From ab42e129a14a03d52c141497909d53f44d9feb2c Mon Sep 17 00:00:00 2001 From: sanderPostma Date: Tue, 29 Oct 2024 19:59:30 +0100 Subject: [PATCH 01/18] chore: Added type for OpenidFederationMetadata --- .../oid4vci-common/lib/types/OpenidFederationMetadata.ts | 7 +++++++ 1 file changed, 7 insertions(+) create mode 100644 packages/oid4vci-common/lib/types/OpenidFederationMetadata.ts diff --git a/packages/oid4vci-common/lib/types/OpenidFederationMetadata.ts b/packages/oid4vci-common/lib/types/OpenidFederationMetadata.ts new file mode 100644 index 00000000..442197e7 --- /dev/null +++ b/packages/oid4vci-common/lib/types/OpenidFederationMetadata.ts @@ -0,0 +1,7 @@ +export interface OpenidFederationMetadata { + issuer: string + + // eslint-disable-next-line @typescript-eslint/no-explicit-any + [x: string]: any; //We use any, so you can access properties if you know the structure + +} From 75ff089cbbfa810115796c8df8a3929dc7aae34b Mon Sep 17 00:00:00 2001 From: sanderPostma Date: Tue, 29 Oct 2024 20:23:50 +0100 Subject: [PATCH 02/18] chore: OpenidFederationMetadata structures --- packages/client/lib/MetadataClient.ts | 1 + packages/issuer/lib/VcIssuer.ts | 8 +++++++- packages/issuer/lib/builder/VcIssuerBuilder.ts | 18 ++++++++++++++---- .../oid4vci-common/lib/types/ServerMetadata.ts | 1 + 4 files changed, 23 insertions(+), 5 deletions(-) diff --git a/packages/client/lib/MetadataClient.ts b/packages/client/lib/MetadataClient.ts index 90a59755..a12caee9 100644 --- a/packages/client/lib/MetadataClient.ts +++ b/packages/client/lib/MetadataClient.ts @@ -185,6 +185,7 @@ export class MetadataClient { : (authMetadata as CredentialIssuerMetadataV1_0_13); } debug(`Issuer ${issuer} token endpoint ${token_endpoint}, credential endpoint ${credential_endpoint}`); + return { issuer, token_endpoint, diff --git a/packages/issuer/lib/VcIssuer.ts b/packages/issuer/lib/VcIssuer.ts index bd16c554..816f0c37 100644 --- a/packages/issuer/lib/VcIssuer.ts +++ b/packages/issuer/lib/VcIssuer.ts @@ -37,6 +37,7 @@ import { } from '@sphereon/oid4vci-common' import { CredentialEventNames, CredentialOfferEventNames, EVENTS } from '@sphereon/oid4vci-common' import { CredentialIssuerMetadataOptsV1_0_13 } from '@sphereon/oid4vci-common' +import { OpenidFederationMetadata } from '@sphereon/oid4vci-common/dist/types/OpenidFederationMetadata' import { CompactSdJwtVc, CredentialMapper, InitiatorType, SubSystem, System, W3CVerifiableCredential } from '@sphereon/ssi-types' import { assertValidPinNumber, createCredentialOfferObject, createCredentialOfferURIFromObject, CredentialOfferGrantInput } from './functions' @@ -46,6 +47,7 @@ import { CredentialDataSupplier, CredentialDataSupplierArgs, CredentialIssuanceI export class VcIssuer { private readonly _issuerMetadata: CredentialIssuerMetadataOptsV1_0_13 private readonly _authorizationServerMetadata: AuthorizationServerMetadata + private readonly _openidFederationMetadata?: OpenidFederationMetadata private readonly _defaultCredentialOfferBaseUri?: string private readonly _credentialSignerCallback?: CredentialSignerCallback private readonly _jwtVerifyCallback?: JWTVerifyCallback @@ -59,6 +61,7 @@ export class VcIssuer { issuerMetadata: CredentialIssuerMetadataOptsV1_0_13, authorizationServerMetadata: AuthorizationServerMetadata, args: { + openidFederationMetadata?: OpenidFederationMetadata txCode?: TxCode baseUri?: string credentialOfferSessions: IStateManager @@ -74,6 +77,7 @@ export class VcIssuer { this.setDefaultTokenEndpoint(issuerMetadata) this._issuerMetadata = issuerMetadata this._authorizationServerMetadata = authorizationServerMetadata + this._openidFederationMetadata = args.openidFederationMetadata this._defaultCredentialOfferBaseUri = args.defaultCredentialOfferBaseUri this._credentialOfferSessions = args.credentialOfferSessions this._cNonces = args.cNonces @@ -668,5 +672,7 @@ export class VcIssuer { return this._authorizationServerMetadata } - + public get openidFederationMetadata() { + return this._openidFederationMetadata + } } diff --git a/packages/issuer/lib/builder/VcIssuerBuilder.ts b/packages/issuer/lib/builder/VcIssuerBuilder.ts index 207b8b6b..9b562c8b 100644 --- a/packages/issuer/lib/builder/VcIssuerBuilder.ts +++ b/packages/issuer/lib/builder/VcIssuerBuilder.ts @@ -2,6 +2,7 @@ import { AuthorizationServerMetadata, CNonceState, CredentialConfigurationSupportedV1_0_13, + CredentialIssuerMetadataOptsV1_0_13, CredentialOfferSession, IssuerMetadata, IssuerMetadataV1_0_13, @@ -12,7 +13,7 @@ import { TxCode, URIState } from '@sphereon/oid4vci-common' -import { CredentialIssuerMetadataOptsV1_0_13 } from '@sphereon/oid4vci-common' +import { OpenidFederationMetadata } from '@sphereon/oid4vci-common/dist/types/OpenidFederationMetadata' import { VcIssuer } from '../VcIssuer' import { MemoryStates } from '../state-manager' @@ -24,6 +25,7 @@ export class VcIssuerBuilder { issuerMetadataBuilder?: IssuerMetadataBuilderV1_13 issuerMetadata: Partial = {} authorizationServerMetadata: Partial = {} + openidFederationMetadata: Partial = {} txCode?: TxCode defaultCredentialOfferBaseUri?: string userPinRequired?: boolean @@ -48,11 +50,16 @@ export class VcIssuerBuilder { return this } + public withOpenidFederationMetadata(openidFederationMetadata: OpenidFederationMetadata) { + this.openidFederationMetadata = openidFederationMetadata + return this + } + public withIssuerMetadataBuilder(builder: IssuerMetadataBuilderV1_13) { this.issuerMetadataBuilder = builder return this } - + public withDefaultCredentialOfferBaseUri(baseUri: string) { this.defaultCredentialOfferBaseUri = baseUri return this @@ -184,8 +191,11 @@ export class VcIssuerBuilder { if (!metadata.credential_endpoint || !metadata.credential_issuer || !this.issuerMetadata.credential_configurations_supported) { throw new Error(TokenErrorResponse.invalid_request) } - return new VcIssuer(metadata as IssuerMetadataV1_0_13, this.authorizationServerMetadata as AuthorizationServerMetadata, { - //TODO: discuss this with Niels. I did not find this in the spec. but I think we should somehow communicate this + return new VcIssuer(metadata as IssuerMetadataV1_0_13, + this.authorizationServerMetadata as AuthorizationServerMetadata, + { + openidFederationMetadata: this.openidFederationMetadata as OpenidFederationMetadata, + //TODO: discuss this with Niels. I did not find this in the spec. but I think we should somehow communicate this ...(this.txCode && { txCode: this.txCode }), defaultCredentialOfferBaseUri: this.defaultCredentialOfferBaseUri, credentialSignerCallback: this.credentialSignerCallback, diff --git a/packages/oid4vci-common/lib/types/ServerMetadata.ts b/packages/oid4vci-common/lib/types/ServerMetadata.ts index b8f6208c..6f7d0ff2 100644 --- a/packages/oid4vci-common/lib/types/ServerMetadata.ts +++ b/packages/oid4vci-common/lib/types/ServerMetadata.ts @@ -166,6 +166,7 @@ export enum WellKnownEndpoints { OPENID_CONFIGURATION = '/.well-known/openid-configuration', OAUTH_AS = '/.well-known/oauth-authorization-server', OPENID4VCI_ISSUER = '/.well-known/openid-credential-issuer', + OPENID_FEDERATION = '/.well-known/openid-federation', } export type AuthorizationServerType = 'OIDC' | 'OAuth 2.0' | 'OID4VCI'; // OID4VCI means the Issuer hosts a token endpoint itself From 7d37afb78973f182db6b61bd5358f33a73959110 Mon Sep 17 00:00:00 2001 From: sanderPostma Date: Tue, 29 Oct 2024 20:33:56 +0100 Subject: [PATCH 03/18] chore: fix export --- packages/oid4vci-common/lib/types/index.ts | 1 + 1 file changed, 1 insertion(+) diff --git a/packages/oid4vci-common/lib/types/index.ts b/packages/oid4vci-common/lib/types/index.ts index 5d60ee08..769e7a1c 100644 --- a/packages/oid4vci-common/lib/types/index.ts +++ b/packages/oid4vci-common/lib/types/index.ts @@ -6,6 +6,7 @@ export * from './v1_0_09.types'; export * from './v1_0_11.types'; export * from './v1_0_13.types'; export * from './ServerMetadata'; +export * from './OpenidFederationMetadata'; export * from './OpenID4VCIErrors'; export * from './OpenID4VCIVersions.types'; export * from './StateManager.types'; From 529e72750fac2a4236b15f00c230a673667dd054 Mon Sep 17 00:00:00 2001 From: sanderPostma Date: Tue, 29 Oct 2024 20:51:07 +0100 Subject: [PATCH 04/18] chore: expose oidf endpoint --- packages/issuer-rest/lib/oid4vci-api-functions.ts | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/packages/issuer-rest/lib/oid4vci-api-functions.ts b/packages/issuer-rest/lib/oid4vci-api-functions.ts index 0c3f1079..b65fccc4 100644 --- a/packages/issuer-rest/lib/oid4vci-api-functions.ts +++ b/packages/issuer-rest/lib/oid4vci-api-functions.ts @@ -404,6 +404,11 @@ export function getMetadataEndpoints(router: Router, issu return response.send(issuer.authorizationServerMetadata) } router.get(WellKnownEndpoints.OAUTH_AS, authorizationServerHandler) + + const openidFedrationHandler = (request: Request, response: Response) => { + return response.send(issuer.openidFederationMetadata) + } + router.get(WellKnownEndpoints.OPENID_FEDERATION, openidFedrationHandler) } export