCAAyC;MACnF;AACA,YAAMgD,gBAAgB,MAAMH,aAAatE,SAASyE,eAAeC,MAAAA;AACjElE,cAAQC,IAAI,qBAAA;AACZD,cAAQC,IAAIgE,aAAAA;AAEZ,UAAIN;AACJ,UAAI;AACF1C,iBAASa,aAAa;AACtBb,iBAASqC,UAAU,gBAAgB,iBAAA;AACnC,eAAOrC,SAASe,KAAKiC,aAAAA;MACvB,SAASE,GAAG;AACVR,gBAAQ,OAAOQ,MAAM,WAAWA,IAAIA,aAAa5D,QAAQ4D,EAAEC,UAAUC;AACrE,eAAO9C,kBAAkBN,UAAU,KAAK,uCAAuCkD,CAAAA;MACjF,UAAA;AACE,cAAMzD,QAAQgB,MAAM4C,2BAA2B;UAC7CpD;UACAmB,SAASlB;UACTsC,OAAO;UACPE;QACF,CAAA;MACF;IACF,SAASA,OAAO;AACd,aAAOpC,kBAAkBN,UAAU,KAAK,uCAAuC0C,KAAAA;IACjF;EACF,CAAA;AACF;AAjDgBC;;;ACzHhB,SAASW,wCAAwC;AACjD,SAASC,aAAAA,YAAgCC,qBAAAA,0BAAyB;AAClE,SAASC,mBAAmB;AAE5B,OAAOC,UAAU;;;ACHjB,SAAYC,gBAAgB;AAErB,IAAMC,eAAe,wBAACC,WAAAA;AAC3B,SAAO,CAACC,KAAcC,KAAeC,SAAAA;AACnC,QAAI;AACFH,aAAOI,MAAMH,IAAII,IAAI;AACrBF,WAAAA;IACF,SAASG,OAAO;AACd,UAAIA,iBAAiBC,UAAU;AAC7B,cAAMC,gBAAgBF,MAAMG,OAAOC,IAAI,CAACC,WAAgB;UACtDC,SAAS,GAAGD,MAAME,KAAKC,KAAK,GAAA,CAAA,OAAWH,MAAMC,OAAO;QACtD,EAAA;AACAV,YAAIa,OAAO,GAAA,EAAKC,KAAK;UAAED,QAAQ;UAAKH,SAAS;UAAgBK,eAAeT,cAAc,CAAA,EAAGI;QAAQ,CAAA;MACvG,OAAO;AACLV,YAAIa,OAAO,GAAA,EAAKC,KAAK;UAAED,QAAQ;UAAKH,SAAS;QAAwB,CAAA;MACvE;IACF;EACF;AACF,GAhB4B;;;ACH5B,SAASM,SAAS;AAClB,SACEC,8BACAC,qCACK;AACP,SAASC,cAAcC,cAAcC,wBAAwB;AAEtD,IAAMC,qBAAqBN,EAAEO,KAAK;EAACH,aAAaI;CAAS;AAEzD,IAAMC,qBAAqBT,EAAEO,KAAK;EAACJ,aAAaO;EAAaP,aAAaQ;CAAgB;AAE1F,IAAMC,yBAAyBZ,EAAEO,KAAK;EAACF,iBAAiBQ;EAAKR,iBAAiBS;CAAK;AAEnF,IAAMC,4BAA4Bf,EAAEO,KAAK;KAC3CN;KACAC;CACJ;AAEM,IAAMc,qBAAqBhB,EAAEiB,OAAO;EACzCC,KAAKlB,EAAEmB,OAAM;EACbC,QAAQpB,EAAEqB,MAAMN,yBAAAA,EAA2BO,SAAQ;AACrD,CAAA;AAEO,IAAMC,mBAAmBvB,EAAEiB,OAAO;EACvCO,MAAMxB,EAAEyB,OAAM,EAAGH,SAAQ;EACzBI,YAAY1B,EAAEmB,OAAM,EAAGG,SAAQ;EAC/BK,aAAa3B,EAAEmB,OAAM,EAAGG,SAAQ;AAClC,CAAA;AAEO,IAAMM,uCAAuC5B,EAAEiB,OAAO;EAC3DY,UAAU7B,EAAEmB,OAAM;EAClBW,WAAW9B,EAAEmB,OAAM,EAAGG,SAAQ;EAC9BS,kBAAkB/B,EAAEmB,OAAM,EAAGG,SAAQ;EACrCU,gBAAgBhC,EAAEmB,OAAM,EAAGG,SAAQ;EACnCW,oBAAoBrB,uBAAuBU,SAAQ;EACnDY,eAAe5B,mBAAmBgB,SAAQ;EAC1Ca,eAAe1B,mBAAmBa,SAAQ;EAC1Cc,kBAAkBpC,EAAEqB,MAAMrB,EAAEmB,OAAM,CAAA,EAAIG,SAAQ;EAC9Ce,SAASd,iBAAiBD,SAAQ;EAClCgB,mCAAmCtC,EAAEmB,OAAM,EAAGG,SAAQ;EACtDiB,UAAUvB,mBAAmBM,SAAQ;AACvC,CAAA;AAEO,IAAMkB,oCAAoCxC,EAAEiB,OAAO;EACxDe,gBAAgBhC,EAAEmB,OAAM;EACxBU,UAAU7B,EAAEmB,OAAM;EAClBsB,aAAazC,EAAEmB,OAAM;EACrBuB,YAAY1C,EAAEmB,OAAM;EACpBwB,QAAQ3C,EAAEmB,OAAM,EAAGG,SAAQ;AAC7B,CAAA;;;AF/BO,SAASsB,yCAAyCC,QAAgBC,SAA2BC,MAA2C;AAC7I,MAAIA,MAAMC,YAAY,OAAO;AAC3BC,YAAQC,IAAI,yDAAyD;AACrE;EACF;AAEA,QAAMC,OAAOJ,MAAMI,QAAQ;AAC3BN,SAAOO,KAAKD,MAAME,WAAUN,MAAMO,QAAAA,GAAWC,aAAaC,oCAAAA,GAAuC,OAAOC,SAAqCC,aAAAA;AAC3I,QAAI;AACF,YAAMC,gBAAgBF,QAAQG,KAAKC,kBAAkBC,KAAKA,KAAI;AAC9D,YAAMC,aAAaN,QAAQG,KAAKI,WAAWjB,MAAMgB;AACjD,YAAME,UAAUR,QAAQG,KAAKM;AAC7B,YAAMC,gCAAgCV,QAAQG,KAAKQ;AACnD,YAAMC,iBAAiBZ,QAAQG,KAAKU;AAEpC,UAAI;AACF,cAAMxB,QAAQyB,MAAMC,iBAAiB;UAAEC,QAAQR;QAAQ,CAAA;MACzD,SAAQS,GAAG;AACTzB,gBAAQC,IAAI,uDAAuDe,OAAAA,EAAS;AAC5E,eAAOU,mBAAkBjB,UAAU,KAAK;UAAEkB,QAAQ;UAAKC,SAAS;QAA0B,CAAA;MAC5F;AAEA,YAAMC,wBAAwBC,YAAY,qBAAqBd,OAAAA,kBAAyBN,aAAAA,IAAiB;QACvGqB,SAASX,kBAAkBtB,MAAMkC;MACnC,CAAA;AACA,YAAMC,cAAcH,YAAY,qBAAqBd,OAAAA,mBAA0BN,aAAAA,IAAiB;QAAEqB,SAASjC,MAAMkC;MAAY,CAAA;AAE7H,YAAME,iBAAiB,MAAMrC,QAAQyB,MAAMa,yBAAyB;QAClEnB;QACAN;QACA0B,OAAOvB,KAAKA,KAAI;QAChBgB;QACAQ,iBAAiB;QACjBJ;QACA,GAAIf,iCAAiC;UAAEoB,qBAAqBpB;QAA8B;MAC5F,CAAA;AAEA,UAAIqB;AACJ,UAAIzB,YAAY;AACd,cAAM,EAAE0B,UAAS,IAAK,MAAM,OAAO,YAAA;AACnC,cAAMC,SAAS,IAAID,UAAU;UAAE,GAAG1B;UAAY4B,MAAMR;QAAe,CAAA;AACnEK,wBAAgB,0BAA0B,MAAME,OAAOE,KAAI,GAAKC,SAAS,QAAA,CAAA;MAC3E;AAEA,YAAMC,kBAAkB;QACtB5B,UAAUD;QACVJ,gBAAgBF;QAChBoC,aAAaZ;QACba,YAAY,GAAGjB,YAAYhC,MAAMkD,wBAAwB,wBAAwBtC,aAAAA,IAAiB;UAAEqB,SAASjC,MAAMmD;QAAc,CAAA,CAAA;QACjI,GAAIV,iBAAiB;UAAEW,QAAQX;QAAc;MAC/C;AACAvC,cAAQC,IAAI,uCAAuCkD,KAAKC,UAAUP,eAAAA,CAAAA,EAAkB;AAEpF,aAAOpC,SAASkB,OAAO,GAAA,EAAK0B,KAAKR,eAAAA;IACnC,SAASS,OAAO;AACd,aAAO5B,mBAAkBjB,UAAU,KAAK;QAAEkB,QAAQ;QAAKC,SAAS;MAAgD,GAAG0B,KAAAA;IACrH;EACF,CAAA;AACF;AA1DgB3D;AA4DT,SAAS4D,8CAA8C3D,QAAgBC,SAA2BC,MAA0B;AACjI,MAAIA,MAAMC,YAAY,OAAO;AAC3BC,YAAQC,IAAI,wDAAwD;AACpE;EACF;AAEA,QAAMC,OAAOJ,MAAMI,QAAQ;AAC3BN,SAAO4D,OAAOtD,MAAME,WAAUN,MAAMO,QAAAA,GAAW,OAAOG,SAAqCC,aAAAA;AACzF,QAAI;AACF,YAAMC,gBAAwBF,QAAQiD,OAAO/C;AAE7C,YAAMgD,mBAAmB,MAAM7D,QAAQyB,MAAMqC,wBAAwB;QACnEjD;QACAkD,iBAAiB;MACnB,CAAA;AACA,UAAI,CAACF,kBAAkB;AACrB1D,gBAAQC,IAAI,uFAAuFS,aAAAA,EAAe;AAClH,eAAOgB,mBAAkBjB,UAAU,KAAK;UAAEkB,QAAQ;UAAKC,SAAS;QAA0C,CAAA;MAC5G;AAEA,YAAM/B,QAAQyB,MAAMuC,oBAAoB;QAAEnD;MAAc,CAAA;AAExD,aAAOD,SAASkB,OAAO,GAAA,EAAK0B,KAAI;IAClC,SAASC,OAAO;AACd,aAAO5B,mBAAkBjB,UAAU,KAAK;QAAEkB,QAAQ;QAAKC,SAAS0B,MAAM1B;MAAQ,GAAG0B,KAAAA;IACnF;EACF,CAAA;AACF;AA3BgBC;AA6BT,SAASO,kCAAkClE,QAAgBC,SAA2BC,MAA0B;AACrH,MAAIA,MAAMC,YAAY,OAAO;AAC3BC,YAAQC,IAAI,kDAAkD;AAC9D;EACF;AAEA,QAAMC,OAAOJ,MAAMI,QAAQ;AAC3BN,SAAOmE,IAAI7D,MAAME,WAAUN,MAAMO,QAAAA,GAAW,OAAOG,SAAwCC,aAAAA;AACzF,QAAI;AACFT,cAAQC,IAAI,iCAAA;AACZ,YAAMS,gBAAwBF,QAAQiD,OAAO/C;AAE7C,YAAMsD,eAAe,MAAMnE,QAAQyB,MAAMqC,wBAAwB;QAC/DjD;QACAkD,iBAAiB;MACnB,CAAA;AAEA,UAAI,CAACI,cAAc;AACjBhE,gBAAQC,IAAI,uFAAuFS,aAAAA,EAAe;AAClH,eAAOgB,mBAAkBjB,UAAU,KAAK;UAAEkB,QAAQ;UAAKC,SAAS;QAA0C,CAAA;MAC5G;AAEA,UAAIqC;AACJ,UAAID,aAAarC,WAAW,iCAAiC;AAC3DsC,wBAAiB,MAAMpE,QAAQyB,MAAM4C,yBAAyB;UAAExD;UAAekD,iBAAiB;QAAM,CAAA;MACxG;AACA,YAAMO,eAAeF,iBAAiBD;AAEtC,YAAMI,aAAa;QACjBzC,QAAQwC,aAAaxC;QACrBf,gBAAgBuD,aAAazD;QAC7BO,UAAUkD,aAAanD;QACvBqD,cAAcF,aAAaG;QAC3B,GAAKL,eAAetC,WAAW4C,iCAAiCC,YAAYP,cAAcQ,iBAAiBC,UAAc;UAAED,cAAcR,cAAcQ;QAAa;QACpK,GAAIN,aAAab,SAAS;UAAE1B,SAASuC,aAAab,MAAM1B;QAAQ;MAClE;AACA5B,cAAQ2E,MAAM,0BAA0BxB,KAAKC,UAAUgB,UAAAA,CAAAA,EAAa;AAEpE,UAAID,aAAaxC,WAAW,SAAS;AACnC,eAAOlB,SAASkB,OAAO,GAAA,EAAK0B,KAAKe,UAAAA;MACnC;AACA,aAAO3D,SAASkB,OAAO,GAAA,EAAK0B,KAAKe,UAAAA;IACnC,SAASd,OAAO;AACd,aAAO5B,mBAAkBjB,UAAU,KAAK;QAAEkB,QAAQ;QAAKC,SAAS0B,MAAM1B;MAAQ,GAAG0B,KAAAA;IACnF;EACF,CAAA;AACF;AA9CgBQ;AAgDT,SAASc,uBAAuBhF,QAAgBC,SAA2BC,MAA0B;AAC1G,MAAIA,MAAMC,YAAY,OAAO;AAC3BC,YAAQC,IAAI,sDAAsD;AAClE;EACF;AAEA,QAAMC,OAAOJ,MAAMI,QAAQ;AAC3BN,SAAOmE,IAAI7D,MAAME,WAAUN,MAAMO,QAAAA,GAAW,OAAOG,SAAkBC,aAAAA;AACnE,QAAI;AACF,YAAMoE,cAAc,MAAMhF,QAAQyB,MAAMwD,kBAAiB;AACzDrE,eAASsE,aAAa;AACtB,aAAOtE,SAAS4C,KAAKwB,WAAAA;IACvB,SAASvB,OAAO;AACd,aAAO5B,mBAAkBjB,UAAU,KAAK;QAAEkB,QAAQ;QAAKC,SAAS0B,MAAM1B;MAAQ,GAAG0B,KAAAA;IACnF;EACF,CAAA;AACF;AAhBgBsB;;;AG3JhB,SAASI,oBAAoB;AAC7B,SAASC,iCAAiD;AAI1D,OAAOC,aAAqD;AAS5D,OAAOC,eAAe;AAEf,IAAMC,oBAAN,MAAMA;EAhBb,OAgBaA;;;EACMC;EACAC;EACAC;EACAC;EACAC;EAEAC,qBAAqB;EACtC,YAAYC,MAAwG;AAClH,UAAM,EAAEC,OAAOC,KAAI,IAAKF;AACxB,SAAKJ,SAASK;AACdE,8BAA0B;MAAED;MAAME,MAAM;QAAC;QAA2B;QAAoB;;IAA2B,CAAA;AACnH,QAAIF,MAAMG,cAAcC,YAAYC,qBAAqB;AACvDJ,gCAA0B;QAAED;QAAME,MAAM;UAAC;UAAsB;;MAA0B,CAAA;IAC3F;AAEA,SAAKP,QAAQK;AACb,SAAKR,WAAWM,KAAKQ,eAAeC;AACpC,SAAKd,UAAUc,QAAQC,OAAM;AAC7B,UAAMC,UAAUC,aAAaX,KAAAA;AAE7B,UAAMY,WAAWX,MAAMY,kBAAkB;MAAC;MAAa;;AACvDC,YAAQC,IAAI,sCAAsCC,KAAKC,UAAUL,QAAAA,CAAAA,GAAY;AAG7E,QAAIA,SAASM,SAAS,WAAA,GAAc;AAClCC,+CAAyC,KAAKzB,SAASgB,SAAST,MAAMG,cAAcgB,uBAAAA;AACpFC,wCAAkC,KAAK3B,SAASgB,SAAST,MAAMG,cAAckB,gBAAAA;AAC7EC,oDAA8C,KAAK7B,SAASgB,SAAST,MAAMG,cAAcoB,uBAAAA;AACzFC,6BAAuB,KAAK/B,SAASgB,SAAST,MAAMG,cAAcsB,oBAAAA;IACpE;AAGA,QAAId,SAASM,SAAS,MAAA,GAAS;AAC7BS,mCAA6B,KAAKjC,SAASgB,SAAST,MAAMG,cAAcwB,kBAAAA;AACxEC,uCAAiC,KAAKnC,SAASgB,SAAST,MAAMG,cAAc0B,sBAAAA;IAC9E;AACA,SAAKjC,YAAYI,MAAMG,cAAc2B,YAAY;AACjD,SAAKtC,