function determinePath( From 5ad6b029d0ef12d5718820b2eca309b455640152 Mon Sep 17 00:00:00 2001 From: sanderPostma Date: Tue, 29 Oct 2024 21:52:18 +0100 Subject: [PATCH 05/18] chore: send openidFederationMetadata.jwt as payload --- packages/issuer-rest/lib/oid4vci-api-functions.ts | 9 ++++++--- .../oid4vci-common/lib/types/OpenidFederationMetadata.ts | 5 +---- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/packages/issuer-rest/lib/oid4vci-api-functions.ts b/packages/issuer-rest/lib/oid4vci-api-functions.ts index b65fccc4..8228fccf 100644 --- a/packages/issuer-rest/lib/oid4vci-api-functions.ts +++ b/packages/issuer-rest/lib/oid4vci-api-functions.ts @@ -405,10 +405,13 @@ export function getMetadataEndpoints(router: Router, issu } router.get(WellKnownEndpoints.OAUTH_AS, authorizationServerHandler) - const openidFedrationHandler = (request: Request, response: Response) => { - return response.send(issuer.openidFederationMetadata) + const openidFederationHandler = (request: Request, response: Response) => { + if(!issuer.openidFederationMetadata) { + return response.status(404).send() + } + return response.send(issuer.openidFederationMetadata.jwt) } - router.get(WellKnownEndpoints.OPENID_FEDERATION, openidFedrationHandler) + router.get(WellKnownEndpoints.OPENID_FEDERATION, openidFederationHandler) } export function determinePath( diff --git a/packages/oid4vci-common/lib/types/OpenidFederationMetadata.ts b/packages/oid4vci-common/lib/types/OpenidFederationMetadata.ts index 442197e7..bd05f2ff 100644 --- a/packages/oid4vci-common/lib/types/OpenidFederationMetadata.ts +++ b/packages/oid4vci-common/lib/types/OpenidFederationMetadata.ts @@ -1,7 +1,4 @@ export interface OpenidFederationMetadata { issuer: string - - // eslint-disable-next-line @typescript-eslint/no-explicit-any - [x: string]: any; //We use any, so you can access properties if you know the structure - + jwt: string } From 86e798cd0223c95bddc832eecf2560764fd676c6 Mon Sep 17 00:00:00 2001 From: sanderPostma Date: Tue, 29 Oct 2024 21:55:03 +0100 Subject: [PATCH 06/18] chore: send openidFederationMetadata.jwt as payload --- packages/issuer-rest/lib/oid4vci-api-functions.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/issuer-rest/lib/oid4vci-api-functions.ts b/packages/issuer-rest/lib/oid4vci-api-functions.ts index 8228fccf..5e0a5fa8 100644 --- a/packages/issuer-rest/lib/oid4vci-api-functions.ts +++ b/packages/issuer-rest/lib/oid4vci-api-functions.ts @@ -406,7 +406,7 @@ export function getMetadataEndpoints(router: Router, issu router.get(WellKnownEndpoints.OAUTH_AS, authorizationServerHandler) const openidFederationHandler = (request: Request, response: Response) => { - if(!issuer.openidFederationMetadata) { + if(!issuer.openidFederationMetadata || !issuer.openidFederationMetadata.jwt) { return response.status(404).send() } return response.send(issuer.openidFederationMetadata.jwt) From 98e3a6a4f4c498c48d9e4115aed47b2398af20af Mon Sep 17 00:00:00 2001 From: sanderPostma Date: Wed, 30 Oct 2024 11:14:22 +0100 Subject: [PATCH 07/18] chore: cleanup --- packages/oid4vci-common/lib/types/OpenidFederationMetadata.ts | 1 - 1 file changed, 1 deletion(-) diff --git a/packages/oid4vci-common/lib/types/OpenidFederationMetadata.ts b/packages/oid4vci-common/lib/types/OpenidFederationMetadata.ts index bd05f2ff..8c38fdb1 100644 --- a/packages/oid4vci-common/lib/types/OpenidFederationMetadata.ts +++ b/packages/oid4vci-common/lib/types/OpenidFederationMetadata.ts @@ -1,4 +1,3 @@ export interface OpenidFederationMetadata { - issuer: string jwt: string } From 42688c6ae2e68d1a8521cec0a8b1321666a2844b Mon Sep 17 00:00:00 2001 From: sanderPostma Date: Wed, 30 Oct 2024 11:36:11 +0100 Subject: [PATCH 08/18] chore: import fixes --- .../lib/__tests__/issuerCallback.spec.ts | 10 ++++++---- packages/client/lib/__tests__/SdJwt.spec.ts | 8 ++++++-- .../issuer-rest/lib/__tests__/ClientIssuerIT.spec.ts | 6 +++--- .../lib/__tests__/IssuerTokenServer.spec.ts | 2 +- packages/issuer/lib/VcIssuer.ts | 2 +- packages/issuer/lib/__tests__/VcIssuerBuilder.spec.ts | 3 +-- packages/issuer/lib/builder/VcIssuerBuilder.ts | 2 +- packages/issuer/lib/builder/index.ts | 1 + 8 files changed, 20 insertions(+), 14 deletions(-) diff --git a/packages/callback-example/lib/__tests__/issuerCallback.spec.ts b/packages/callback-example/lib/__tests__/issuerCallback.spec.ts index 7541f357..528fb51a 100644 --- a/packages/callback-example/lib/__tests__/issuerCallback.spec.ts +++ b/packages/callback-example/lib/__tests__/issuerCallback.spec.ts @@ -16,7 +16,12 @@ import { ProofOfPossession, } from '@sphereon/oid4vci-common' import { CredentialOfferSession } from '@sphereon/oid4vci-common' -import { CredentialSupportedBuilderV1_13, VcIssuer, VcIssuerBuilder } from '@sphereon/oid4vci-issuer' +import { + AuthorizationServerMetadataBuilder, + CredentialSupportedBuilderV1_13, + VcIssuer, + VcIssuerBuilder +} from '@sphereon/oid4vci-issuer' import { MemoryStates } from '@sphereon/oid4vci-issuer' import { CredentialDataSupplierResult } from '@sphereon/oid4vci-issuer/dist/types' import { ICredential, IProofPurpose, IProofType, W3CVerifiableCredential } from '@sphereon/ssi-types' @@ -24,9 +29,6 @@ import { DIDDocument } from 'did-resolver' import * as jose from 'jose' import { generateDid, getIssuerCallbackV1_0_11, getIssuerCallbackV1_0_13, verifyCredential } from '../IssuerCallback' -import { - AuthorizationServerMetadataBuilder -} from '@sphereon/oid4vci-issuer/dist/builder/AuthorizationServerMetadataBuilder' const INITIATION_TEST_URI = 'openid-credential-offer://?credential_offer=%7B%22credential_issuer%22:%22https://credential-issuer.example.com%22,%22credential_configuration_ids%22:%5B%22UniversityDegreeCredential%22%5D,%22grants%22:%7B%22urn:ietf:params:oauth:grant-type:pre-authorized_code%22:%7B%22pre-authorized_code%22:%22oaKazRN8I0IbtZ0C7JuMn5%22,%22tx_code%22:%7B%22input_mode%22:%22text%22,%22description%22:%22Please%20enter%20the%20serial%20number%20of%20your%20physical%20drivers%20license%22%7D%7D%7D%7D' diff --git a/packages/client/lib/__tests__/SdJwt.spec.ts b/packages/client/lib/__tests__/SdJwt.spec.ts index 5774a484..5eae2943 100644 --- a/packages/client/lib/__tests__/SdJwt.spec.ts +++ b/packages/client/lib/__tests__/SdJwt.spec.ts @@ -9,8 +9,12 @@ import { import nock from 'nock'; import { OpenID4VCIClientV1_0_13 } from '..'; -import { createAccessTokenResponse, IssuerMetadataBuilderV1_13, VcIssuerBuilder } from '../../../issuer'; -import { AuthorizationServerMetadataBuilder } from '../../../issuer/lib/builder/AuthorizationServerMetadataBuilder' +import { + AuthorizationServerMetadataBuilder, + createAccessTokenResponse, + IssuerMetadataBuilderV1_13, + VcIssuerBuilder +} from '../../../issuer' export const UNIT_TEST_TIMEOUT = 30000; diff --git a/packages/issuer-rest/lib/__tests__/ClientIssuerIT.spec.ts b/packages/issuer-rest/lib/__tests__/ClientIssuerIT.spec.ts index 6aebef79..60a6c08b 100644 --- a/packages/issuer-rest/lib/__tests__/ClientIssuerIT.spec.ts +++ b/packages/issuer-rest/lib/__tests__/ClientIssuerIT.spec.ts @@ -15,11 +15,11 @@ import { PRE_AUTH_CODE_LITERAL, PRE_AUTH_GRANT_LITERAL } from '@sphereon/oid4vci-common' -import { VcIssuer } from '@sphereon/oid4vci-issuer/dist/VcIssuer' -import { CredentialSupportedBuilderV1_13, VcIssuerBuilder } from '@sphereon/oid4vci-issuer/dist/builder' import { AuthorizationServerMetadataBuilder -} from '@sphereon/oid4vci-issuer/dist/builder/AuthorizationServerMetadataBuilder' +} from '@sphereon/oid4vci-issuer' +import { VcIssuer } from '@sphereon/oid4vci-issuer/dist/VcIssuer' +import { CredentialSupportedBuilderV1_13, VcIssuerBuilder } from '@sphereon/oid4vci-issuer/dist/builder' import { MemoryStates } from '@sphereon/oid4vci-issuer/dist/state-manager' import { ExpressBuilder, ExpressSupport } from '@sphereon/ssi-express-support' import { IProofPurpose, IProofType } from '@sphereon/ssi-types' diff --git a/packages/issuer-rest/lib/__tests__/IssuerTokenServer.spec.ts b/packages/issuer-rest/lib/__tests__/IssuerTokenServer.spec.ts index 6e34c43c..d071d950 100644 --- a/packages/issuer-rest/lib/__tests__/IssuerTokenServer.spec.ts +++ b/packages/issuer-rest/lib/__tests__/IssuerTokenServer.spec.ts @@ -14,7 +14,7 @@ import { import { VcIssuer } from '@sphereon/oid4vci-issuer' import { AuthorizationServerMetadataBuilder -} from '@sphereon/oid4vci-issuer/dist/builder/AuthorizationServerMetadataBuilder' +} from '@sphereon/oid4vci-issuer' import { MemoryStates } from '@sphereon/oid4vci-issuer/dist/state-manager' import { ExpressBuilder, ExpressSupport } from '@sphereon/ssi-express-support' import { DIDDocument } from 'did-resolver' diff --git a/packages/issuer/lib/VcIssuer.ts b/packages/issuer/lib/VcIssuer.ts index 816f0c37..e2847eaf 100644 --- a/packages/issuer/lib/VcIssuer.ts +++ b/packages/issuer/lib/VcIssuer.ts @@ -37,7 +37,7 @@ import { } from '@sphereon/oid4vci-common' import { CredentialEventNames, CredentialOfferEventNames, EVENTS } from '@sphereon/oid4vci-common' import { CredentialIssuerMetadataOptsV1_0_13 } from '@sphereon/oid4vci-common' -import { OpenidFederationMetadata } from '@sphereon/oid4vci-common/dist/types/OpenidFederationMetadata' +import { OpenidFederationMetadata } from '@sphereon/oid4vci-common' import { CompactSdJwtVc, CredentialMapper, InitiatorType, SubSystem, System, W3CVerifiableCredential } from '@sphereon/ssi-types' import { assertValidPinNumber, createCredentialOfferObject, createCredentialOfferURIFromObject, CredentialOfferGrantInput } from './functions' diff --git a/packages/issuer/lib/__tests__/VcIssuerBuilder.spec.ts b/packages/issuer/lib/__tests__/VcIssuerBuilder.spec.ts index 49f3c230..4343ed47 100644 --- a/packages/issuer/lib/__tests__/VcIssuerBuilder.spec.ts +++ b/packages/issuer/lib/__tests__/VcIssuerBuilder.spec.ts @@ -1,8 +1,7 @@ import { uuidv4 } from '@sphereon/oid4vc-common' import { CredentialConfigurationSupportedV1_0_13, IssuerCredentialSubjectDisplay, IssueStatus, TokenErrorResponse } from '@sphereon/oid4vci-common' -import { AuthorizationServerMetadataBuilder } from '../builder/AuthorizationServerMetadataBuilder' -import { CredentialSupportedBuilderV1_13, VcIssuerBuilder } from '../index' +import { AuthorizationServerMetadataBuilder, CredentialSupportedBuilderV1_13, VcIssuerBuilder } from '../index' const authorizationServerMetadata = new AuthorizationServerMetadataBuilder() diff --git a/packages/issuer/lib/builder/VcIssuerBuilder.ts b/packages/issuer/lib/builder/VcIssuerBuilder.ts index 9b562c8b..5496886d 100644 --- a/packages/issuer/lib/builder/VcIssuerBuilder.ts +++ b/packages/issuer/lib/builder/VcIssuerBuilder.ts @@ -13,7 +13,7 @@ import { TxCode, URIState } from '@sphereon/oid4vci-common' -import { OpenidFederationMetadata } from '@sphereon/oid4vci-common/dist/types/OpenidFederationMetadata' +import { OpenidFederationMetadata } from '@sphereon/oid4vci-common' import { VcIssuer } from '../VcIssuer' import { MemoryStates } from '../state-manager' diff --git a/packages/issuer/lib/builder/index.ts b/packages/issuer/lib/builder/index.ts index 730e4e1f..92083c45 100644 --- a/packages/issuer/lib/builder/index.ts +++ b/packages/issuer/lib/builder/index.ts @@ -2,3 +2,4 @@ export * from './CredentialSupportedBuilderV1_13' export * from './VcIssuerBuilder' export * from './IssuerMetadataBuilderV1_13' export * from './DisplayBuilder' +export * from './AuthorizationServerMetadataBuilder' From 65fde90e13c9a781a95d23194db114b3ea3c1669 Mon Sep 17 00:00:00 2001 From: sanderPostma Date: Tue, 5 Nov 2024 12:23:35 +0100 Subject: [PATCH 09/18] chore: .well-known/openid-federation return CT application/entity-statement+jwt --- packages/issuer-rest/lib/oid4vci-api-functions.ts | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/packages/issuer-rest/lib/oid4vci-api-functions.ts b/packages/issuer-rest/lib/oid4vci-api-functions.ts index 5e0a5fa8..382f4954 100644 --- a/packages/issuer-rest/lib/oid4vci-api-functions.ts +++ b/packages/issuer-rest/lib/oid4vci-api-functions.ts @@ -409,7 +409,10 @@ export function getMetadataEndpoints(router: Router, issu if(!issuer.openidFederationMetadata || !issuer.openidFederationMetadata.jwt) { return response.status(404).send() } - return response.send(issuer.openidFederationMetadata.jwt) + const asciiContent = Buffer.from(issuer.openidFederationMetadata.jwt, 'utf8').toString('ascii') + return response + .type('application/entity-statement+jwt') + .send(asciiContent) } router.get(WellKnownEndpoints.OPENID_FEDERATION, openidFederationHandler) } From f6eea2b7d2f16afc32a41b7d398b79a71c5fb862 Mon Sep 17 00:00:00 2001 From: sanderPostma Date: Wed, 6 Nov 2024 12:31:55 +0100 Subject: [PATCH 10/18] chore: removed OIDF stuff --- .../issuer-rest/lib/oid4vci-api-functions.ts | 11 ----- packages/issuer/lib/VcIssuer.ts | 40 ++++++++++++------- .../issuer/lib/builder/VcIssuerBuilder.ts | 8 ---- .../lib/types/OpenidFederationMetadata.ts | 3 -- packages/oid4vci-common/lib/types/index.ts | 1 - 5 files changed, 26 insertions(+), 37 deletions(-) delete mode 100644 packages/oid4vci-common/lib/types/OpenidFederationMetadata.ts diff --git a/packages/issuer-rest/lib/oid4vci-api-functions.ts b/packages/issuer-rest/lib/oid4vci-api-functions.ts index 382f4954..0c3f1079 100644 --- a/packages/issuer-rest/lib/oid4vci-api-functions.ts +++ b/packages/issuer-rest/lib/oid4vci-api-functions.ts @@ -404,17 +404,6 @@ export function getMetadataEndpoints(router: Router, issu return response.send(issuer.authorizationServerMetadata) } router.get(WellKnownEndpoints.OAUTH_AS, authorizationServerHandler) - - const openidFederationHandler = (request: Request, response: Response) => { - if(!issuer.openidFederationMetadata || !issuer.openidFederationMetadata.jwt) { - return response.status(404).send() - } - const asciiContent = Buffer.from(issuer.openidFederationMetadata.jwt, 'utf8').toString('ascii') - return response - .type('application/entity-statement+jwt') - .send(asciiContent) - } - router.get(WellKnownEndpoints.OPENID_FEDERATION, openidFederationHandler) } export function determinePath( diff --git a/packages/issuer/lib/VcIssuer.ts b/packages/issuer/lib/VcIssuer.ts index e2847eaf..2e64ae17 100644 --- a/packages/issuer/lib/VcIssuer.ts +++ b/packages/issuer/lib/VcIssuer.ts @@ -1,19 +1,24 @@ import { uuidv4 } from '@sphereon/oid4vc-common' import { ALG_ERROR, - AUD_ERROR, AuthorizationServerMetadata, + AUD_ERROR, + AuthorizationServerMetadata, CNonceState, CreateCredentialOfferURIResult, CREDENTIAL_MISSING_ERROR, CredentialConfigurationSupportedV1_0_13, CredentialDataSupplierInput, + CredentialEventNames, CredentialIssuerMetadata, + CredentialIssuerMetadataOptsV1_0_13, + CredentialOfferEventNames, CredentialOfferSession, CredentialOfferV1_0_13, CredentialRequest, CredentialRequestV1_0_13, CredentialResponse, DID_NO_DIDDOC_ERROR, + EVENTS, IAT_ERROR, ISSUER_CONFIG_ERROR, IssueStatus, @@ -35,19 +40,32 @@ import { TYP_ERROR, URIState } from '@sphereon/oid4vci-common' -import { CredentialEventNames, CredentialOfferEventNames, EVENTS } from '@sphereon/oid4vci-common' -import { CredentialIssuerMetadataOptsV1_0_13 } from '@sphereon/oid4vci-common' -import { OpenidFederationMetadata } from '@sphereon/oid4vci-common' -import { CompactSdJwtVc, CredentialMapper, InitiatorType, SubSystem, System, W3CVerifiableCredential } from '@sphereon/ssi-types' +import { + CompactSdJwtVc, + CredentialMapper, + InitiatorType, + SubSystem, + System, + W3CVerifiableCredential +} from '@sphereon/ssi-types' -import { assertValidPinNumber, createCredentialOfferObject, createCredentialOfferURIFromObject, CredentialOfferGrantInput } from './functions' +import { + assertValidPinNumber, + createCredentialOfferObject, + createCredentialOfferURIFromObject, + CredentialOfferGrantInput +} from './functions' import { LookupStateManager } from './state-manager' -import { CredentialDataSupplier, CredentialDataSupplierArgs, CredentialIssuanceInput, CredentialSignerCallback } from './types' +import { + CredentialDataSupplier, + CredentialDataSupplierArgs, + CredentialIssuanceInput, + CredentialSignerCallback +} from './types' export class VcIssuer { private readonly _issuerMetadata: CredentialIssuerMetadataOptsV1_0_13 private readonly _authorizationServerMetadata: AuthorizationServerMetadata - private readonly _openidFederationMetadata?: OpenidFederationMetadata private readonly _defaultCredentialOfferBaseUri?: string private readonly _credentialSignerCallback?: CredentialSignerCallback private readonly _jwtVerifyCallback?: JWTVerifyCallback @@ -61,7 +79,6 @@ export class VcIssuer { issuerMetadata: CredentialIssuerMetadataOptsV1_0_13, authorizationServerMetadata: AuthorizationServerMetadata, args: { - openidFederationMetadata?: OpenidFederationMetadata txCode?: TxCode baseUri?: string credentialOfferSessions: IStateManager @@ -77,7 +94,6 @@ export class VcIssuer { this.setDefaultTokenEndpoint(issuerMetadata) this._issuerMetadata = issuerMetadata this._authorizationServerMetadata = authorizationServerMetadata - this._openidFederationMetadata = args.openidFederationMetadata this._defaultCredentialOfferBaseUri = args.defaultCredentialOfferBaseUri this._credentialOfferSessions = args.credentialOfferSessions this._cNonces = args.cNonces @@ -671,8 +687,4 @@ export class VcIssuer { public get authorizationServerMetadata() { return this._authorizationServerMetadata } - - public get openidFederationMetadata() { - return this._openidFederationMetadata - } } diff --git a/packages/issuer/lib/builder/VcIssuerBuilder.ts b/packages/issuer/lib/builder/VcIssuerBuilder.ts index 5496886d..1091d133 100644 --- a/packages/issuer/lib/builder/VcIssuerBuilder.ts +++ b/packages/issuer/lib/builder/VcIssuerBuilder.ts @@ -13,7 +13,6 @@ import { TxCode, URIState } from '@sphereon/oid4vci-common' -import { OpenidFederationMetadata } from '@sphereon/oid4vci-common' import { VcIssuer } from '../VcIssuer' import { MemoryStates } from '../state-manager' @@ -25,7 +24,6 @@ export class VcIssuerBuilder { issuerMetadataBuilder?: IssuerMetadataBuilderV1_13 issuerMetadata: Partial = {} authorizationServerMetadata: Partial = {} - openidFederationMetadata: Partial = {} txCode?: TxCode defaultCredentialOfferBaseUri?: string userPinRequired?: boolean @@ -50,11 +48,6 @@ export class VcIssuerBuilder { return this } - public withOpenidFederationMetadata(openidFederationMetadata: OpenidFederationMetadata) { - this.openidFederationMetadata = openidFederationMetadata - return this - } - public withIssuerMetadataBuilder(builder: IssuerMetadataBuilderV1_13) { this.issuerMetadataBuilder = builder return this @@ -194,7 +187,6 @@ export class VcIssuerBuilder { return new VcIssuer(metadata as IssuerMetadataV1_0_13, this.authorizationServerMetadata as AuthorizationServerMetadata, { - openidFederationMetadata: this.openidFederationMetadata as OpenidFederationMetadata, //TODO: discuss this with Niels. I did not find this in the spec. but I think we should somehow communicate this ...