SAASuC,IAAI,KAAKnC,WAAW,KAAKoC,MAAM;AAC7C,SAAKxC,SAASyC,IAAI,eAAejC,MAAMG,cAAc+B,cAAc,IAAA;AACnE,SAAKC,eAAc;EACrB;EAEQA,iBAAiB;AACvBC,UAAM,KAAKvC,kBAAkB,EAC1BwC,KAAK,CAACC,QAAQA,IAAIC,KAAI,CAAA,EACtBF,KAAK,CAACG,YAAAA;AACL,YAAMC,UAAU,GAAG,KAAK7C,SAAS;AACjCiB,cAAQC,IAAI,iCAAiC2B,OAAAA,EAAS;AAEtD,WAAKhD,QAAQsC,IACX,aACA,CAACW,KAAcJ,KAAeK,SAAAA;AAC5B,cAAMC,QAAQ,GAAGH,QAAQI,QAAQ,MAAM,GAAA,CAAA,GAAQA,QAAQ,WAAW,EAAA,EAAIA,QAAQ,gBAAgB,EAAA;AAC9FL,gBAAQM,UAAU;UAAC;YAAEC,KAAK,GAAGL,IAAIM,QAAQ,MAAMN,IAAIO,IAAI,MAAA,CAAA,GAAUL,KAAAA;YAASM,aAAa;UAAc;;AAErGR,YAAIS,aAAaX;AACjBG,aAAAA;MACF,GACAS,UAAUC,WAAWb,SAASc,OAAAA,GAC9BF,UAAUG,MAAK,CAAA;IAEnB,CAAA,EACCC,MAAM,CAACC,QAAAA;AACN5C,cAAQC,IAAI,8CAA8C2C,GAAAA,2CAA8C;IAC1G,CAAA;AACF,UAAMH,UAAU,CAEhB;EACF;EACA,IAAI/C,UAAmB;AACrB,WAAO,KAAKf;EACd;EAEA,IAAIwC,SAAiB;AACnB,WAAO,KAAKvC;EACd;EAEA,IAAIM,QAAmD;AACrD,WAAO,KAAKL;EACd;EAEA,IAAIM,OAAyC;AAC3C,WAAO,KAAKL;EACd;AACF;","names":["PresentationDefinitionLocation","checkAuth","sendErrorResponse","CredentialMapper","parseAuthorizationResponse","request","contentType","header","payload","body","JSON","parse","presentation_submission","console","log","vp_token","startsWith","endsWith","CredentialMapper","isJsonLdAsString","Error","verifyAuthResponseSIOPv2Endpoint","router","context","opts","enabled","path","post","checkAuth","endpoint","response","correlationId","definitionId","tenantId","version","params","sendErrorResponse","stringify","definitionItems","agent","pdmGetDefinitions","filter","length","statusCode","statusMessage","send","authorizationResponse","definitionItem","verifiedResponse","siopVerifyAuthResponse","queryId","presentationDefinitions","location","presentationDefinitionLocation","PresentationDefinitionLocation","TOPLEVEL_PRESENTATION_DEF","definition","definitionPayload","dcqlQuery","dcqlPayload","wrappedPresentation","oid4vpSubmission","presentations","presentation","authorizationChallengeValidationResponse","presentation_during_issuance_session","is_first_party","setHeader","responseRedirectURI","siopGetRedirectURI","state","redirect_uri","error","getAuthRequestSIOPv2Endpoint","get","requestState","siopGetAuthRequestState","errorOnNotFound","requestObject","toJwt","e","message","undefined","siopUpdateAuthRequestState","AuthorizationResponseStateStatus","checkAuth","sendErrorResponse","uriWithBase","uuid","ZodError","validateData","schema","req","res","next","parse","body","error","ZodError","errorMessages","issues","map","issue","message","path","join","status","json","error_details","z","authorizationRequestStatuses","authorizationResponseStatuses","ResponseMode","ResponseType","RequestUriMethod","ResponseTypeSchema","enum","VP_TOKEN","ResponseModeSchema","DIRECT_POST","DIRECT_POST_JWT","RequestUriMethodSchema","GET","POST","AuthorizationStatusSchema","CallbackOptsSchema","object","url","string","status","array","optional","QRCodeOptsSchema","size","number","color_dark","color_light","CreateAuthorizationRequestBodySchema","query_id","client_id","request_uri_base","correlation_id","request_uri_method","response_type","response_mode","transaction_data","qr_code","direct_post_response_redirect_uri","callback","CreateAuthorizationResponseSchema","request_uri","status_uri","qr_uri","createAuthRequestUniversalOID4VPEndpoint","router","context","opts","enabled","console","log","path","post","checkAuth","endpoint","validateData","CreateAuthorizationRequestBodySchema","request","response","correlationId","body","correlation_id","uuid","qrCodeOpts","qr_code","queryId","query_id","directPostResponseRedirectUri","direct_post_response_redirect_uri","requestUriBase","request_uri_base","agent","pdmGetDefinition","itemId","e","sendErrorResponse","status","message","requestByReferenceURI","uriWithBase","baseURI","siopBaseURI","responseURI","authRequestURI","siopCreateAuthRequestURI","nonce","responseURIType","responseRedirectURI","qrCodeDataUri","AwesomeQR","qrCode","text","draw","toString","authRequestBody","request_uri","status_uri","webappAuthStatusPath","webappBaseURI","qr_uri","JSON","stringify","json","error","removeAuthRequestStateUniversalOID4VPEndpoint","delete","params","authRequestState","siopGetAuthRequestState","errorOnNotFound","siopDeleteAuthState","authStatusUniversalOID4VPEndpoint","get","requestState","responseState","siopGetAuthResponseState","overallState","statusBody","last_updated","lastUpdated","AuthorizationResponseStateStatus","VERIFIED","verifiedData","undefined","debug","getDefinitionsEndpoint","definitions","pdmGetDefinitions","statusCode","agentContext","copyGlobalAuthToEndpoints","express","swaggerUi","SIOPv2RPApiServer","_express","_router","_agent","_opts","_basePath","OID4VP_SWAGGER_URL","args","agent","opts","copyGlobalAuthToEndpoints","keys","endpointOpts","globalAuth","secureSiopEndpoints","expressSupport","express","Router","context","agentContext","features","enableFeatures","console","log","JSON","stringify","includes","createAuthRequestUniversalOID4VPEndpoint","webappCreateAuthRequest","authStatusUniversalOID4VPEndpoint","webappAuthStatus","removeAuthRequestStateUniversalOID4VPEndpoint","webappDeleteAuthRequest","getDefinitionsEndpoint","webappGetDefinitions","getAuthRequestSIOPv2Endpoint","siopGetAuthRequest","verifyAuthResponseSIOPv2Endpoint","siopVerifyAuthResponse","basePath","use","router","set","trustProxy","setupSwaggerUi","fetch","then","res","json","swagger","apiDocs","req","next","regex","replace","servers","url","protocol","get","description","swaggerDoc","swaggerUi","serveFiles","options","setup","catch","err"]}
+{"version":3,"sources":["../src/siop-api-functions.ts","../src/universal-oid4vp-api-functions.ts","../src/middleware/validationMiddleware.ts","../src/schemas/index.ts","../src/siopv2-rp-api-server.ts"],"sourcesContent":["import { AuthorizationResponsePayload, PresentationDefinitionLocation } from '@sphereon/did-auth-siop'\nimport { checkAuth, ISingleEndpointOpts, sendErrorResponse } from '@sphereon/ssi-express-support'\nimport { CredentialMapper } from '@sphereon/ssi-types'\nimport { AuthorizationChallengeValidationResponse } from '@sphereon/ssi-sdk.siopv2-oid4vp-common'\nimport { Request, Response, Router } from 'express'\nimport { IRequiredContext } from './types'\n\nconst parseAuthorizationResponse = (request: Request): AuthorizationResponsePayload => {\n  const contentType = request.header('content-type')\n\n  if (contentType === 'application/json') {\n    const payload = typeof request.body === 'string' ? JSON.parse(request.body) : request.body\n    return payload as AuthorizationResponsePayload\n  }\n\n  if (contentType === 'application/x-www-form-urlencoded') {\n    const payload = request.body as AuthorizationResponsePayload\n\n    // Parse presentation_submission if it's a string\n    if (typeof payload.presentation_submission === 'string') {\n      console.log(`Supplied presentation_submission was a string instead of JSON. Correcting, but external party should fix their implementation!`)\n      payload.presentation_submission = JSON.parse(payload.presentation_submission)\n    }\n\n    // when using FORM_URL_ENCODED, vp_token comes back as string not matter whether the input was string, object or array. Handled below.