(this.txCode && { txCode: this.txCode }), defaultCredentialOfferBaseUri: this.defaultCredentialOfferBaseUri, diff --git a/packages/oid4vci-common/lib/types/OpenidFederationMetadata.ts b/packages/oid4vci-common/lib/types/OpenidFederationMetadata.ts deleted file mode 100644 index 8c38fdb1..00000000 --- a/packages/oid4vci-common/lib/types/OpenidFederationMetadata.ts +++ /dev/null @@ -1,3 +0,0 @@ -export interface OpenidFederationMetadata { - jwt: string -} diff --git a/packages/oid4vci-common/lib/types/index.ts b/packages/oid4vci-common/lib/types/index.ts index 769e7a1c..5d60ee08 100644 --- a/packages/oid4vci-common/lib/types/index.ts +++ b/packages/oid4vci-common/lib/types/index.ts @@ -6,7 +6,6 @@ export * from './v1_0_09.types'; export * from './v1_0_11.types'; export * from './v1_0_13.types'; export * from './ServerMetadata'; -export * from './OpenidFederationMetadata'; export * from './OpenID4VCIErrors'; export * from './OpenID4VCIVersions.types'; export * from './StateManager.types'; From ed7463349666019e88f850a406581f56293990c9 Mon Sep 17 00:00:00 2001 From: sanderPostma Date: Thu, 14 Nov 2024 16:07:14 +0100 Subject: [PATCH 11/18] chore: OIDF schema updates --- .../AuthorizationRequestPayloadVD12OID4VPD20.schema.ts | 6 +++++- packages/siop-oid4vp/lib/types/SIOP.types.ts | 2 +- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/packages/siop-oid4vp/lib/schemas/AuthorizationRequestPayloadVD12OID4VPD20.schema.ts b/packages/siop-oid4vp/lib/schemas/AuthorizationRequestPayloadVD12OID4VPD20.schema.ts index 42961fb7..75d02271 100644 --- a/packages/siop-oid4vp/lib/schemas/AuthorizationRequestPayloadVD12OID4VPD20.schema.ts +++ b/packages/siop-oid4vp/lib/schemas/AuthorizationRequestPayloadVD12OID4VPD20.schema.ts @@ -1093,6 +1093,10 @@ export const AuthorizationRequestPayloadVD12OID4VPD20SchemaObj = { "type": "string", "const": "x509_san_uri" }, + { + "type": "string", + "const": "entity_id" + }, { "type": "string", "const": "verifier_attestation" @@ -1109,4 +1113,4 @@ export const AuthorizationRequestPayloadVD12OID4VPD20SchemaObj = { ] } } -}; \ No newline at end of file +}; diff --git a/packages/siop-oid4vp/lib/types/SIOP.types.ts b/packages/siop-oid4vp/lib/types/SIOP.types.ts index a104d0b7..8d862e38 100644 --- a/packages/siop-oid4vp/lib/types/SIOP.types.ts +++ b/packages/siop-oid4vp/lib/types/SIOP.types.ts @@ -101,7 +101,7 @@ export interface AuthorizationRequestPayloadVD12OID4VPD20 } export type ClientIdSchemeOID4VPD18 = 'pre-registered' | 'redirect_uri' | 'entity_id' | 'did' -export type ClientIdSchemeOID4VPD20 = ClientIdSchemeOID4VPD18 | 'x509_san_dns' | 'x509_san_uri' | 'verifier_attestation' +export type ClientIdSchemeOID4VPD20 = ClientIdSchemeOID4VPD18 | 'x509_san_dns' | 'x509_san_uri' | 'entity_id' | 'verifier_attestation' export type ClientIdScheme = ClientIdSchemeOID4VPD18 | ClientIdSchemeOID4VPD20 // https://openid.bitbucket.io/connect/openid-connect-self-issued-v2-1_0.html#section-10 From 0a2e1836bb456b022abad5f5494ffb1f1f468783 Mon Sep 17 00:00:00 2001 From: sanderPostma Date: Thu, 14 Nov 2024 16:41:45 +0100 Subject: [PATCH 12/18] chore: lockfile --- pnpm-lock.yaml | 45 ++++++++------------------------------------- 1 file changed, 8 insertions(+), 37 deletions(-) diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index 7378a309..47cd030e 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -76,7 +76,7 @@ importers: version: link:../issuer '@sphereon/ssi-types': specifier: 0.30.1 - version: 0.30.1(encoding@0.1.13)(ts-node@10.9.2(@types/node@18.19.54)(typescript@5.4.5)) + version: 0.30.1(encoding@0.1.13)(ts-node@10.9.2(@types/node@18.19.54)(typescript@5.5.3)) jose: specifier: ^4.10.0 version: 4.15.9 @@ -129,7 +129,7 @@ importers: devDependencies: '@sphereon/ssi-sdk-ext.key-utils': specifier: ^0.23.0 - version: 0.23.0(expo@48.0.21(@babel/core@7.25.2)(encoding@0.1.13))(msrcrypto@1.5.8)(react-native-securerandom@1.0.1) + version: 0.23.0(expo@48.0.21(@babel/core@7.25.2)(encoding@0.1.13))(msrcrypto@1.5.8)(react-native-securerandom@1.0.1(react-native@0.71.19(@babel/core@7.25.2)(encoding@0.1.13)(react@18.3.1))) '@transmute/did-key.js': specifier: ^0.3.0-unstable.10 version: 0.3.0-unstable.10(encoding@0.1.13) @@ -798,14 +798,12 @@ packages: '@babel/plugin-proposal-async-generator-functions@7.20.7': resolution: {integrity: sha512-xMbiLsn/8RK7Wq7VeVytytS2L6qE69bXPB10YCmMdDZbKF4okCqY74pI/jJQ/8U0b/F6NrT2+14b8/P9/3AMGA==} engines: {node: '>=6.9.0'} - deprecated: This proposal has been merged to the ECMAScript standard and thus this plugin is no longer maintained. Please use @babel/plugin-transform-async-generator-functions instead. peerDependencies: '@babel/core': ^7.0.0-0 '@babel/plugin-proposal-class-properties@7.18.6': resolution: {integrity: sha512-cumfXOF0+nzZrrN8Rf0t7M+tF6sZc7vhQwYQck9q1/5w2OExlD+b4v4RpMJFaV1Z7WcDRgO6FqvxqxGlwo+RHQ==} engines: {node: '>=6.9.0'} - deprecated: This proposal has been merged to the ECMAScript standard and thus this plugin is no longer maintained. Please use @babel/plugin-transform-class-properties instead. peerDependencies: '@babel/core': ^7.0.0-0 @@ -824,35 +822,30 @@ packages: '@babel/plugin-proposal-export-namespace-from@7.18.9': resolution: {integrity: sha512-k1NtHyOMvlDDFeb9G5PhUXuGj8m/wiwojgQVEhJ/fsVsMCpLyOP4h0uGEjYJKrRI+EVPlb5Jk+Gt9P97lOGwtA==} engines: {node: '>=6.9.0'} - deprecated: This proposal has been merged to the ECMAScript standard and thus this plugin is no longer maintained. Please use @babel/plugin-transform-export-namespace-from instead. peerDependencies: '@babel/core': ^7.0.0-0 '@babel/plugin-proposal-nullish-coalescing-operator@7.18.6': resolution: {integrity: sha512-wQxQzxYeJqHcfppzBDnm1yAY0jSRkUXR2z8RePZYrKwMKgMlE8+Z6LUno+bd6LvbGh8Gltvy74+9pIYkr+XkKA==} engines: {node: '>=6.9.0'} - deprecated: This proposal has been merged to the ECMAScript standard and thus this plugin is no longer maintained. Please use @babel/plugin-transform-nullish-coalescing-operator instead. peerDependencies: '@babel/core': ^7.0.0-0 '@babel/plugin-proposal-object-rest-spread@7.20.7': resolution: {integrity: sha512-d2S98yCiLxDVmBmE8UjGcfPvNEUbA1U5q5WxaWFUGRzJSVAZqm5W6MbPct0jxnegUZ0niLeNX+IOzEs7wYg9Dg==} engines: {node: '>=6.9.0'} - deprecated: This proposal has been merged to the ECMAScript standard and thus this plugin is no longer maintained. Please use @babel/plugin-transform-object-rest-spread instead. peerDependencies: '@babel/core': ^7.0.0-0 '@babel/plugin-proposal-optional-catch-binding@7.18.6': resolution: {integrity: sha512-Q40HEhs9DJQyaZfUjjn6vE8Cv4GmMHCYuMGIWUnlxH6400VGxOuwWsPt4FxXxJkC/5eOzgn0z21M9gMT4MOhbw==} engines: {node: '>=6.9.0'} - deprecated: This proposal has been merged to the ECMAScript standard and thus this plugin is no longer maintained. Please use @babel/plugin-transform-optional-catch-binding instead. peerDependencies: '@babel/core': ^7.0.0-0 '@babel/plugin-proposal-optional-chaining@7.21.0': resolution: {integrity: sha512-p4zeefM72gpmEe2fkUr/OnOXpWEf8nAgk7ZYVqqfFiyIG7oFfVZcCrU64hWn5xp4tQ9LkV4bTIa5rD0KANpKNA==} engines: {node: '>=6.9.0'} - deprecated: This proposal has been merged to the ECMAScript standard and thus this plugin is no longer maintained. Please use @babel/plugin-transform-optional-chaining instead. peerDependencies: '@babel/core': ^7.0.0-0 @@ -1962,7 +1955,6 @@ packages: '@humanwhocodes/config-array@0.13.0': resolution: {integrity: sha512-DZLEEqFWQFiyK6h5YIeynKx7JlvCYWL0cImfSRXZ9l4Sg2efkFGTuFf6vzXjK1cq6IYkU+Eg/JizXw+TD2vRNw==} engines: {node: '>=10.10.0'} - deprecated: Use @eslint/config-array instead '@humanwhocodes/module-importer@1.0.1': resolution: {integrity: sha512-bxveV4V8v5Yb4ncFTT3rPSgZBOpCkjfK0y4oVVVJwIuDVBRMDXrPyXRL988i5ap9m9bnyEEjWfm5WkBmtffLfA==} @@ -1970,7 +1962,6 @@ packages: '@humanwhocodes/object-schema@2.0.3': resolution: {integrity: sha512-93zYdMES/c1D69yZiKDBj0V24vqNzB/koF26KPaagAfd3P/4gUlh3Dys5ogAK+Exi9QyzlD8x/08Zt7wIKcDcA==} - deprecated: Use @eslint/object-schema instead '@hutson/parse-repository-url@3.0.2': resolution: {integrity: sha512-H9XAx3hc0BQHY6l+IFSWHDySypcXsvsuLhgYLUGywmJ5pswRVQJUHpOsobnLYp2ZUaUlKiKDrgWWhosOwAEM8Q==} @@ -2213,7 +2204,6 @@ packages: '@npmcli/move-file@1.1.2': resolution: {integrity: sha512-1SUf/Cg2GzGDyaf15aR9St9TWlb+XvbZXWpDx8YKs7MLzMH/BCeopv+y9vzrzgkfykCGuWOlSu3mZhj2+FQcrg==} engines: {node: '>=10'} - deprecated: This functionality has been moved to @npmcli/fs '@npmcli/name-from-folder@2.0.0': resolution: {integrity: sha512-pwK+BfEBZJbKdNYpHHRTNBwBoqrN/iIMO0AiGvYsp3Hoaq0WbgGSWQR6SCldZovoDpY3yje5lkFUe6gsDgJ2vg==} @@ -2896,7 +2886,6 @@ packages: '@types/jwt-decode@3.1.0': resolution: {integrity: sha512-tthwik7TKkou3mVnBnvVuHnHElbjtdbM63pdBCbZTirCt3WAdM73Y79mOri7+ljsS99ZVwUFZHLMxJuJnv/z1w==} - deprecated: This is a stub types definition. jwt-decode provides its own type definitions, so you do not need this installed. '@types/language-tags@1.0.4': resolution: {integrity: sha512-20PQbifv3v/djCT+KlXybv0KqO5ofoR1qD1wkinN59kfggTPVTWGmPFgL/1yWuDyRcsQP/POvkqK+fnl5nOwTg==} @@ -3208,7 +3197,6 @@ packages: are-we-there-yet@2.0.0: resolution: {integrity: sha512-Ci/qENmwHnsYo9xKIcUJN5LeDKdJ6R1Z1j9V/J5wyq8nh/mYPEpIKJbBZXtZjG04HiK7zV/p6Vs9952MrMeUIw==} engines: {node: '>=10'} - deprecated: This package is no longer supported. arg@4.1.0: resolution: {integrity: sha512-ZWc51jO3qegGkVh8Hwpv636EkbesNV5ZNQPCtRa+0qytRYPEs9IYT9qITY9buezqUH5uqyzlWLcufrzU2rffdg==} @@ -4668,7 +4656,6 @@ packages: expression-eval@5.0.1: resolution: {integrity: sha512-7SL4miKp19lI834/F6y156xlNg+i9Q41tteuGNCq9C06S78f1bm3BXuvf0+QpQxv369Pv/P2R7Hb17hzxLpbDA==} - deprecated: The expression-eval npm package is no longer maintained. The package was originally published as part of a now-completed personal project, and I do not have incentives to continue maintenance. external-editor@3.1.0: resolution: {integrity: sha512-hMQ4CX1p1izmuLYyZqLMO/qGNw10wSv9QDCPfzXfyFrOaCSSoRfqE1Kf1s5an66J5JZC62NewG+mK49jOCtQew==} @@ -4908,7 +4895,6 @@ packages: gauge@3.0.2: resolution: {integrity: sha512-+5J6MS/5XksCuXq++uFRsnUd7Ovu1XenbeuIuNRJxYWjgQbPuFhT14lAvsWfqfAmnwluf1OwMjz39HjfLPci0Q==} engines: {node: '>=10'} - deprecated: This package is no longer supported. gensequence@5.0.2: resolution: {integrity: sha512-JlKEZnFc6neaeSVlkzBGGgkIoIaSxMgvdamRoPN8r3ozm2r9dusqxeKqYQ7lhzmj2UhFQP8nkyfCaiLQxiLrDA==} @@ -5014,20 +5000,16 @@ packages: glob@6.0.4: resolution: {integrity: sha512-MKZeRNyYZAVVVG1oZeLaWie1uweH40m9AZwIwxyPbTSX4hHrVYSzLg0Ro5Z5R7XKkIX+Cc6oD1rqeDJnwsB8/A==} - deprecated: Glob versions prior to v9 are no longer supported glob@7.1.6: resolution: {integrity: sha512-LwaxwyZ72Lk7vZINtNNrywX0ZuLyStrdDtabefZKAY5ZGJhVtgdznluResxNmPitE0SAO+O26sWTHeKSI2wMBA==} - deprecated: Glob versions prior to v9 are no longer supported glob@7.2.3: resolution: {integrity: sha512-nFR0zLpU2YCaRxwoCJvL6UvCH2JFyFVIvwTLsIf21AuHlMskA1hhTdk+LlYJtOlYt9v6dvszD2BGRqBL+iQK9Q==} - deprecated: Glob versions prior to v9 are no longer supported glob@8.1.0: resolution: {integrity: sha512-r8hpEjiQEYlF2QU0df3dS+nxxSIreXQS1qRhMJM0Q5NDdR386C7jb7Hwwod8Fgiuex+k0GFjgft18yvxm5XoCQ==} engines: {node: '>=12'} - deprecated: Glob versions prior to v9 are no longer supported glob@9.3.5: resolution: {integrity: sha512-e1LleDykUz2Iu+MTYdkSsuWX8lvAjAcs0Xef0lNIu0S2wOAzuTxCJtcd9S3cijlwYF18EsU3rzb8jPVobxDh9Q==} @@ -5275,7 +5257,6 @@ packages: inflight@1.0.6: resolution: {integrity: sha512-k92I/b08q4wvFscXCLvqfsHCrjrF7yiXsQuIVvVE7N82W3+aqpzuUdBbfhWcy/FZR3/4IgflMgKLOsvPDrGCJA==} - deprecated: This module is not supported, and leaks memory. Do not use it. Check out lru-cache if you want a good and tested way to coalesce async requests by a key value, which is much more comprehensive and powerful. inherits@2.0.4: resolution: {integrity: sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==} @@ -6468,7 +6449,6 @@ packages: multibase@4.0.6: resolution: {integrity: sha512-x23pDe5+svdLz/k5JPGCVdfn7Q5mZVMBETiC+ORfO+sor9Sgs0smJzAjfTbM5tckeCqnaUuMYoz+k3RXMmJClQ==} engines: {node: '>=12.0.0', npm: '>=6.0.0'} - deprecated: This module has been superseded by the multiformats module multiformats@12.1.3: resolution: {integrity: sha512-eajQ/ZH7qXZQR2AgtfpmSMizQzmyYVmCql7pdhldPuYQi4atACekbJaQplk6dWyIi10jCaFnd6pqvcEFXjbaJw==} @@ -6663,7 +6643,6 @@ packages: npmlog@5.0.1: resolution: {integrity: sha512-AqZtDUWOMKs1G/8lwylVjrdYgqA4d9nu8hc+0gzRxlDb1I10+FHBGMXs6aiQHFdCUUlqH99MUMuLfzWDNDtfxw==} - deprecated: This package is no longer supported. nullthrows@1.1.1: resolution: {integrity: sha512-2vPPEi+Z7WqML2jZYddDIfy5Dqb0r2fze2zTxNNknZaFpVHU3mFB3R+DWeJWGVx0ecvttSGlJTI+WG+8Z4cDWw==} @@ -6805,7 +6784,6 @@ packages: osenv@0.1.5: resolution: {integrity: sha512-0CWcCECdMVc2Rw3U5w9ZjqX6ga6ubk1xDVKxtBQPK7wis/0F2r9T6k4ydGYhecl7YUBxBVxhL5oisPsNxAPe2g==} - deprecated: This package is no longer supported. p-finally@1.0.0: resolution: {integrity: sha512-LICb2p9CB7FS+0eR1oqWnHhp0FljGLZCWBE9aix0Uye9W8LTQPwMTYVGWQWIw9RdQiDg4+epXQODwIYJtSJaow==} @@ -7459,22 +7437,18 @@ packages: rimraf@2.2.8: resolution: {integrity: sha512-R5KMKHnPAQaZMqLOsyuyUmcIjSeDm+73eoqQpaXA7AZ22BL+6C+1mcUscgOsNd8WVlJuvlgAPsegcx7pjlV0Dg==} - deprecated: Rimraf versions prior to v4 are no longer supported hasBin: true rimraf@2.4.5: resolution: {integrity: sha512-J5xnxTyqaiw06JjMftq7L9ouA448dw/E7dKghkP9WpKNuwmARNNg+Gk8/u5ryb9N/Yo2+z3MCwuqFK/+qPOPfQ==} - deprecated: Rimraf versions prior to v4 are no longer supported hasBin: true rimraf@2.6.3: resolution: {integrity: sha512-mwqeW5XsA2qAejG46gYdENaxXjx9onRNCfn7L0duuP4hCuTIi/QO7PDK07KJfp1d+izWPrzEJDcSqBa0OZQriA==} - deprecated: Rimraf versions prior to v4 are no longer supported hasBin: true rimraf@3.0.2: resolution: {integrity: sha512-JZkJMZkAGFFPP2YqXZXPbMlMBgsxzE8ILs4lMIX/2o0L9UBw9O/Y3o6wFw/i9YLapcUJWwqbi3kdxIPdC62TIA==} - deprecated: Rimraf versions prior to v4 are no longer supported hasBin: true rimraf@4.4.1: @@ -7906,7 +7880,6 @@ packages: superagent@8.1.2: resolution: {integrity: sha512-6WTxW1EB6yCxV5VFOIPQruWGHqc3yI7hEmZK6h+pyk69Lk/Ut7rLUY6W/ONF2MjBuGjvmMiIpsrVJ2vjrHlslA==} engines: {node: '>=6.4.0 <13 || >=14'} - deprecated: Please upgrade to v9.0.0+ as we have fixed a public vulnerability with formidable dependency. Note that v9.0.0+ requires Node.js v14.18.0+. See https://github.com/ladjs/superagent/pull/1800 for insight. This project is supported and maintained by the team at Forward Email @ https://forwardemail.net supertest@6.3.4: resolution: {integrity: sha512-erY3HFDG0dPnhw4U+udPfrzXa4xhSG+n4rxfRuZWCUvjFWwKl+OxWf/7zk50s84/fAAs7vf5QAb9uRa0cCykxw==} @@ -8351,7 +8324,6 @@ packages: uglify-es@3.3.9: resolution: {integrity: sha512-r+MU0rfv4L/0eeW3xZrd16t4NZfK8Ld4SWVglYBb7ez5uXFWHuVRs6xCTrf1yirs9a4j4Y27nn7SRfO6v67XsQ==} engines: {node: '>=0.8.0'} - deprecated: support for ECMAScript is superseded by `uglify-js` as of v3.13.0 hasBin: true uglify-js@3.19.3: @@ -8481,7 +8453,6 @@ packages: uuid@3.4.0: resolution: {integrity: sha512-HjSDRw6gZE5JMggctHBcjVak08+KEVhSIiDzFnT9S9aegmp85S/bReBVTb4QTFaRNptJ9kuYaNhnbNEOkbKb/A==} - deprecated: Please upgrade to version 7 or higher. Older versions may use Math.random() in certain circumstances, which is known to be problematic. See https://v8.dev/blog/math-random for details. hasBin: true uuid@7.0.3: @@ -10164,7 +10135,7 @@ snapshots: '@digitalcredentials/bnid@2.1.2(react-native@0.71.19(@babel/core@7.25.2)(@babel/preset-env@7.25.4(@babel/core@7.25.2))(encoding@0.1.13)(react@18.3.1))': dependencies: '@digitalcredentials/base58-universal': 1.0.1 - react-native-securerandom: 1.0.1(react-native@0.71.19(@babel/core@7.25.2)(@babel/preset-env@7.25.4(@babel/core@7.25.2))(encoding@0.1.13)(react@18.3.1)) + react-native-securerandom: 1.0.1(react-native@0.71.19(@babel/core@7.25.2)(encoding@0.1.13)(react@18.3.1)) yargs: 15.4.1 transitivePeerDependencies: - react-native @@ -11982,7 +11953,7 @@ snapshots: transitivePeerDependencies: - encoding - '@sphereon/isomorphic-webcrypto@2.4.1-unstable.0(expo@48.0.21(@babel/core@7.25.2)(encoding@0.1.13))(msrcrypto@1.5.8)(react-native-securerandom@1.0.1)': + '@sphereon/isomorphic-webcrypto@2.4.1-unstable.0(expo@48.0.21(@babel/core@7.25.2)(encoding@0.1.13))(msrcrypto@1.5.8)(react-native-securerandom@1.0.1(react-native@0.71.19(@babel/core@7.25.2)(encoding@0.1.13)(react@18.3.1)))': dependencies: '@peculiar/webcrypto': 1.5.0 asmcrypto.js: 2.3.2 @@ -12000,7 +11971,7 @@ snapshots: webcrypto-shim: 0.1.7 optionalDependencies: expo: 48.0.21(@babel/core@7.25.2)(encoding@0.1.13) - react-native-securerandom: 1.0.1(react-native@0.71.19(@babel/core@7.25.2)(@babel/preset-env@7.25.4(@babel/core@7.25.2))(encoding@0.1.13)(react@18.3.1)) + react-native-securerandom: 1.0.1(react-native@0.71.19(@babel/core@7.25.2)(encoding@0.1.13)(react@18.3.1)) '@sphereon/kmp-mdl-mdoc@0.2.0-SNAPSHOT.22': dependencies: @@ -12264,10 +12235,10 @@ snapshots: transitivePeerDependencies: - supports-color - '@sphereon/ssi-sdk-ext.key-utils@0.23.0(expo@48.0.21(@babel/core@7.25.2)(encoding@0.1.13))(msrcrypto@1.5.8)(react-native-securerandom@1.0.1)': + '@sphereon/ssi-sdk-ext.key-utils@0.23.0(expo@48.0.21(@babel/core@7.25.2)(encoding@0.1.13))(msrcrypto@1.5.8)(react-native-securerandom@1.0.1(react-native@0.71.19(@babel/core@7.25.2)(encoding@0.1.13)(react@18.3.1)))': dependencies: '@ethersproject/random': 5.7.0 - '@sphereon/isomorphic-webcrypto': 2.4.1-unstable.0(expo@48.0.21(@babel/core@7.25.2)(encoding@0.1.13))(msrcrypto@1.5.8)(react-native-securerandom@1.0.1) + '@sphereon/isomorphic-webcrypto': 2.4.1-unstable.0(expo@48.0.21(@babel/core@7.25.2)(encoding@0.1.13))(msrcrypto@1.5.8)(react-native-securerandom@1.0.1(react-native@0.71.19(@babel/core@7.25.2)(encoding@0.1.13)(react@18.3.1))) '@stablelib/ed25519': 1.0.3 '@stablelib/sha256': 1.0.1 '@stablelib/sha512': 1.0.1 @@ -18726,7 +18697,7 @@ snapshots: react-native: 0.71.19(@babel/core@7.25.2)(@babel/preset-env@7.25.4(@babel/core@7.25.2))(encoding@0.1.13)(react@18.3.1) optional: true - react-native-securerandom@1.0.1(react-native@0.71.19(@babel/core@7.25.2)(@babel/preset-env@7.25.4(@babel/core@7.25.2))(encoding@0.1.13)(react@18.3.1)): + react-native-securerandom@1.0.1(react-native@0.71.19(@babel/core@7.25.2)(encoding@0.1.13)(react@18.3.1)): dependencies: base64-js: 1.5.1 react-native: 0.71.19(@babel/core@7.25.2)(@babel/preset-env@7.25.4(@babel/core@7.25.2))(encoding@0.1.13)(react@18.3.1) From a45a4b7504d58f8942012ffe2b708e059f85e6c5 Mon Sep 17 00:00:00 2001 From: sanderPostma Date: Thu, 14 Nov 2024 16:47:51 +0100 Subject: [PATCH 13/18] chore: schema update --- .../schemas/AuthorizationRequestPayloadVD12OID4VPD20.schema.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/siop-oid4vp/lib/schemas/AuthorizationRequestPayloadVD12OID4VPD20.schema.ts b/packages/siop-oid4vp/lib/schemas/AuthorizationRequestPayloadVD12OID4VPD20.schema.ts index 75d02271..3a74ad22 100644 --- a/packages/siop-oid4vp/lib/schemas/AuthorizationRequestPayloadVD12OID4VPD20.schema.ts +++ b/packages/siop-oid4vp/lib/schemas/AuthorizationRequestPayloadVD12OID4VPD20.schema.ts @@ -1113,4 +1113,4 @@ export const AuthorizationRequestPayloadVD12OID4VPD20SchemaObj = { ] } } -}; +}; \ No newline at end of file From 7676e34806e7ce421ddcc2e5f34e38aea4ec5a2a Mon Sep 17 00:00:00 2001 From: sanderPostma Date: Thu, 14 Nov 2024 21:59:52 +0100 Subject: [PATCH 14/18] chore: PR feedback --- .../siop-oid4vp/lib/authorization-response/OpenID4VP.ts | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/packages/siop-oid4vp/lib/authorization-response/OpenID4VP.ts b/packages/siop-oid4vp/lib/authorization-response/OpenID4VP.ts index 831be175..300f70ab 100644 --- a/packages/siop-oid4vp/lib/authorization-response/OpenID4VP.ts +++ b/packages/siop-oid4vp/lib/authorization-response/OpenID4VP.ts @@ -70,8 +70,11 @@ export const verifyPresentations = async ( authorizationResponse: AuthorizationResponse, verifyOpts: VerifyAuthorizationResponseOpts, ): Promise => { - const presentations = authorizationResponse.payload.vp_token - ? await extractPresentationsFromVpToken(authorizationResponse.payload.vp_token, { hasher: verifyOpts.hasher }) : undefined + if (!authorizationResponse.payload.vp_token || Array.isArray(authorizationResponse.payload.vp_token) && authorizationResponse.payload.vp_token.length === 0) { + return Promise.reject('the payload is missing a vp_token') + } + + const presentations = await extractPresentationsFromVpToken(authorizationResponse.payload.vp_token, { hasher: verifyOpts.hasher }) const presentationDefinitions = verifyOpts.presentationDefinitions ? Array.isArray(verifyOpts.presentationDefinitions) ? verifyOpts.presentationDefinitions From 86a65c919f2dee62bad401ddfea0799841ee9ef9 Mon Sep 17 00:00:00 2001 From: sanderPostma Date: Thu, 14 Nov 2024 22:08:42 +0100 Subject: [PATCH 15/18] chore: PR feedback --- .../authorization-response/AuthorizationResponse.ts | 6 +++++- .../lib/authorization-response/OpenID4VP.ts | 12 +++++++++--- 2 files changed, 14 insertions(+), 4 deletions(-) diff --git a/packages/siop-oid4vp/lib/authorization-response/AuthorizationResponse.ts b/packages/siop-oid4vp/lib/authorization-response/AuthorizationResponse.ts index 5d9b8f3b..c624e617 100644 --- a/packages/siop-oid4vp/lib/authorization-response/AuthorizationResponse.ts +++ b/packages/siop-oid4vp/lib/authorization-response/AuthorizationResponse.ts @@ -214,7 +214,11 @@ export class AuthorizationResponse { let nonce: string | undefined = this._payload.nonce if (this._payload?.vp_token) { const presentations = this.payload.vp_token ? await extractPresentationsFromVpToken(this.payload.vp_token, opts) : [] - const presentationsArray = presentations ? (Array.isArray(presentations) ? presentations : [presentations]) : [] + if (!presentations || (Array.isArray(presentations) && presentations.length === 0)) { + return Promise.reject('missing presentation(s)') + } + const presentationsArray = Array.isArray(presentations) ? presentations : [presentations] + // We do not verify them, as that is done elsewhere. So we simply can take the first nonce nonce = presentationsArray diff --git a/packages/siop-oid4vp/lib/authorization-response/OpenID4VP.ts b/packages/siop-oid4vp/lib/authorization-response/OpenID4VP.ts index 300f70ab..36d5d0e3 100644 --- a/packages/siop-oid4vp/lib/authorization-response/OpenID4VP.ts +++ b/packages/siop-oid4vp/lib/authorization-response/OpenID4VP.ts @@ -105,8 +105,10 @@ export const verifyPresentations = async ( return null } - const presentationsArray = presentations ? (Array.isArray(presentations) ? presentations : [presentations]) : [] - + if (!presentations || (Array.isArray(presentations) && presentations.length === 0)) { + return Promise.reject('missing presentation(s)') + } + const presentationsArray = Array.isArray(presentations) ? presentations : [presentations] const presentationsWithoutMdoc = presentationsArray.filter((p) => p.format !== 'mso_mdoc') const nonces = new Set(presentationsWithoutMdoc.map(extractNonceFromWrappedVerifiablePresentation)) if (presentationsWithoutMdoc.length > 0 && nonces.size !== 1) { @@ -284,7 +286,11 @@ export const assertValidVerifiablePresentations = async (args: { hasher?: Hasher } }) => { - const presentationsArray = args.presentations ? (Array.isArray(args.presentations) ? args.presentations : [args.presentations]) : [] + const {presentations} = args + if (!presentations || (Array.isArray(presentations) && presentations.length === 0)) { + throw Error('missing presentation(s)') + } + const presentationsArray = Array.isArray(presentations) ? presentations : [presentations] if ( (!args.presentationDefinitions || args.presentationDefinitions.filter((a) => a.definition).length === 0) && (!presentationsArray || (Array.isArray(presentationsArray) && presentationsArray.filter((vp) => vp.presentation).length === 0)) From 124522c2b0e64f76fb92805af2c6758c463798dc Mon Sep 17 00:00:00 2001 From: sanderPostma Date: Wed, 20 Nov 2024 15:40:16 +0100 Subject: [PATCH 16/18] chore: entity_id fixes --- packages/callback-example/package.json | 2 +- packages/client/package.json | 2 +- packages/common/package.json | 2 +- packages/issuer-rest/package.json | 4 +- packages/issuer/package.json | 2 +- packages/oid4vci-common/package.json | 2 +- .../siop-oid4vp/lib/request-object/Payload.ts | 3 +- packages/siop-oid4vp/lib/rp/RPBuilder.ts | 9 + packages/siop-oid4vp/lib/types/Errors.ts | 2 +- packages/siop-oid4vp/lib/types/SIOP.types.ts | 1 + .../siop-oid4vp/lib/types/VpJwtVerifier.ts | 6 +- packages/siop-oid4vp/package.json | 2 +- pnpm-lock.yaml | 845 +----------------- 13 files changed, 52 insertions(+), 830 deletions(-) diff --git a/packages/callback-example/package.json b/packages/callback-example/package.json index 9ddfd831..caa2a15c 100644 --- a/packages/callback-example/package.json +++ b/packages/callback-example/package.json @@ -19,7 +19,7 @@ "@sphereon/oid4vci-client": "workspace:*", "@sphereon/oid4vci-common": "workspace:*", "@sphereon/oid4vci-issuer": "workspace:*", - "@sphereon/ssi-types": "0.30.1", + "@sphereon/ssi-types": "0.30.2-next.279", "jose": "^4.10.0" }, "devDependencies": { diff --git a/packages/client/package.json b/packages/client/package.json index f5dda2e7..2ddf57a6 100644 --- a/packages/client/package.json +++ b/packages/client/package.json @@ -17,7 +17,7 @@ "dependencies": { "@sphereon/oid4vc-common": "workspace:*", "@sphereon/oid4vci-common": "workspace:*", - "@sphereon/ssi-types": "0.30.1", + "@sphereon/ssi-types": "0.30.2-next.279", "cross-fetch": "^3.1.8", "debug": "^4.3.5" }, diff --git a/packages/common/package.json b/packages/common/package.json index b504c813..d3352fec 100644 --- a/packages/common/package.json +++ b/packages/common/package.json @@ -10,7 +10,7 @@ "build:clean": "tsc --build --clean && tsc --build" }, "dependencies": { - "@sphereon/ssi-types": "0.30.1", + "@sphereon/ssi-types": "0.30.2-next.279", "jwt-decode": "^4.0.0", "sha.js": "^2.4.11", "uint8arrays": "3.1.1", diff --git a/packages/issuer-rest/package.json b/packages/issuer-rest/package.json index a617ef2c..38727852 100644 --- a/packages/issuer-rest/package.json +++ b/packages/issuer-rest/package.json @@ -14,8 +14,8 @@ "@sphereon/oid4vc-common": "workspace:*", "@sphereon/oid4vci-common": "workspace:*", "@sphereon/oid4vci-issuer": "workspace:*", - "@sphereon/ssi-express-support": "0.30.1", - "@sphereon/ssi-types": "0.30.1", + "@sphereon/ssi-express-support": "0.30.2-next.279", + "@sphereon/ssi-types": "0.30.2-next.279", "body-parser": "^1.20.2", "cookie-parser": "^1.4.6", "cors": "^2.8.5", diff --git a/packages/issuer/package.json b/packages/issuer/package.json index d5d87447..f77812b4 100644 --- a/packages/issuer/package.json +++ b/packages/issuer/package.json @@ -12,7 +12,7 @@ "dependencies": { "@sphereon/oid4vc-common": "workspace:*", "@sphereon/oid4vci-common": "workspace:*", - "@sphereon/ssi-types": "0.30.1", + "@sphereon/ssi-types": "0.30.2-next.279", "uuid": "^9.0.0" }, "peerDependencies": { diff --git a/packages/oid4vci-common/package.json b/packages/oid4vci-common/package.json index bbfd5963..d2f1682d 100644 --- a/packages/oid4vci-common/package.json +++ b/packages/oid4vci-common/package.json @@ -11,7 +11,7 @@ }, "dependencies": { "@sphereon/oid4vc-common": "workspace:*", - "@sphereon/ssi-types": "0.30.1", + "@sphereon/ssi-types": "0.30.2-next.279", "cross-fetch": "^3.1.8", "debug": "^4.3.5", "jwt-decode": "^4.0.0", diff --git a/packages/siop-oid4vp/lib/request-object/Payload.ts b/packages/siop-oid4vp/lib/request-object/Payload.ts index 59991031..e641b03c 100644 --- a/packages/siop-oid4vp/lib/request-object/Payload.ts +++ b/packages/siop-oid4vp/lib/request-object/Payload.ts @@ -35,8 +35,9 @@ export const createRequestObjectPayload = async (opts: CreateAuthorizationReques response_type: payload.response_type ?? ResponseType.ID_TOKEN, scope: payload.scope, //TODO implement /.well-known/openid-federation support in the OP side to resolve the client_id (URL) and retrieve the metadata - client_id: clientId, client_id_scheme: payload.client_id_scheme, + ...(clientId && { client_id: clientId }), + ...(payload.entity_id && { entity_id: payload.entity_id }), ...(payload.redirect_uri && { redirect_uri: payload.redirect_uri }), ...(payload.response_uri && { response_uri: payload.response_uri }), response_mode: payload.response_mode ?? ResponseMode.DIRECT_POST, diff --git a/packages/siop-oid4vp/lib/rp/RPBuilder.ts b/packages/siop-oid4vp/lib/rp/RPBuilder.ts index fbbdec63..2f65e50d 100644 --- a/packages/siop-oid4vp/lib/rp/RPBuilder.ts +++ b/packages/siop-oid4vp/lib/rp/RPBuilder.ts @@ -40,6 +40,7 @@ export class RPBuilder { clientMetadata?: ClientMetadataOpts = undefined clientId: string + entityId: string clientIdScheme: string hasher: Hasher @@ -83,6 +84,14 @@ export class RPBuilder { return this } + withEntityId(entityId: string, targets?: PropertyTargets): RPBuilder { + this._authorizationRequestPayload.entity_id = assignIfAuth({ propertyValue: entityId, targets }, false) + this._requestObjectPayload.entity_id = assignIfRequestObject({ propertyValue: entityId, targets }, true) + this.entityId = entityId + return this + } + + withIssuer(issuer: ResponseIss, targets?: PropertyTargets): RPBuilder { this._authorizationRequestPayload.iss = assignIfAuth({ propertyValue: issuer, targets }, false) this._requestObjectPayload.iss = assignIfRequestObject({ propertyValue: issuer, targets }, true) diff --git a/packages/siop-oid4vp/lib/types/Errors.ts b/packages/siop-oid4vp/lib/types/Errors.ts index 24c36f92..e88c5171 100644 --- a/packages/siop-oid4vp/lib/types/Errors.ts +++ b/packages/siop-oid4vp/lib/types/Errors.ts @@ -28,7 +28,7 @@ enum SIOPErrors { MISSING_ATTESTATION_JWT_WITH_CLIENT_ID_SCHEME_ATTESTATION = `Missing jwt header jwt with client_id_scheme 'verifier_attestation'.`, MISSING_ATTESTATION_JWT_TYP = `Attestation JWT missing typ 'verifier-attestation+jwt'.`, INVALID_CLIENT_ID_SCHEME = 'Invalid client_id_scheme.', - INVALID_REQUEST_OBJECT_ENTITY_ID_SCHEME_CLIENT_ID = `Request Object uses client_id_scheme 'entity_id', but the client_id is not a string.`, + INVALID_REQUEST_OBJECT_ENTITY_ID_SCHEME_CLIENT_ID = `Request Object uses client_id_scheme 'entity_id', but the entity_id is missing or not an https endpoint.`, EXPIRED = 'The token has expired', INVALID_AUDIENCE = 'Audience is invalid. Should be a string value.', NO_AUDIENCE = 'No audience found in JWT payload or not configured', diff --git a/packages/siop-oid4vp/lib/types/SIOP.types.ts b/packages/siop-oid4vp/lib/types/SIOP.types.ts index 8d862e38..1bccd68a 100644 --- a/packages/siop-oid4vp/lib/types/SIOP.types.ts +++ b/packages/siop-oid4vp/lib/types/SIOP.types.ts @@ -36,6 +36,7 @@ export interface RequestObjectPayload extends RequestCommonPayload, JWTPayload { response_type: ResponseType | string // REQUIRED. Constant string value id_token. client_id: string // REQUIRED. RP's identifier at the Self-Issued OP. client_id_scheme?: ClientIdScheme // The client_id_scheme enables deployments of this specification to use different mechanisms to obtain and validate metadata of the Verifier beyond the scope of [RFC6749]. The term client_id_scheme is used since the Verifier is acting as an OAuth 2.0 Client. + entity_id?: string // OPTIONAL for OIDF client_metadata: ClientMetadataOpts redirect_uri?: string // REQUIRED before OID4VP v18, now optional because of response_uri. URI to which the Self-Issued OP Response will be sent response_uri?: string // New since OID4VP18 OPTIONAL. The Response URI to which the Wallet MUST send the Authorization Response using an HTTPS POST request as defined by the Response Mode direct_post. The Response URI receives all Authorization Response parameters as defined by the respective Response Type. When the response_uri parameter is present, the redirect_uri Authorization Request parameter MUST NOT be present. If the redirect_uri Authorization Request parameter is present when the Response Mode is direct_post, the Wallet MUST return an invalid_request Authorization Response error. diff --git a/packages/siop-oid4vp/lib/types/VpJwtVerifier.ts b/packages/siop-oid4vp/lib/types/VpJwtVerifier.ts index 0e06e486..e6e345dd 100644 --- a/packages/siop-oid4vp/lib/types/VpJwtVerifier.ts +++ b/packages/siop-oid4vp/lib/types/VpJwtVerifier.ts @@ -152,11 +152,11 @@ export const getRequestObjectJwtVerifier = async ( // If the Wallet cannot establish trust, it MUST refuse the request. return { method: 'jwk', type, jwk: attestationPayload.cnf['jwk'] as JWK, alg } } else if (clientIdScheme === 'entity_id') { - if (!clientId.startsWith('http')) { + const entityId = jwt.payload.entity_id + if (!entityId || !entityId.startsWith('https')) { throw new Error(SIOPErrors.INVALID_REQUEST_OBJECT_ENTITY_ID_SCHEME_CLIENT_ID) } - - return { method: 'openid-federation', type, entityId: clientId } + return { method: 'openid-federation', type, entityId } } throw new Error(SIOPErrors.INVALID_CLIENT_ID_SCHEME) diff --git a/packages/siop-oid4vp/package.json b/packages/siop-oid4vp/package.json index bc687cf5..15398327 100644 --- a/packages/siop-oid4vp/package.json +++ b/packages/siop-oid4vp/package.json @@ -19,7 +19,7 @@ "@sphereon/oid4vc-common": "workspace:*", "@sphereon/pex": "5.0.0-unstable.24", "@sphereon/pex-models": "^2.3.1", - "@sphereon/ssi-types": "0.30.2-next.129", + "@sphereon/ssi-types": "0.30.2-next.279", "cross-fetch": "^4.0.0", "debug": "^4.3.5", "events": "^3.3.0", diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index 47cd030e..68b1155e 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -75,8 +75,8 @@ importers: specifier: workspace:* version: link:../issuer '@sphereon/ssi-types': - specifier: 0.30.1 - version: 0.30.1(encoding@0.1.13)(ts-node@10.9.2(@types/node@18.19.54)(typescript@5.5.3)) + specifier: 0.30.2-next.279 + version: 0.30.2-next.279 jose: specifier: ^4.10.0 version: 4.15.9 @@ -118,8 +118,8 @@ importers: specifier: workspace:* version: link:../oid4vci-common '@sphereon/ssi-types': - specifier: 0.30.1 - version: 0.30.1(encoding@0.1.13)(ts-node@10.9.2(@types/node@18.19.54)(typescript@5.5.3)) + specifier: 0.30.2-next.279 + version: 0.30.2-next.279 cross-fetch: specifier: ^3.1.8 version: 3.1.8(encoding@0.1.13) @@ -203,8 +203,8 @@ importers: packages/common: dependencies: '@sphereon/ssi-types': - specifier: 0.30.1 - version: 0.30.1(encoding@0.1.13)(ts-node@10.9.2(@types/node@18.19.54)(typescript@5.4.5)) + specifier: 0.30.2-next.279 + version: 0.30.2-next.279 jwt-decode: specifier: ^4.0.0 version: 4.0.0 @@ -271,8 +271,8 @@ importers: specifier: workspace:* version: link:../oid4vci-common '@sphereon/ssi-types': - specifier: 0.30.1 - version: 0.30.1(encoding@0.1.13)(ts-node@10.9.2(@types/node@18.19.54)(typescript@5.4.5)) + specifier: 0.30.2-next.279 + version: 0.30.2-next.279 awesome-qr: specifier: ^2.1.5-rc.0 version: 2.1.5-rc.0(encoding@0.1.13) @@ -311,11 +311,11 @@ importers: specifier: workspace:* version: link:../issuer '@sphereon/ssi-express-support': - specifier: 0.30.1 - version: 0.30.1 + specifier: 0.30.2-next.279 + version: 0.30.2-next.279 '@sphereon/ssi-types': - specifier: 0.30.1 - version: 0.30.1(encoding@0.1.13)(ts-node@10.9.2(@types/node@18.19.54)(typescript@5.4.5)) + specifier: 0.30.2-next.279 + version: 0.30.2-next.279 awesome-qr: specifier: ^2.1.5-rc.0 