\n    if (typeof payload.vp_token === 'string') {\n      const { vp_token } = payload\n\n      // The only use case where vp_object is an object is JsonLdAsString atm. For arrays, any objects will be parsed along with the array\n      // (Leaving the vp_token JsonLdAsString causes problems because the original credential will remain string and will be interpreted as JWT in some parts of the code)\n      if ((vp_token.startsWith('[') && vp_token.endsWith(']')) || CredentialMapper.isJsonLdAsString(vp_token)) {\n        payload.vp_token = JSON.parse(vp_token)\n      }\n    }\n\n    return payload\n  }\n\n  throw new Error(\n    `Unsupported content type: ${contentType}. Currently only application/x-www-form-urlencoded and application/json (for direct_post) are supported`,\n  )\n}\n\nexport function verifyAuthResponseSIOPv2Endpoint(\n  router: Router,\n  context: IRequiredContext,\n  opts?: ISingleEndpointOpts & { presentationDefinitionLocation?: PresentationDefinitionLocation },\n) {\n  if (opts?.enabled === false) {\n    console.log(`verifyAuthResponse SIOP endpoint is disabled`)\n    return\n  }\n  const path = opts?.path ?? '/siop/definitions/:definitionId/auth-responses/:correlationId'\n  router.post(path, checkAuth(opts?.endpoint), async (request: Request, response: Response) => {\n    try {\n      const { correlationId, definitionId, tenantId, version } = request.params\n      if (!correlationId || !definitionId) {\n        console.log(`No authorization request could be found for the given url. correlationId: ${correlationId}, definitionId: ${definitionId}`)\n        return sendErrorResponse(response, 404, 'No authorization request could be found')\n      }\n      console.log('Authorization Response (siop-sessions')\n      console.log(JSON.stringify(request.body, null, 2))\n      const definitionItems = await context.agent.pdmGetDefinitions({ filter: [{ definitionId, tenantId, version }] })\n      if (definitionItems.length === 0) {\n        console.log(`Could not get definition ${definitionId} from agent. Will return 404`)\n        response.statusCode = 404\n        response.statusMessage = `No definition ${definitionId}`\n        return response.send()\n      }\n\n      const authorizationResponse = parseAuthorizationResponse(request)\n      console.log(`URI: ${JSON.stringify(authorizationResponse)}`)\n\n      const definitionItem = definitionItems[0]\n      const verifiedResponse = await context.agent.siopVerifyAuthResponse({\n        authorizationResponse,\n        correlationId,\n        queryId: definitionId,\n        presentationDefinitions: [\n          {\n            location: opts?.presentationDefinitionLocation ?? PresentationDefinitionLocation.TOPLEVEL_PRESENTATION_DEF,\n            definition: definitionItem.definitionPayload,\n          },\n        ],\n        dcqlQuery: definitionItem.dcqlPayload,\n      })\n\n      const wrappedPresentation = verifiedResponse?.oid4vpSubmission?.presentations[0]\n      if (wrappedPresentation) {\n        // const credentialSubject = wrappedPresentation.presentation.verifiableCredential[0]?.credential?.credentialSubject\n        // console.log(JSON.stringify(credentialSubject, null, 2))\n        console.log('PRESENTATION:' + JSON.stringify(wrappedPresentation.presentation, null, 2))\n        response.statusCode = 200\n\n        const authorizationChallengeValidationResponse: AuthorizationChallengeValidationResponse = {\n          presentation_during_issuance_session: verifiedResponse.correlationId,\n        }\n        if (authorizationResponse.is_first_party) {\n          response.setHeader('Content-Type', 'application/json')\n          return response.send(JSON.stringify(authorizationChallengeValidationResponse))\n        }\n\n        const responseRedirectURI = await context.agent.siopGetRedirectURI({ correlationId, queryId: definitionId, state: verifiedResponse.state })\n        if (responseRedirectURI) {\n          response.setHeader('Content-Type', 'application/json')\n          return response.send(JSON.stringify({ redirect_uri: responseRedirectURI }))\n        }\n        // todo: delete session\n      } else {\n        console.log('Missing Presentation (Verifiable Credentials)')\n        response.statusCode = 500\n        response.statusMessage = 'Missing Presentation (Verifiable Credentials)'\n      }\n      return response.send()\n    } catch (error) {\n      console.error(error)\n      return sendErrorResponse(response, 500, 'Could not verify auth status', error)\n    }\n  })\n}\n\nexport function getAuthRequestSIOPv2Endpoint(router: Router, context: IRequiredContext, opts?: ISingleEndpointOpts) {\n  if (opts?.enabled === false) {\n    console.log(`getAuthRequest SIOP endpoint is disabled`)\n    return\n  }\n  const path = opts?.path ?? '/siop/definitions/:definitionId/auth-requests/:correlationId'\n  router.get(path, checkAuth(opts?.endpoint), async (request: Request, response: Response) => {\n    try {\n      const correlationId = request.params.correlationId\n      const definitionId = request.params.definitionId\n      if (!correlationId || !definitionId) {\n        console.log(`No authorization request could be found for the given url. correlationId: ${correlationId}, definitionId: ${definitionId}`)\n        return sendErrorResponse(response, 404, 'No authorization request could be found')\n      }\n      const requestState = await context.agent.siopGetAuthRequestState({\n        correlationId,\n        queryId: definitionId,\n        errorOnNotFound: false,\n      })\n      if (!requestState) {\n        console.log(\n          `No authorization request could be found for the given url in the state manager. correlationId: ${correlationId}, definitionId: ${definitionId}`,\n        )\n        return sendErrorResponse(response, 404, `No authorization request could be found`)\n      }\n      const requestObject = await requestState.request?.requestObject?.toJwt()\n      console.log('JWT Request object:')\n      console.log(requestObject)\n\n      let error: string | undefined\n      try {\n        response.statusCode = 200\n        response.setHeader('Content-Type', 'application/jwt')\n        return response.send(requestObject)\n      } catch (e) {\n        error = typeof e === 'string' ? e : e instanceof Error ? e.message : undefined\n        return sendErrorResponse(response, 500, 'Could not get authorization request', e)\n      } finally {\n        await context.agent.siopUpdateAuthRequestState({\n          correlationId,\n          queryId: definitionId,\n          state: 'authorization_request_created',\n          error,\n        })\n      }\n    } catch (error) {\n      return sendErrorResponse(response, 500, 'Could not get authorization request', error)\n    }\n  })\n}\n","import { AuthorizationResponseStateStatus } from '@sphereon/did-auth-siop'\nimport { checkAuth, ISingleEndpointOpts, sendErrorResponse } from '@sphereon/ssi-express-support'\nimport { uriWithBase } from '@sphereon/ssi-sdk.siopv2-oid4vp-common'\nimport { Request, Response, Router } from 'express'\nimport uuid from 'short-uuid'\nimport { validateData } from './middleware/validationMiddleware'\nimport { CreateAuthorizationRequestBodySchema } from './schemas'\nimport {\n  CreateAuthorizationRequest,\n  CreateAuthorizationRequestResponse,\n  CreateAuthorizationResponse,\n  DeleteAuthorizationRequest,\n  GetAuthorizationRequestStatus,\n  AuthStatusResponse,\n  ICreateAuthRequestWebappEndpointOpts,\n  IRequiredContext\n} from './types'\n\nexport function createAuthRequestUniversalOID4VPEndpoint(router: Router, context: IRequiredContext, opts?: ICreateAuthRequestWebappEndpointOpts) {\n  if (opts?.enabled === false) {\n    console.log(`createAuthRequest universal OID4VP endpoint is disabled`)\n    return\n  }\n\n  const path = opts?.path ?? '/backend/auth/requests'\n  router.post(path, checkAuth(opts?.endpoint), validateData(CreateAuthorizationRequestBodySchema), async (request: CreateAuthorizationRequest, response: CreateAuthorizationResponse) => {\n    try {\n      const correlationId = request.body.correlation_id ?? uuid.uuid()\n      const qrCodeOpts = request.body.qr_code ?? opts?.qrCodeOpts\n      const queryId = request.body.query_id\n      const directPostResponseRedirectUri = request.body.direct_post_response_redirect_uri // TODO Uri not URI\n      const requestUriBase = request.body.request_uri_base\n      const callback = request.body.callback\n\n      try {\n        await context.agent.pdmGetDefinition({ itemId: queryId })\n      } catch(e) {\n        console.log(`No query could be found for the given id. Query id: ${queryId}`)\n        return sendErrorResponse(response, 404, { status: 404, message: 'No query could be found' })\n      }\n\n      const requestByReferenceURI = uriWithBase(`/siop/definitions/${queryId}/auth-requests/${correlationId}`, {\n        baseURI: requestUriBase ?? opts?.siopBaseURI,\n      })\n      const responseURI = uriWithBase(`/siop/definitions/${queryId}/auth-responses/${correlationId}`, { baseURI: opts?.siopBaseURI })\n\n      const authRequestURI = await context.agent.siopCreateAuthRequestURI({\n        queryId,\n        correlationId,\n        nonce: uuid.uuid(),\n        requestByReferenceURI,\n        responseURIType: 'response_uri',\n        responseURI,\n        ...(directPostResponseRedirectUri && { responseRedirectURI: directPostResponseRedirectUri }),\n        callback\n      })\n\n      let qrCodeDataUri: string | undefined\n      if (qrCodeOpts) {\n        const { AwesomeQR } = await import('awesome-qr')\n        const qrCode = new AwesomeQR({ ...qrCodeOpts, text: authRequestURI })\n        qrCodeDataUri = `data:image/png;base64,${(await qrCode.draw())!.toString('base64')}`\n      }\n\n      const authRequestBody = {\n        query_id: queryId,\n        correlation_id: correlationId,\n        request_uri: authRequestURI,\n        status_uri: `${uriWithBase(opts?.webappAuthStatusPath ?? `/backend/auth/status/${correlationId}`, { baseURI: opts?.webappBaseURI })}`,\n        ...(qrCodeDataUri && { qr_uri: qrCodeDataUri }),\n      } satisfies CreateAuthorizationRequestResponse\n      console.log(`Auth Request URI data to send back: ${JSON.stringify(authRequestBody)}`)\n\n      return response.status(201).json(authRequestBody)\n    } catch (error) {\n      return sendErrorResponse(response, 500, { status: 500, message: 'Could not create an authorization request URI' }, error)\n    }\n  })\n}\n\nexport function removeAuthRequestStateUniversalOID4VPEndpoint(router: Router, context: IRequiredContext, opts?: ISingleEndpointOpts) {\n  if (opts?.enabled === false) {\n    console.log(`removeAuthStatus universal OID4VP endpoint is disabled`)\n    return\n  }\n\n  const path = opts?.path ?? '/backend/auth/requests/:correlationId'\n  router.delete(path, checkAuth(opts?.endpoint), async (request: DeleteAuthorizationRequest, response: Response) => {\n    try {\n      const correlationId: string = request.params.correlationId\n\n      const authRequestState = await context.agent.siopGetAuthRequestState({\n        correlationId,\n        errorOnNotFound: false\n      })\n      if (!authRequestState) {\n        console.log(`No authorization request could be found for the given correlationId. correlationId: ${correlationId}`)\n        return sendErrorResponse(response, 404, { status: 404, message: 'No authorization request could be found' })\n      }\n\n      await context.agent.siopDeleteAuthState({ correlationId })\n\n      return response.status(204).json()\n    } catch (error) {\n      return sendErrorResponse(response, 500, { status: 500, message: error.message }, error)\n    }\n  })\n}\n\nexport function authStatusUniversalOID4VPEndpoint(router: Router, context: IRequiredContext, opts?: ISingleEndpointOpts) {\n  if (opts?.enabled === false) {\n    console.log(`authStatus universal OID4VP endpoint is disabled`)\n    return\n  }\n\n  const path = opts?.path ?? '/backend/auth/status/:correlationId'\n  router.get(path, checkAuth(opts?.endpoint), async (request: GetAuthorizationRequestStatus, response: Response) => {\n    try {\n      console.log('Received auth-status request...')\n      const correlationId: string = request.params.correlationId\n\n      const requestState = await context.agent.siopGetAuthRequestState({\n        correlationId,\n        errorOnNotFound: false\n      })\n\n      if (!requestState) {\n        console.log(`No authorization request could be found for the given correlationId. correlationId: ${correlationId}`)\n        return sendErrorResponse(response, 404, { status: 404, message: 'No authorization request could be found' })\n      }\n\n      let responseState\n      if (requestState.status === 'authorization_request_created') {\n        responseState = (await context.agent.siopGetAuthResponseState({ correlationId, errorOnNotFound: false }))\n      }\n      const overallState = responseState ?? requestState\n\n      const statusBody = {\n        status: overallState.status,\n        correlation_id: overallState.correlationId,\n        query_id: overallState.queryId,\n        last_updated: overallState.lastUpdated,\n        ...((responseState?.status === AuthorizationResponseStateStatus.VERIFIED && responseState.verifiedData !== undefined) && { verifiedData: responseState.verifiedData }),\n        ...(overallState.error && { message: overallState.error.message })\n      } satisfies AuthStatusResponse\n      console.debug(`Will send auth status: ${JSON.stringify(statusBody)}`)\n\n      if (overallState.status === 'error') {\n        return response.status(500).json(statusBody)\n      }\n      return response.status(200).json(statusBody)\n    } catch (error) {\n      return sendErrorResponse(response, 500, { status: 500, message: error.message }, error)\n    }\n  })\n}\n\nexport function getDefinitionsEndpoint(router: Router, context: IRequiredContext, opts?: ISingleEndpointOpts) {\n  if (opts?.enabled === false) {\n    console.log(`getDefinitions universal OID4VP endpoint is disabled`)\n    return\n  }\n\n  const path = opts?.path ?? '/backend/definitions'\n  router.get(path, checkAuth(opts?.endpoint), async (request: Request, response: Response) => {\n    try {\n      const definitions = await context.agent.pdmGetDefinitions()\n      response.statusCode = 200\n      return response.json(definitions)\n    } catch (error) {\n      return sendErrorResponse(response, 500, { status: 500, message: error.message }, error)\n    }\n  })\n}\n","import { Request, Response, NextFunction } from 'express';\nimport { z, ZodError } from 'zod';\n\nexport const validateData = (schema: z.ZodObject<any, any>) => {\n  return (req: Request, res: Response, next: NextFunction) => {\n    try {\n      schema.parse(req.body);\n      next();\n    } catch (error) {\n      if (error instanceof ZodError) {\n        const errorMessages = error.issues.map((issue: any) => ({\n          message: `${issue.path.join('.')} is ${issue.message}`,\n        }))\n        res.status(400).json({ status: 400, message: 'Invalid data', error_details: errorMessages[0].message });\n      } else {\n        res.status(500).json({ status: 500, message: 'Internal Server Error' });\n      }\n    }\n  };\n}\n","import { z } from 'zod'\nimport {\n  ResponseMode,\n  ResponseType,\n  RequestUriMethod,\n  CallbackOptsSchema\n} from '@sphereon/did-auth-siop'\n\nexport const ResponseTypeSchema = z.enum([ResponseType.VP_TOKEN]);\n\nexport const ResponseModeSchema = z.enum([ResponseMode.DIRECT_POST, ResponseMode.DIRECT_POST_JWT]);\n\nexport const RequestUriMethodSchema = z.enum(Object.values(RequestUriMethod));\n\nexport const QRCodeOptsSchema = z.object({\n  size: z.number().optional(),\n  color_dark: z.string().optional(),\n  color_light: z.string().optional(),\n});\n\nexport const CreateAuthorizationRequestBodySchema = z.object({\n  query_id: z.string(),\n  client_id: z.string().optional(),\n  request_uri_base: z.string().optional(),\n  correlation_id: z.string().optional(),\n  request_uri_method: RequestUriMethodSchema.optional(),\n  response_type: ResponseTypeSchema.optional(),\n  response_mode: ResponseModeSchema.optional(),\n  transaction_data: z.array(z.string()).optional(),\n  qr_code: QRCodeOptsSchema.optional(),\n  direct_post_response_redirect_uri: z.string().optional(),\n  callback: CallbackOptsSchema.optional(),\n});\n\nexport const CreateAuthorizationResponseSchema = z.object({\n  correlation_id: z.string(),\n  query_id: z.string(),\n  request_uri: z.string(),\n  status_uri: z.string(),\n  qr_uri: z.string().optional(),\n});\n","import { agentContext } from '@sphereon/ssi-sdk.core'\nimport { copyGlobalAuthToEndpoints, ExpressSupport } from '@sphereon/ssi-express-support'\nimport { IPresentationExchange } from '@sphereon/ssi-sdk.presentation-exchange'\nimport { ISIOPv2RP } from '@sphereon/ssi-sdk.siopv2-oid4vp-rp-auth'\nimport { TAgent } from '@veramo/core'\nimport express, { Express, Request, Response, Router } from 'express'\nimport { getAuthRequestSIOPv2Endpoint, verifyAuthResponseSIOPv2Endpoint } from './siop-api-functions'\nimport { IRequiredPlugins, ISIOPv2RPRestAPIOpts } from './types'\nimport {\n  authStatusUniversalOID4VPEndpoint,\n  createAuthRequestUniversalOID4VPEndpoint,\n  getDefinitionsEndpoint,\n  removeAuthRequestStateUniversalOID4VPEndpoint,\n} from './universal-oid4vp-api-functions'\nimport swaggerUi from 'swagger-ui-express'\n\nexport class SIOPv2RPApiServer {\n  private readonly _express: Express\n  private readonly _router: Router\n  private readonly _agent: TAgent<IPresentationExchange & ISIOPv2RP>\n  private readonly _opts?: ISIOPv2RPRestAPIOpts\n  private readonly _basePath: string\n\n  private readonly OID4VP_SWAGGER_URL = 'https://api.swaggerhub.com/apis/SphereonInt/OID4VP/0.1.0'\n  constructor(args: { agent: TAgent<IRequiredPlugins>; expressSupport: ExpressSupport; opts?: ISIOPv2RPRestAPIOpts }) {\n    const { agent, opts } = args\n    this._agent = agent\n    copyGlobalAuthToEndpoints({ opts, keys: ['webappCreateAuthRequest', 'webappAuthStatus', 'webappDeleteAuthRequest'] })\n    if (opts?.endpointOpts?.globalAuth?.secureSiopEndpoints) {\n      copyGlobalAuthToEndpoints({ opts, keys: ['siopGetAuthRequest', 'siopVerifyAuthResponse'] })\n    }\n\n    this._opts = opts\n    this._express = args.expressSupport.express\n    this._router = express.Router()\n    const context = agentContext(agent)\n\n    const features = opts?.enableFeatures ?? ['rp-status', 'siop']\n    console.log(`SIOPv2 API enabled, with features: ${JSON.stringify(features)}}`)\n\n    // Webapp endpoints\n    if (features.includes('rp-status')) {\n      createAuthRequestUniversalOID4VPEndpoint(this._router, context, opts?.endpointOpts?.webappCreateAuthRequest)\n      authStatusUniversalOID4VPEndpoint(this._router, context, opts?.endpointOpts?.webappAuthStatus)\n      removeAuthRequestStateUniversalOID4VPEndpoint(this._router, context, opts?.endpointOpts?.webappDeleteAuthRequest)\n      getDefinitionsEndpoint(this._router, context, opts?.endpointOpts?.webappGetDefinitions)\n    }\n\n    // SIOPv2 endpoints\n    if (features.includes('siop')) {\n      getAuthRequestSIOPv2Endpoint(this._router, context, opts?.endpointOpts?.siopGetAuthRequest)\n      verifyAuthResponseSIOPv2Endpoint(this._router, context, opts?.endpointOpts?.siopVerifyAuthResponse)\n    }\n    this._basePath = opts?.endpointOpts?.basePath ?? ''\n    this._express.use(this._basePath, this.router)\n    this._express.set('trust proxy', opts?.endpointOpts?.trustProxy ?? true)\n    this.setupSwaggerUi()\n  }\n\n  private setupSwaggerUi() {\n    fetch(this.OID4VP_SWAGGER_URL)\n      .then((res) => res.json())\n      .then((swagger: any) => {\n        const apiDocs = `${this._basePath}/api-docs`\n        console.log(`[OID4P] API docs available at ${apiDocs}`)\n\n        this._router.use(\n          '/api-docs',\n          (req: Request, res: Response, next: any) => {\n            const regex = `${apiDocs.replace(/\\//, '\\/')}`.replace('/oid4vp', '').replace(/\\/api-docs.*/, '')\n            swagger.servers = [{ url: `${req.protocol}://${req.get('host')}${regex}`, description: 'This server' }]\n            // @ts-ignore\n            req.swaggerDoc = swagger\n            next()\n          },\n          swaggerUi.serveFiles(swagger, options),\n          swaggerUi.setup(),\n        )\n      })\n      .catch((err) => {\n        console.log(`[OID4VP] Unable to fetch swagger document: ${err}. Will not host api-docs on this instance`)\n      })\n    const options = {\n      // customCss: '.swagger-ui .topbar { display: none }',\n    }\n  }\n  get express(): Express {\n    return this._express\n  }\n\n  get router(): Router {\n    return this._router\n  }\n\n  get agent(): TAgent<IPresentationExchange & ISIOPv2RP> {\n    return this._agent\n  }\n\n  get opts(): ISIOPv2RPRestAPIOpts | undefined {\n    return this._opts\n  }\n}\n"],"mappings":";;;;AAAA,SAAuCA,sCAAsC;AAC7E,SAASC,WAAgCC,yBAAyB;AAClE,SAASC,wBAAwB;AAKjC,IAAMC,6BAA6B,wBAACC,YAAAA;AAClC,QAAMC,cAAcD,QAAQE,OAAO,cAAA;AAEnC,MAAID,gBAAgB,oBAAoB;AACtC,UAAME,UAAU,OAAOH,QAAQI,SAAS,WAAWC,KAAKC,MAAMN,QAAQI,IAAI,IAAIJ,QAAQI;AACtF,WAAOD;EACT;AAEA,MAAIF,gBAAgB,qCAAqC;AACvD,UAAME,UAAUH,QAAQI;AAGxB,QAAI,OAAOD,QAAQI,4BAA4B,UAAU;AACvDC,cAAQC,IAAI,gIAAgI;AAC5IN,cAAQI,0BAA0BF,KAAKC,MAAMH,QAAQI,uBAAuB;IAC9E;AAGA,QAAI,OAAOJ,QAAQO,aAAa,UAAU;AACxC,YAAM,EAAEA,SAAQ,IAAKP;AAIrB,UAAKO,SAASC,WAAW,GAAA,KAAQD,SAASE,SAAS,GAAA,KAASC,iBAAiBC,iBAAiBJ,QAAAA,GAAW;AACvGP,gBAAQO,WAAWL,KAAKC,MAAMI,QAAAA;MAChC;IACF;AAEA,WAAOP;EACT;AAEA,QAAM,IAAIY,MACR,6BAA6Bd,WAAAA,yGAAoH;AAErJ,GAlCmC;AAoC5B,SAASe,iCACdC,QACAC,SACAC,MAAgG;AAEhG,MAAIA,MAAMC,YAAY,OAAO;AAC3BZ,YAAQC,IAAI,8CAA8C;AAC1D;EACF;AACA,QAAMY,OAAOF,MAAME,QAAQ;AAC3BJ,SAAOK,KAAKD,MAAME,UAAUJ,MAAMK,QAAAA,GAAW,OAAOxB,SAAkByB,aAAAA;AACpE,QAAI;AACF,YAAM,EAAEC,eAAeC,cAAcC,UAAUC,QAAO,IAAK7B,QAAQ8B;AACnE,UAAI,CAACJ,iBAAiB,CAACC,cAAc;AACnCnB,gBAAQC,IAAI,6EAA6EiB,aAAAA,mBAAgCC,YAAAA,EAAc;AACvI,eAAOI,kBAAkBN,UAAU,KAAK,yCAAA;MAC1C;AACAjB,cAAQC,IAAI,uCAAA;AACZD,cAAQC,IAAIJ,KAAK2B,UAAUhC,QAAQI,MAAM,MAAM,CAAA,CAAA;AAC/C,YAAM6B,kBAAkB,MAAMf,QAAQgB,MAAMC,kBAAkB;QAAEC,QAAQ;UAAC;YAAET;YAAcC;YAAUC;UAAQ;;MAAG,CAAA;AAC9G,UAAII,gBAAgBI,WAAW,GAAG;AAChC7B,gBAAQC,IAAI,4BAA4BkB,YAAAA,8BAA0C;AAClFF,iBAASa,aAAa;AACtBb,iBAASc,gBAAgB,iBAAiBZ,YAAAA;AAC1C,eAAOF,SAASe,KAAI;MACtB;AAEA,YAAMC,wBAAwB1C,2BAA2BC,OAAAA;AACzDQ,cAAQC,IAAI,QAAQJ,KAAK2B,UAAUS,qBAAAA,CAAAA,EAAwB;AAE3D,YAAMC,iBAAiBT,gBAAgB,CAAA;AACvC,YAAMU,mBAAmB,MAAMzB,QAAQgB,MAAMU,uBAAuB;QAClEH;QACAf;QACAmB,SAASlB;QACTmB,yBAAyB;UACvB;YACEC,UAAU5B,MAAM6B,kCAAkCC,+BAA+BC;YACjFC,YAAYT,eAAeU;UAC7B;;QAEFC,WAAWX,eAAeY;MAC5B,CAAA;AAEA,YAAMC,sBAAsBZ,kBAAkBa,kBAAkBC,cAAc,CAAA;AAC9E,UAAIF,qBAAqB;AAGvB/C,gBAAQC,IAAI,kBAAkBJ,KAAK2B,UAAUuB,oBAAoBG,cAAc,MAAM,CAAA,CAAA;AACrFjC,iBAASa,aAAa;AAEtB,cAAMqB,2CAAqF;UACzFC,sCAAsCjB,iBAAiBjB;QACzD;AACA,YAAIe,sBAAsBoB,gBAAgB;AACxCpC,mBAASqC,UAAU,gBAAgB,kBAAA;AACnC,iBAAOrC,SAASe,KAAKnC,KAAK2B,UAAU2B,wCAAAA,CAAAA;QACtC;AAEA,cAAMI,sBAAsB,MAAM7C,QAAQgB,MAAM8B,mBAAmB;UAAEtC;UAAemB,SAASlB;UAAcsC,OAAOtB,iBAAiBsB;QAAM,CAAA;AACzI,YAAIF,qBAAqB;AACvBtC,mBAASqC,UAAU,gBAAgB,kBAAA;AACnC,iBAAOrC,SAASe,KAAKnC,KAAK2B,UAAU;YAAEkC,cAAcH;UAAoB,CAAA,CAAA;QAC1E;MAEF,OAAO;AACLvD,gBAAQC,IAAI,+CAAA;AACZgB,iBAASa,aAAa;AACtBb,iBAASc,gBAAgB;MAC3B;AACA,aAAOd,SAASe,KAAI;IACtB,SAAS2B,OAAO;AACd3D,cAAQ2D,MAAMA,KAAAA;AACd,aAAOpC,kBAAkBN,UAAU,KAAK,gCAAgC0C,KAAAA;IAC1E;EACF,CAAA;AACF;AA5EgBnD;AA8ET,SAASoD,6BAA6BnD,QAAgBC,SAA2BC,MAA0B;AAChH,MAAIA,MAAMC,YAAY,OAAO;AAC3BZ,YAAQC,IAAI,0CAA0C;AACtD;EACF;AACA,QAAMY,OAAOF,MAAME,QAAQ;AAC3BJ,SAAOoD,IAAIhD,MAAME,UAAUJ,MAAMK,QAAAA,GAAW,OAAOxB,SAAkByB,aAAAA;AACnE,QAAI;AACF,YAAMC,gBAAgB1B,QAAQ8B,OAAOJ;AACrC,YAAMC,eAAe3B,QAAQ8B,OAAOH;AACpC,UAAI,CAACD,iBAAiB,CAACC,cAAc;AACnCnB,gBAAQC,IAAI,6EAA6EiB,aAAAA,mBAAgCC,YAAAA,EAAc;AACvI,eAAOI,kBAAkBN,UAAU,KAAK,yCAAA;MAC1C;AACA,YAAM6C,eAAe,MAAMpD,QAAQgB,MAAMqC,wBAAwB;QAC/D7C;QACAmB,SAASlB;QACT6C,iBAAiB;MACnB,CAAA;AACA,UAAI,CAACF,cAAc;AACjB9D,gBAAQC,IACN,kGAAkGiB,aAAAA,mBAAgCC,YAAAA,EAAc;AAElJ,eAAOI,kBAAkBN,UAAU,KAAK,yCAAyC;MACnF;AACA,YAAMgD,gBAAgB,MAAMH,aAAatE,SAASyE,eAAeC,MAAAA;AACjElE,cAAQC,IAAI,qBAAA;AACZD,cAAQC,IAAIgE,aAAAA;AAEZ,UAAIN;AACJ,UAAI;AACF1C,iBAASa,aAAa;AACtBb,iBAASqC,UAAU,gBAAgB,iBAAA;AACnC,eAAOrC,SAASe,KAAKiC,aAAAA;MACvB,SAASE,GAAG;AACVR,gBAAQ,OAAOQ,MAAM,WAAWA,IAAIA,aAAa5D,QAAQ4D,EAAEC,UAAUC;AACrE,eAAO9C,kBAAkBN,UAAU,KAAK,uCAAuCkD,CAAAA;MACjF,UAAA;AACE,cAAMzD,QAAQgB,MAAM4C,2BAA2B;UAC7CpD;UACAmB,SAASlB;UACTsC,OAAO;UACPE;QACF,CAAA;MACF;IACF,SAASA,OAAO;AACd,aAAOpC,kBAAkBN,UAAU,KAAK,uCAAuC0C,KAAAA;IACjF;EACF,CAAA;AACF;AAjDgBC;;;ACzHhB,SAASW,wCAAwC;AACjD,SAASC,aAAAA,YAAgCC,qBAAAA,0BAAyB;AAClE,SAASC,mBAAmB;AAE5B,OAAOC,UAAU;;;ACHjB,SAAYC,gBAAgB;AAErB,IAAMC,eAAe,wBAACC,WAAAA;AAC3B,SAAO,CAACC,KAAcC,KAAeC,SAAAA;AACnC,QAAI;AACFH,aAAOI,MAAMH,IAAII,IAAI;AACrBF,WAAAA;IACF,SAASG,OAAO;AACd,UAAIA,iBAAiBC,UAAU;AAC7B,cAAMC,gBAAgBF,MAAMG,OAAOC,IAAI,CAACC,WAAgB;UACtDC,SAAS,GAAGD,MAAME,KAAKC,KAAK,GAAA,CAAA,OAAWH,MAAMC,OAAO;QACtD,EAAA;AACAV,YAAIa,OAAO,GAAA,EAAKC,KAAK;UAAED,QAAQ;UAAKH,SAAS;UAAgBK,eAAeT,cAAc,CAAA,EAAGI;QAAQ,CAAA;MACvG,OAAO;AACLV,YAAIa,OAAO,GAAA,EAAKC,KAAK;UAAED,QAAQ;UAAKH,SAAS;QAAwB,CAAA;MACvE;IACF;EACF;AACF,GAhB4B;;;ACH5B,SAASM,SAAS;AAClB,SACEC,cACAC,cACAC,kBACAC,0BACK;AAEA,IAAMC,qBAAqBL,EAAEM,KAAK;EAACJ,aAAaK;CAAS;AAEzD,IAAMC,qBAAqBR,EAAEM,KAAK;EAACL,aAAaQ;EAAaR,aAAaS;CAAgB;AAE1F,IAAMC,yBAAyBX,EAAEM,KAAKM,OAAOC,OAAOV,gBAAAA,CAAAA;AAEpD,IAAMW,mBAAmBd,EAAEe,OAAO;EACvCC,MAAMhB,EAAEiB,OAAM,EAAGC,SAAQ;EACzBC,YAAYnB,EAAEoB,OAAM,EAAGF,SAAQ;EAC/BG,aAAarB,EAAEoB,OAAM,EAAGF,SAAQ;AAClC,CAAA;AAEO,IAAMI,uCAAuCtB,EAAEe,OAAO;EAC3DQ,UAAUvB,EAAEoB,OAAM;EAClBI,WAAWxB,EAAEoB,OAAM,EAAGF,SAAQ;EAC9BO,kBAAkBzB,EAAEoB,OAAM,EAAGF,SAAQ;EACrCQ,gBAAgB1B,EAAEoB,OAAM,EAAGF,SAAQ;EACnCS,oBAAoBhB,uBAAuBO,SAAQ;EACnDU,eAAevB,mBAAmBa,SAAQ;EAC1CW,eAAerB,mBAAmBU,SAAQ;EAC1CY,kBAAkB9B,EAAE+B,MAAM/B,EAAEoB,OAAM,CAAA,EAAIF,SAAQ;EAC9Cc,SAASlB,iBAAiBI,SAAQ;EAClCe,mCAAmCjC,EAAEoB,OAAM,EAAGF,SAAQ;EACtDgB,UAAU9B,mBAAmBc,SAAQ;AACvC,CAAA;AAEO,IAAMiB,oCAAoCnC,EAAEe,OAAO;EACxDW,gBAAgB1B,EAAEoB,OAAM;EACxBG,UAAUvB,EAAEoB,OAAM;EAClBgB,aAAapC,EAAEoB,OAAM;EACrBiB,YAAYrC,EAAEoB,OAAM;EACpBkB,QAAQtC,EAAEoB,OAAM,EAAGF,SAAQ;AAC7B,CAAA;;;AFtBO,SAASqB,yCAAyCC,QAAgBC,SAA2BC,MAA2C;AAC7I,MAAIA,MAAMC,YAAY,OAAO;AAC3BC,YAAQC,IAAI,yDAAyD;AACrE;EACF;AAEA,QAAMC,OAAOJ,MAAMI,QAAQ;AAC3BN,SAAOO,KAAKD,MAAME,WAAUN,MAAMO,QAAAA,GAAWC,aAAaC,oCAAAA,GAAuC,OAAOC,SAAqCC,aAAAA;AAC3I,QAAI;AACF,YAAMC,gBAAgBF,QAAQG,KAAKC,kBAAkBC,KAAKA,KAAI;AAC9D,YAAMC,aAAaN,QAAQG,KAAKI,WAAWjB,MAAMgB;AACjD,YAAME,UAAUR,QAAQG,KAAKM;AAC7B,YAAMC,gCAAgCV,QAAQG,KAAKQ;AACnD,YAAMC,iBAAiBZ,QAAQG,KAAKU;AACpC,YAAMC,WAAWd,QAAQG,KAAKW;AAE9B,UAAI;AACF,cAAMzB,QAAQ0B,MAAMC,iBAAiB;UAAEC,QAAQT;QAAQ,CAAA;MACzD,SAAQU,GAAG;AACT1B,gBAAQC,IAAI,uDAAuDe,OAAAA,EAAS;AAC5E,eAAOW,mBAAkBlB,UAAU,KAAK;UAAEmB,QAAQ;UAAKC,SAAS;QAA0B,CAAA;MAC5F;AAEA,YAAMC,wBAAwBC,YAAY,qBAAqBf,OAAAA,kBAAyBN,aAAAA,IAAiB;QACvGsB,SAASZ,kBAAkBtB,MAAMmC;MACnC,CAAA;AACA,YAAMC,cAAcH,YAAY,qBAAqBf,OAAAA,mBAA0BN,aAAAA,IAAiB;QAAEsB,SAASlC,MAAMmC;MAAY,CAAA;AAE7H,YAAME,iBAAiB,MAAMtC,QAAQ0B,MAAMa,yBAAyB;QAClEpB;QACAN;QACA2B,OAAOxB,KAAKA,KAAI;QAChBiB;QACAQ,iBAAiB;QACjBJ;QACA,GAAIhB,iCAAiC;UAAEqB,qBAAqBrB;QAA8B;QAC1FI;MACF,CAAA;AAEA,UAAIkB;AACJ,UAAI1B,YAAY;AACd,cAAM,EAAE2B,UAAS,IAAK,MAAM,OAAO,YAAA;AACnC,cAAMC,SAAS,IAAID,UAAU;UAAE,GAAG3B;UAAY6B,MAAMR;QAAe,CAAA;AACnEK,wBAAgB,0BAA0B,MAAME,OAAOE,KAAI,GAAKC,SAAS,QAAA,CAAA;MAC3E;AAEA,YAAMC,kBAAkB;QACtB7B,UAAUD;QACVJ,gBAAgBF;QAChBqC,aAAaZ;QACba,YAAY,GAAGjB,YAAYjC,MAAMmD,wBAAwB,wBAAwBvC,aAAAA,IAAiB;UAAEsB,SAASlC,MAAMoD;QAAc,CAAA,CAAA;QACjI,GAAIV,iBAAiB;UAAEW,QAAQX;QAAc;MAC/C;AACAxC,cAAQC,IAAI,uCAAuCmD,KAAKC,UAAUP,eAAAA,CAAAA,EAAkB;AAEpF,aAAOrC,SAASmB,OAAO,GAAA,EAAK0B,KAAKR,eAAAA;IACnC,SAASS,OAAO;AACd,aAAO5B,mBAAkBlB,UAAU,KAAK;QAAEmB,QAAQ;QAAKC,SAAS;MAAgD,GAAG0B,KAAAA;IACrH;EACF,CAAA;AACF;AA5DgB5D;AA8DT,SAAS6D,8CAA8C5D,QAAgBC,SAA2BC,MAA0B;AACjI,MAAIA,MAAMC,YAAY,OAAO;AAC3BC,YAAQC,IAAI,wDAAwD;AACpE;EACF;AAEA,QAAMC,OAAOJ,MAAMI,QAAQ;AAC3BN,SAAO6D,OAAOvD,MAAME,WAAUN,MAAMO,QAAAA,GAAW,OAAOG,SAAqCC,aAAAA;AACzF,QAAI;AACF,YAAMC,gBAAwBF,QAAQkD,OAAOhD;AAE7C,YAAMiD,mBAAmB,MAAM9D,QAAQ0B,MAAMqC,wBAAwB;QACnElD;QACAmD,iBAAiB;MACnB,CAAA;AACA,UAAI,CAACF,kBAAkB;AACrB3D,gBAAQC,IAAI,uFAAuFS,aAAAA,EAAe;AAClH,eAAOiB,mBAAkBlB,UAAU,KAAK;UAAEmB,QAAQ;UAAKC,SAAS;QAA0C,CAAA;MAC5G;AAEA,YAAMhC,QAAQ0B,MAAMuC,oBAAoB;QAAEpD;MAAc,CAAA;AAExD,aAAOD,SAASmB,OAAO,GAAA,EAAK0B,KAAI;IAClC,SAASC,OAAO;AACd,aAAO5B,mBAAkBlB,UAAU,KAAK;QAAEmB,QAAQ;QAAKC,SAAS0B,MAAM1B;MAAQ,GAAG0B,KAAAA;IACnF;EACF,CAAA;AACF;AA3BgBC;AA6BT,SAASO,kCAAkCnE,QAAgBC,SAA2BC,MAA0B;AACrH,MAAIA,MAAMC,YAAY,OAAO;AAC3BC,YAAQC,IAAI,kDAAkD;AAC9D;EACF;AAEA,QAAMC,OAAOJ,MAAMI,QAAQ;AAC3BN,SAAOoE,IAAI9D,MAAME,WAAUN,MAAMO,QAAAA,GAAW,OAAOG,SAAwCC,aAAAA;AACzF,QAAI;AACFT,cAAQC,IAAI,iCAAA;AACZ,YAAMS,gBAAwBF,QAAQkD,OAAOhD;AAE7C,YAAMuD,eAAe,MAAMpE,QAAQ0B,MAAMqC,wBAAwB;QAC/DlD;QACAmD,iBAAiB;MACnB,CAAA;AAEA,UAAI,CAACI,cAAc;AACjBjE,gBAAQC,IAAI,uFAAuFS,aAAAA,EAAe;AAClH,eAAOiB,mBAAkBlB,UAAU,KAAK;UAAEmB,QAAQ;UAAKC,SAAS;QAA0C,CAAA;MAC5G;AAEA,UAAIqC;AACJ,UAAID,aAAarC,WAAW,iCAAiC;AAC3DsC,wBAAiB,MAAMrE,QAAQ0B,MAAM4C,yBAAyB;UAAEzD;UAAemD,iBAAiB;QAAM,CAAA;MACxG;AACA,YAAMO,eAAeF,iBAAiBD;AAEtC,YAAMI,aAAa;QACjBzC,QAAQwC,aAAaxC;QACrBhB,gBAAgBwD,aAAa1D;QAC7BO,UAAUmD,aAAapD;QACvBsD,cAAcF,aAAaG;QAC3B,GAAKL,eAAetC,WAAW4C,iCAAiCC,YAAYP,cAAcQ,iBAAiBC,UAAc;UAAED,cAAcR,cAAcQ;QAAa;QACpK,GAAIN,aAAab,SAAS;UAAE1B,SAASuC,aAAab,MAAM1B;QAAQ;MAClE;AACA7B,cAAQ4E,MAAM,0BAA0BxB,KAAKC,UAAUgB,UAAAA,CAAAA,EAAa;AAEpE,UAAID,aAAaxC,WAAW,SAAS;AACnC,eAAOnB,SAASmB,OAAO,GAAA,EAAK0B,KAAKe,UAAAA;MACnC;AACA,aAAO5D,SAASmB,OAAO,GAAA,EAAK0B,KAAKe,UAAAA;IACnC,SAASd,OAAO;AACd,aAAO5B,mBAAkBlB,UAAU,KAAK;QAAEmB,QAAQ;QAAKC,SAAS0B,MAAM1B;MAAQ,GAAG0B,KAAAA;IACnF;EACF,CAAA;AACF;AA9CgBQ;AAgDT,SAASc,uBAAuBjF,QAAgBC,SAA2BC,MAA0B;AAC1G,MAAIA,MAAMC,YAAY,OAAO;AAC3BC,YAAQC,IAAI,sDAAsD;AAClE;EACF;AAEA,QAAMC,OAAOJ,MAAMI,QAAQ;AAC3BN,SAAOoE,IAAI9D,MAAME,WAAUN,MAAMO,QAAAA,GAAW,OAAOG,SAAkBC,aAAAA;AACnE,QAAI;AACF,YAAMqE,cAAc,MAAMjF,QAAQ0B,MAAMwD,kBAAiB;AACzDtE,eAASuE,aAAa;AACtB,aAAOvE,SAAS6C,KAAKwB,WAAAA;IACvB,SAASvB,OAAO;AACd,aAAO5B,mBAAkBlB,UAAU,KAAK;QAAEmB,QAAQ;QAAKC,SAAS0B,MAAM1B;MAAQ,GAAG0B,KAAAA;IACnF;EACF,CAAA;AACF;AAhBgBsB;;;AG7JhB,SAASI,oBAAoB;AAC7B,SAASC,iCAAiD;AAI1D,OAAOC,aAAqD;AAS5D,OAAOC,eAAe;AAEf,IAAMC,oBAAN,MAAMA;EAhBb,OAgBaA;;;EACMC;EACAC;EACAC;EACAC;EACAC;EAEAC,qBAAqB;EACtC,YAAYC,MAAwG;AAClH,UAAM,EAAEC,OAAOC,KAAI,IAAKF;AACxB,SAAKJ,SAASK;AACdE,8BAA0B;MAAED;MAAME,MAAM;QAAC;QAA2B;QAAoB;;IAA2B,CAAA;AACnH,QAAIF,MAAMG,cAAcC,YAAYC,qBAAqB;AACvDJ,gCAA0B;QAAED;QAAME,MAAM;UAAC;UAAsB;;MAA0B,CAAA;IAC3F;AAEA,SAAKP,QAAQK;AACb,SAAKR,WAAWM,KAAKQ,eAAeC;AACpC,SAAKd,UAAUc,QAAQC,OAAM;AAC7B,UAAMC,UAAUC,aAAaX,KAAAA;AAE7B,UAAMY,WAAWX,MAAMY,kBAAkB;MAAC;MAAa;;AACvDC,YAAQC,IAAI,sCAAsCC,KAAKC,UAAUL,QAAAA,CAAAA,GAAY;AAG7E,QAAIA,SAASM,SAAS,WAAA,GAAc;AAClCC,+CAAyC,KAAKzB,SAASgB,SAAST,MAAMG,cAAcgB,uBAAAA;AACpFC,wCAAkC,KAAK3B,SAASgB,SAAST,MAAMG,cAAckB,gBAAAA;AAC7EC,oDAA8C,KAAK7B,SAASgB,SAAST,MAAMG,cAAcoB,uBAAAA;AACzFC,6BAAuB,KAAK/B,SAASgB,SAAST,MAAMG,cAAcsB,oBAAAA;IACpE;AAGA,QAAId,SAASM,SAAS,MAAA,GAAS;AAC7BS,mCAA6B,KAAKjC,SAASgB,SAAST,MAAMG,cAAcwB,kBAAAA;AACxEC,uCAAiC,KAAKnC,SAASgB,SAAST,MAAMG,cAAc0B,sBAAAA;IAC9E;AACA,SAAKjC,YAAYI,MAAMG,cAAc2B,YAAY;AACjD,SAAKtC,SAASuC,IAAI,KAAKnC,WAAW,KAAKoC,MAAM;AAC7C,SAAKxC,SAASyC,IAAI,eAAejC,MAAMG,cAAc+B,cAAc,IAAA;AACnE,SAAKC,eAAc;EACrB;EAEQA,iBAAiB;AACvBC,UAAM,KAAKvC,kBAAkB,EAC1BwC,KAAK,CAACC,QAAQA,IAAIC,KAAI,CAAA,EACtBF,KAAK,CAACG,YAAAA;AACL,YAAMC,UAAU,GAAG,KAAK7C,SAAS;AACjCiB,cAAQC,IAAI,iCAAiC2B,OAAAA,EAAS;AAEtD,WAAKhD,QAAQsC,IACX,aACA,CAACW,KAAcJ,KAAeK,SAAAA;AAC5B,cAAMC,QAAQ,GAAGH,QAAQI,QAAQ,MAAM,GAAA,CAAA,GAAQA,QAAQ,WAAW,EAAA,EAAIA,QAAQ,gBAAgB,EAAA;AAC9FL,gBAAQM,UAAU;UAAC;YAAEC,KAAK,GAAGL,IAAIM,QAAQ,MAAMN,IAAIO,IAAI,MAAA,CAAA,GAAUL,KAAAA;YAASM,aAAa;UAAc;;AAErGR,YAAIS,aAAaX;AACjBG,aAAAA;MACF,GACAS,UAAUC,WAAWb,SAASc,OAAAA,GAC9BF,UAAUG,MAAK,CAAA;IAEnB,CAAA,EACCC,MAAM,CAACC,QAAAA;AACN5C,cAAQC,IAAI,8CAA8C2C,GAAAA,2CAA8C;IAC1G,CAAA;AACF,UAAMH,UAAU,CAEhB;EACF;EACA,IAAI/C,UAAmB;AACrB,WAAO,KAAKf;EACd;EAEA,IAAIwC,SAAiB;AACnB,WAAO,KAAKvC;EACd;EAEA,IAAIM,QAAmD;AACrD,WAAO,KAAKL;EACd;EAEA,IAAIM,OAAyC;AAC3C,WAAO,KAAKL;EACd;AACF;","names":["PresentationDefinitionLocation","checkAuth","sendErrorResponse","CredentialMapper","parseAuthorizationResponse","request","contentType","header","payload","body","JSON","parse","presentation_submission","console","log","vp_token","startsWith","endsWith","CredentialMapper","isJsonLdAsString","Error","verifyAuthResponseSIOPv2Endpoint","router","context","opts","enabled","path","post","checkAuth","endpoint","response","correlationId","definitionId","tenantId","version","params","sendErrorResponse","stringify","definitionItems","agent","pdmGetDefinitions","filter","length","statusCode","statusMessage","send","authorizationResponse","definitionItem","verifiedResponse","siopVerifyAuthResponse","queryId","presentationDefinitions","location","presentationDefinitionLocation","PresentationDefinitionLocation","TOPLEVEL_PRESENTATION_DEF","definition","definitionPayload","dcqlQuery","dcqlPayload","wrappedPresentation","oid4vpSubmission","presentations","presentation","authorizationChallengeValidationResponse","presentation_during_issuance_session","is_first_party","setHeader","responseRedirectURI","siopGetRedirectURI","state","redirect_uri","error","getAuthRequestSIOPv2Endpoint","get","requestState","siopGetAuthRequestState","errorOnNotFound","requestObject","toJwt","e","message","undefined","siopUpdateAuthRequestState","AuthorizationResponseStateStatus","checkAuth","sendErrorResponse","uriWithBase","uuid","ZodError","validateData","schema","req","res","next","parse","body","error","ZodError","errorMessages","issues","map","issue","message","path","join","status","json","error_details","z","ResponseMode","ResponseType","RequestUriMethod","CallbackOptsSchema","ResponseTypeSchema","enum","VP_TOKEN","ResponseModeSchema","DIRECT_POST","DIRECT_POST_JWT","RequestUriMethodSchema","Object","values","QRCodeOptsSchema","object","size","number","optional","color_dark","string","color_light","CreateAuthorizationRequestBodySchema","query_id","client_id","request_uri_base","correlation_id","request_uri_method","response_type","response_mode","transaction_data","array","qr_code","direct_post_response_redirect_uri","callback","CreateAuthorizationResponseSchema","request_uri","status_uri","qr_uri","createAuthRequestUniversalOID4VPEndpoint","router","context","opts","enabled","console","log","path","post","checkAuth","endpoint","validateData","CreateAuthorizationRequestBodySchema","request","response","correlationId","body","correlation_id","uuid","qrCodeOpts","qr_code","queryId","query_id","directPostResponseRedirectUri","direct_post_response_redirect_uri","requestUriBase","request_uri_base","callback","agent","pdmGetDefinition","itemId","e","sendErrorResponse","status","message","requestByReferenceURI","uriWithBase","baseURI","siopBaseURI","responseURI","authRequestURI","siopCreateAuthRequestURI","nonce","responseURIType","responseRedirectURI","qrCodeDataUri","AwesomeQR","qrCode","text","draw","toString","authRequestBody","request_uri","status_uri","webappAuthStatusPath","webappBaseURI","qr_uri","JSON","stringify","json","error","removeAuthRequestStateUniversalOID4VPEndpoint","delete","params","authRequestState","siopGetAuthRequestState","errorOnNotFound","siopDeleteAuthState","authStatusUniversalOID4VPEndpoint","get","requestState","responseState","siopGetAuthResponseState","overallState","statusBody","last_updated","lastUpdated","AuthorizationResponseStateStatus","VERIFIED","verifiedData","undefined","debug","getDefinitionsEndpoint","definitions","pdmGetDefinitions","statusCode","agentContext","copyGlobalAuthToEndpoints","express","swaggerUi","SIOPv2RPApiServer","_express","_router","_agent","_opts","_basePath","OID4VP_SWAGGER_URL","args","agent","opts","copyGlobalAuthToEndpoints","keys","endpointOpts","globalAuth","secureSiopEndpoints","expressSupport","express","Router","context","agentContext","features","enableFeatures","console","log","JSON","stringify","includes","createAuthRequestUniversalOID4VPEndpoint","webappCreateAuthRequest","authStatusUniversalOID4VPEndpoint","webappAuthStatus","removeAuthRequestStateUniversalOID4VPEndpoint","webappDeleteAuthRequest","getDefinitionsEndpoint","webappGetDefinitions","getAuthRequestSIOPv2Endpoint","siopGetAuthRequest","verifyAuthResponseSIOPv2Endpoint","siopVerifyAuthResponse","basePath","use","router","set","trustProxy","setupSwaggerUi","fetch","then","res","json","swagger","apiDocs","req","next","regex","replace","servers","url","protocol","get","description","swaggerDoc","swaggerUi","serveFiles","options","setup","catch","err"]}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@sphereon/ssi-sdk.siopv2-oid4vp-rp-rest-api",
-  "version": "0.34.1-feature.SSISDK.46.42+7bc89636",
+  "version": "0.34.1-feature.SSISDK.47.43+3fc7073e",
   "source": "src/index.ts",
   "type": "module",
   "main": "./dist/index.cjs",
@@ -23,16 +23,16 @@
     "start:dev": "ts-node __tests__/RestAPI.ts"
   },
   "dependencies": {
-    "@sphereon/did-auth-siop": "0.19.1-feature.SSISDK.46.5",
-    "@sphereon/ssi-express-support": "0.34.1-feature.SSISDK.46.42+7bc89636",
-    "@sphereon/ssi-sdk.core": "0.34.1-feature.SSISDK.46.42+7bc89636",
-    "@sphereon/ssi-sdk.credential-validation": "0.34.1-feature.SSISDK.46.42+7bc89636",
-    "@sphereon/ssi-sdk.kv-store-temp": "0.34.1-feature.SSISDK.46.42+7bc89636",
-    "@sphereon/ssi-sdk.pd-manager": "0.34.1-feature.SSISDK.46.42+7bc89636",
-    "@sphereon/ssi-sdk.presentation-exchange": "0.34.1-feature.SSISDK.46.42+7bc89636",
-    "@sphereon/ssi-sdk.siopv2-oid4vp-common": "0.34.1-feature.SSISDK.46.42+7bc89636",
-    "@sphereon/ssi-sdk.siopv2-oid4vp-rp-auth": "0.34.1-feature.SSISDK.46.42+7bc89636",
-    "@sphereon/ssi-types": "0.34.1-feature.SSISDK.46.42+7bc89636",
+    "@sphereon/did-auth-siop": "0.19.1-feature.SSISDK.47.14",
+    "@sphereon/ssi-express-support": "0.34.1-feature.SSISDK.47.43+3fc7073e",
+    "@sphereon/ssi-sdk.core": "0.34.1-feature.SSISDK.47.43+3fc7073e",
+    "@sphereon/ssi-sdk.credential-validation": "0.34.1-feature.SSISDK.47.43+3fc7073e",
+    "@sphereon/ssi-sdk.kv-store-temp": "0.34.1-feature.SSISDK.47.43+3fc7073e",
+    "@sphereon/ssi-sdk.pd-manager": "0.34.1-feature.SSISDK.47.43+3fc7073e",
+    "@sphereon/ssi-sdk.presentation-exchange": "0.34.1-feature.SSISDK.47.43+3fc7073e",
+    "@sphereon/ssi-sdk.siopv2-oid4vp-common": "0.34.1-feature.SSISDK.47.43+3fc7073e",
+    "@sphereon/ssi-sdk.siopv2-oid4vp-rp-auth": "0.34.1-feature.SSISDK.47.43+3fc7073e",
+    "@sphereon/ssi-types": "0.34.1-feature.SSISDK.47.43+3fc7073e",
     "@veramo/core": "4.2.0",
     "@veramo/credential-w3c": "4.2.0",
     "awesome-qr": "^2.1.5-rc.0",
@@ -49,16 +49,16 @@
   },
   "devDependencies": {
     "@decentralized-identity/ion-sdk": "^0.6.0",
-    "@sphereon/did-auth-siop-adapter": "0.19.1-feature.SSISDK.46.5",
+    "@sphereon/did-auth-siop-adapter": "0.19.1-feature.SSISDK.47.14",
     "@sphereon/did-uni-client": "^0.6.3",
     "@sphereon/pex": "5.0.0-unstable.28",
     "@sphereon/pex-models": "^2.3.2",
-    "@sphereon/ssi-sdk-ext.did-provider-jwk": "0.34.1-feature.SSISDK.46.42+7bc89636",
-    "@sphereon/ssi-sdk-ext.identifier-resolution": "0.34.1-feature.SSISDK.46.42+7bc89636",
-    "@sphereon/ssi-sdk-ext.jwt-service": "0.34.1-feature.SSISDK.46.42+7bc89636",
-    "@sphereon/ssi-sdk.credential-vcdm": "0.34.1-feature.SSISDK.46.42+7bc89636",
-    "@sphereon/ssi-sdk.credential-vcdm-jsonld-provider": "0.34.1-feature.SSISDK.46.42+7bc89636",
-    "@sphereon/ssi-sdk.data-store": "0.34.1-feature.SSISDK.46.42+7bc89636",
+    "@sphereon/ssi-sdk-ext.did-provider-jwk": "0.34.1-feature.SSISDK.47.43+3fc7073e",
+    "@sphereon/ssi-sdk-ext.identifier-resolution": "0.34.1-feature.SSISDK.47.43+3fc7073e",
+    "@sphereon/ssi-sdk-ext.jwt-service": "0.34.1-feature.SSISDK.47.43+3fc7073e",
+    "@sphereon/ssi-sdk.credential-vcdm": "0.34.1-feature.SSISDK.47.43+3fc7073e",
+    "@sphereon/ssi-sdk.credential-vcdm-jsonld-provider": "0.34.1-feature.SSISDK.47.43+3fc7073e",
+    "@sphereon/ssi-sdk.data-store": "0.34.1-feature.SSISDK.47.43+3fc7073e",
     "@types/body-parser": "^1.19.5",
     "@types/cookie-parser": "^1.4.7",
     "@types/cors": "^2.8.17",
@@ -117,5 +117,5 @@
     "OpenID Connect",
     "Authenticator"
   ],
-  "gitHead": "7bc89636f8e96783eca147c7160dbb4dbf387735"
+  "gitHead": "3fc7073e79dce4fb4593b9ef01e3eaf320024463"
 }

package/src/schemas/index.ts

@@ -1,25 +1,16 @@
-import { z } from 'zod';
+import { z } from 'zod'
 import {
-  authorizationRequestStatuses,
-  authorizationResponseStatuses
-} from '@sphereon/ssi-sdk.siopv2-oid4vp-common'
-import { ResponseMode, ResponseType, RequestUriMethod } from '@sphereon/did-auth-siop'
+  ResponseMode,
+  ResponseType,
+  RequestUriMethod,
+  CallbackOptsSchema
+} from '@sphereon/did-auth-siop'
 
 export const ResponseTypeSchema = z.enum([ResponseType.VP_TOKEN]);
 
 export const ResponseModeSchema = z.enum([ResponseMode.DIRECT_POST, ResponseMode.DIRECT_POST_JWT]);
 
-export const RequestUriMethodSchema = z.enum([RequestUriMethod.GET, RequestUriMethod.POST]);
-
-export const AuthorizationStatusSchema = z.enum([
-  ...authorizationRequestStatuses,
-  ...authorizationResponseStatuses
-]);
-
-export const CallbackOptsSchema = z.object({
-  url: z.string(),
-  status: z.array(AuthorizationStatusSchema).optional(),
-});
+export const RequestUriMethodSchema = z.enum(Object.values(RequestUriMethod));
 
 export const QRCodeOptsSchema = z.object({
   size: z.number().optional(),

package/src/types/types.ts

@@ -63,7 +63,7 @@ export type RequestError = {
   error_details?: string
 }
 
-export interface GetAuthStatusResponse {
+export interface AuthStatusResponse {
   status: AuthorizationRequestStateStatus | AuthorizationResponseStateStatus
   correlation_id: string
   query_id: string

package/src/universal-oid4vp-api-functions.ts

@@ -11,7 +11,7 @@ import {
   CreateAuthorizationResponse,
   DeleteAuthorizationRequest,
   GetAuthorizationRequestStatus,
-  GetAuthStatusResponse,
+  AuthStatusResponse,
   ICreateAuthRequestWebappEndpointOpts,
   IRequiredContext
 } from './types'
@@ -30,6 +30,7 @@ export function createAuthRequestUniversalOID4VPEndpoint(router: Router, context
       const queryId = request.body.query_id
       const directPostResponseRedirectUri = request.body.direct_post_response_redirect_uri // TODO Uri not URI
       const requestUriBase = request.body.request_uri_base
+      const callback = request.body.callback
 
       try {
         await context.agent.pdmGetDefinition({ itemId: queryId })
@@ -51,6 +52,7 @@ export function createAuthRequestUniversalOID4VPEndpoint(router: Router, context
         responseURIType: 'response_uri',
         responseURI,
         ...(directPostResponseRedirectUri && { responseRedirectURI: directPostResponseRedirectUri }),
+        callback
       })
 
       let qrCodeDataUri: string | undefined
@@ -140,7 +142,7 @@ export function authStatusUniversalOID4VPEndpoint(router: Router, context: IRequ
         last_updated: overallState.lastUpdated,
         ...((responseState?.status === AuthorizationResponseStateStatus.VERIFIED && responseState.verifiedData !== undefined) && { verifiedData: responseState.verifiedData }),
         ...(overallState.error && { message: overallState.error.message })
-      } satisfies GetAuthStatusResponse
+      } satisfies AuthStatusResponse
       console.debug(`Will send auth status: ${JSON.stringify(statusBody)}`)
 
       if (overallState.status === 'error') {