version: 2.1.5-rc.0(encoding@0.1.13) @@ -406,8 +406,8 @@ importers: specifier: workspace:* version: link:../common '@sphereon/ssi-types': - specifier: 0.30.1 - version: 0.30.1(encoding@0.1.13)(ts-node@10.9.2(@types/node@18.19.54)(typescript@5.4.5)) + specifier: 0.30.2-next.279 + version: 0.30.2-next.279 cross-fetch: specifier: ^3.1.8 version: 3.1.8(encoding@0.1.13) @@ -455,8 +455,8 @@ importers: specifier: ^2.3.1 version: 2.3.1 '@sphereon/ssi-types': - specifier: 0.30.2-next.129 - version: 0.30.2-next.129 + specifier: 0.30.2-next.279 + version: 0.30.2-next.279 cross-fetch: specifier: ^4.0.0 version: 4.0.0(encoding@0.1.13) @@ -2433,10 +2433,6 @@ packages: '@scure/base@1.1.9': resolution: {integrity: sha512-8YKhl8GHiNI/pU2VMaofa2Tor7PJRAjwQLBBuilkJ9L5+13yVbC7JO/wS7piioAvPSwR3JKM1IJ/u4xQzbcXKg==} - '@sd-jwt/decode@0.6.1': - resolution: {integrity: sha512-QgTIoYd5zyKKLgXB4xEYJTrvumVwtsj5Dog0v0L9UH9ZvHekDaeexS247X7A4iSdzTvmZzUpGskgABOa4D8NmQ==} - engines: {node: '>=16'} - '@sd-jwt/decode@0.7.2': resolution: {integrity: sha512-dan2LSvK63SKwb62031G4r7TE4TaiI0EK1KbPXqS+LCXNkNDUHqhtYp9uOpj+grXceCsMtMa2f8VnUfsjmwHHg==} engines: {node: '>=18'} @@ -2445,18 +2441,10 @@ packages: resolution: {integrity: sha512-mQV85u2+mLLy2VZ9Wx2zpaB6yTDnbhCfWkP7eeCrzJQHBKAAHko8GrylEFmLKewFIcajS/r4lT/zHOsCkp5pZw==} engines: {node: '>=18'} - '@sd-jwt/types@0.6.1': - resolution: {integrity: sha512-LKpABZJGT77jNhOLvAHIkNNmGqXzyfwBT+6r+DN9zNzMx1CzuNR0qXk1GMUbast9iCfPkGbnEpUv/jHTBvlIvg==} - engines: {node: '>=16'} - '@sd-jwt/types@0.7.2': resolution: {integrity: sha512-1NRKowiW0ZiB9SGLApLPBH4Xk8gDQJ+nA9NdZ+uy6MmJKLEwjuJxO7yTvRIv/jX/0/Ebh339S7Kq4RD2AiFuRg==} engines: {node: '>=18'} - '@sd-jwt/utils@0.6.1': - resolution: {integrity: sha512-1NHZ//+GecGQJb+gSdDicnrHG0DvACUk9jTnXA5yLZhlRjgkjyfJLNsCZesYeCyVp/SiyvIC9B+JwoY4kI0TwQ==} - engines: {node: '>=16'} - '@sd-jwt/utils@0.7.2': resolution: {integrity: sha512-aMPY7uHRMgyI5PlDvEiIc+eBFGC1EM8OCQRiEjJ8HGN0pajWMYj0qwSw7pS90A49/DsYU1a5Zpvb7nyjgGH0Yg==} engines: {node: '>=18'} @@ -2534,7 +2522,6 @@ packages: '@sphereon/kmp-mdl-mdoc@0.2.0-SNAPSHOT.22': resolution: {integrity: sha512-uAZZExVy+ug9JLircejWa5eLtAZ7bnBP6xb7DO2+86LRsHNLh2k2jMWJYxp+iWtGHTsh6RYsZl14ScQLvjiQ/A==} - bundledDependencies: [] '@sphereon/pex-models@2.3.1': resolution: {integrity: sha512-SByU4cJ0XYA6VZQ/L6lsSiRcFtBPHbFioCeQ4GP7/W/jQ+PSBD7uK2oTnKQ9/0iEiMK/6JYqhKgLs4a9UX3UTQ==} @@ -2543,8 +2530,8 @@ packages: resolution: {integrity: sha512-CZc+kr8cJqPsFSpg4kHyamr5oB5xLVP2E5eJ0pbetOfOE2uSxqk0/A8zGazcPhU1zZILrO51hD4vW/hJRgtKJQ==} engines: {node: '>=18'} - '@sphereon/ssi-express-support@0.30.1': - resolution: {integrity: sha512-eZMq3V6lZ3qVCO+ymRjLOmDrfIqPsAf/KHwxtK4yoZyVjsDC4f/mbLIovyv1SdK/Uf7raF7QXdTjLi+f/XeS2Q==} + '@sphereon/ssi-express-support@0.30.2-next.279': + resolution: {integrity: sha512-FtIj3bTBfbaeiZ6UGAXTOjA8KixFlzZ3wmg5zTFNOfv3POtEaS6x8xyZJANNW+G+hU2ZWpGKdWp5AVINdrEsLg==} peerDependencies: '@noble/hashes': 1.2.0 passport-azure-ad: ^4.3.5 @@ -2557,51 +2544,21 @@ packages: passport-http-bearer: optional: true - '@sphereon/ssi-sdk-ext.did-utils@0.24.1-unstable.130': - resolution: {integrity: sha512-I+0VjitRjisABWm8RtTPQG57tFwfUS13Wud30OvBoADRxnaA0guUrkS82AYtV6YD0TBHdrd0D6a0RCJwK9SvDg==} - - '@sphereon/ssi-sdk-ext.identifier-resolution@0.24.1-unstable.130': - resolution: {integrity: sha512-9mY+qgXmbZCC8aic99R7B3vKBHBakDiC6Sktgd7Q9AknR8cCmvdrmTgnOETrLng9L43uNOJnNTMG/4T6LqmtsA==} - - '@sphereon/ssi-sdk-ext.jwt-service@0.24.1-unstable.130': - resolution: {integrity: sha512-MHLGRmJODEYJyFoXKwlKMYzf48vS5JcUkGk0W4sqmrY1wwcw+ro3l8adIprG37mNuknXBs9Mv0x/tvibE9wwCQ==} - - '@sphereon/ssi-sdk-ext.key-manager@0.24.1-unstable.130': - resolution: {integrity: sha512-O/6NlKmlYRnEyP/mAI2Diu0qptMSqZfVwqog8KAOG/G8JUmktfSQmclBW8RoJ6AD9uY65BGzNk1oAVuuMv4Dog==} - '@sphereon/ssi-sdk-ext.key-utils@0.23.0': resolution: {integrity: sha512-BfULXvQmcUrBq2DqYxJHKnEoB2d5icu3TJ9GP2aP1WybSULTjL96Wv5r7QKgktcodKaL+F+oQ7r8sC9qBl1exw==} - '@sphereon/ssi-sdk-ext.key-utils@0.24.1-unstable.130': - resolution: {integrity: sha512-DCyXW18g1OAuZ+aFHzQGrbZSx793DX94LSFnrWlOTMnYeILmrizuFksUlWSb3lTqQGAqWBC48NoR3I1H6lSMEQ==} - - '@sphereon/ssi-sdk-ext.x509-utils@0.24.1-unstable.130': - resolution: {integrity: sha512-JDX8i0WrwONaOivZXB+OxJQGkln7vuSLS61tOYl7M1RyPGixdBYuEuACsdvWf6egYOpaWmhmXZzaAOj18eDddw==} - - '@sphereon/ssi-sdk.agent-config@0.29.1-unstable.161': - resolution: {integrity: sha512-ZP/TjapF/Gv/AwnNr9e1U3rjyRwdLtAj4un9j1csnKcgYe9ff2fhYbe06y9mU4tfQilH69mAW4Tz1t6N5U7XbA==} - - '@sphereon/ssi-sdk.core@0.29.1-unstable.161': - resolution: {integrity: sha512-3E/KsjTywT9BzP5bMi41JVTu9nTiu2ekwNSPobF9tAJnHJv+LkjCJ59xA8jtbq/Xe4iq3xRMU17yBvpZXN2W4A==} - - '@sphereon/ssi-types@0.29.1-unstable.161': - resolution: {integrity: sha512-ifMADjk6k0f97/isK/4Qw/PX6n4k+qS5k6mmmH47MTD3KMDddVghoXycsvNw7wObJdLUalHBX630ghr+u21oMg==} - - '@sphereon/ssi-types@0.30.1': - resolution: {integrity: sha512-vbYaxQXb71sOPwDj7TRDlUGfIHKVVs8PiHfImPBgSBshrD7VpEHOrB+EwwavMm5MAQvWK/yblGmzk7FHds7SHA==} - '@sphereon/ssi-types@0.30.2-next.129': resolution: {integrity: sha512-F1TDy9S5ajDJDp21cINXseGSux9kGA+x0KScAS+5+B/RdMGRp7bLOM+3YpQw1QGPqKxVc7JAd2gAn7AI0pAkZA==} + '@sphereon/ssi-types@0.30.2-next.279': + resolution: {integrity: sha512-8I+wlZIKICKqwTJ0lObJWao2KKYHA3hoRzB4mDapPAIPKUbojJCIh9ei37DnEf5AEDAtUS1gOlEDmC/cKJrtpA==} + '@sphereon/ssi-types@0.9.0': resolution: {integrity: sha512-umCr/syNcmvMMbQ+i/r/mwjI1Qw2aFPp9AwBTvTo1ailAVaaJjJGPkkVz1K9/2NZATNdDiQ3A8yGzdVJoKh9pA==} '@sphereon/wellknown-dids-client@0.1.3': resolution: {integrity: sha512-TAT24L3RoXD8ocrkTcsz7HuJmgjNjdoV6IXP1p3DdaI/GqkynytXE3J1+F7vUFMRYwY5nW2RaXSgDQhrFJemaA==} - '@sqltools/formatter@1.2.5': - resolution: {integrity: sha512-Uy0+khmZqUrUGm5dmMqVlnvufZRSK0FbYzVgp0UMstm+F5+W2/jnEEQyc9vo1ZR/E5ZI/B1WjjoTqBqwJL6Krw==} - '@stablelib/aead@1.0.1': resolution: {integrity: sha512-q39ik6sxGHewqtO0nP4BuSe3db5G1fEJE8ukvngS2gLkBXyy6E7pLubhbYgnkDFv6V8cWaxcE4Xn0t6LWcJkyg==} @@ -2786,9 +2743,6 @@ packages: resolution: {integrity: sha512-y4lPzk/SY/Cy1dUCa17ES3kqvShNQwevTO16dvbuevu6YcTYBAdSCYvW9JL+ppFqPYI5NSDPUwT6kkd4wNWmsA==} engines: {node: '>=16'} - '@trust/keyto@1.0.1': - resolution: {integrity: sha512-OXTmKkrnkwktCX86XA7eWs1TQ6u64enm0syzAfNhjigbuGLy5aLhbhRYWtjt4zzdG/irWudluheRZ9Ic9pCwsA==} - '@trust/keyto@2.0.0-alpha1': resolution: {integrity: sha512-VmlOa+nOaDzhEUfprnVp7RxFQyuEwA4fJ5+smnsud5WM01gU16yQnO/ejZnDVMGXuq/sUwTa5pCej4JhkKA5Sg==} @@ -3029,12 +2983,6 @@ packages: '@veramo/core@4.2.0': resolution: {integrity: sha512-HIqbXfCbwOAJelR5Ohsm22vr63cy6ND8Ua/+9wfMDAiymUUS7NryaJ/v6NRtnmIrNZqUMDdR9/TWdp4cCq5eBg==} - '@veramo/key-manager@4.2.0': - resolution: {integrity: sha512-v/swPrxxI155iFxWjcJDmeyfMLOnAu/VRxJJE+cv8Ld9mmPi5xljaoO9/ozt0j4Cz92n6lFKqfVOxs2ECV85UA==} - - '@veramo/utils@4.2.0': - resolution: {integrity: sha512-jHkli0Qz9rFsWzPAdfJP3P2MFxvVMZPDXZvtVBm8x1fjAGrw/Htz/c5drhDAeBXnqPd9011/7cyvp6AOvdbc8Q==} - '@xmldom/xmldom@0.7.13': resolution: {integrity: sha512-lm2GW5PkosIzccsaZIz7tp8cPADSIlIHWDFTR1N0SzfinhhYgeIQjFMz4rYzanCScr3DqQLeomUDArp6MWKm+g==} engines: {node: '>=10.0.0'} @@ -3181,10 +3129,6 @@ packages: resolution: {integrity: sha512-KMReFUr0B4t+D+OBkjR3KYqvocp2XaSzO55UcB6mgQMd3KbcE+mWTyvVV7D/zsdEbNnV6acZUutkiHQXvTr1Rw==} engines: {node: '>= 8'} - app-root-path@3.1.0: - resolution: {integrity: sha512-biN3PwB2gUtjaYy/isrU3aNWI5w+fAfvHkSvCKeQGxhmYpwKFUxudR3Yya+KqVRHBmEDYh+/lTozYCFbmzX4nA==} - engines: {node: '>= 6.0.0'} - appdirsjs@1.2.7: resolution: {integrity: sha512-Quji6+8kLBC3NnBeo14nPDq0+2jUs5s3/xEye+udFHumHhRk4M7aAMXp/PBJqkKYGuuyR9M/6Dq7d2AViiGmhw==} @@ -3276,9 +3220,6 @@ packages: asmcrypto.js@2.3.2: resolution: {integrity: sha512-3FgFARf7RupsZETQ1nHnhLUUvpcttcCq1iZCaVAbJZbCZ5VNRrNyvpDyHTOb0KC3llFcsyOT/a99NZcCbeiEsA==} - asn1.js-rfc5280@3.0.0: - resolution: {integrity: sha512-Y2LZPOWeZ6qehv698ZgOGGCZXBQShObWnGthTrIFlIQjuV1gg2B8QOhWFRExq/MR1VnPpIIe7P9vX2vElxv+Pg==} - asn1.js@5.4.1: resolution: {integrity: sha512-+I//4cYPccV8LdmBLiX8CYvf9Sp3vQsrqu2QNXRcrbiWvcx/UdlFiqUJJzxRQxgsZmvhXhn4cSKeSmoFjVdupA==} @@ -3444,9 +3385,6 @@ packages: bl@4.1.0: resolution: {integrity: sha512-1W07cM9gS6DcLperZfFSj+bWLtaPGSOHWhPiGzXmvVJbRLdG82sH/Kn8EtW1VqWVA54AKf2h5k5BbnIbwF3h6w==} - blakejs@1.2.1: - resolution: {integrity: sha512-QXUSXI3QVc/gJME0dBpXrag1kbzOqCjCX8/b54ntNyW6sjtoqxqRk3LTmXzaJoh71zMsDCjM+47jS7XiwN/+fQ==} - blueimp-md5@2.19.0: resolution: {integrity: sha512-DRQrD6gJyy8FbiE4s+bDoXS9hiW3Vbx5uCdwvcCf3zLHL+Iv7LtGHLpr+GZV8rHG8tK766FGYBwRbu8pELTt+w==} @@ -3550,10 +3488,6 @@ packages: resolution: {integrity: sha512-/Nf7TyzTx6S3yRJObOAV7956r8cr2+Oj8AC5dt8wSP3BQAoeX58NoHyCU8P8zGkNXStjTSi6fzO6F0pBdcYbEg==} engines: {node: '>= 0.8'} - bytestreamjs@2.0.1: - resolution: {integrity: sha512-U1Z/ob71V/bXfVABvNr/Kumf5VyeQRBEm6Txb0PQ6S7V5GpBM3w4Cbqz/xPDicR5tN0uvDifng8C+5qECeGwyQ==} - engines: {node: '>=6.0.0'} - cacache@15.3.0: resolution: {integrity: sha512-VVdYzXEn+cnbXpFgWs5hTT7OScegHVmLhJIR8Ufqk3iFD6A6j5iSX1KuBTfNEv4tdJWE2PzA6IVFtcLC7fN9wQ==} engines: {node: '>= 10'} @@ -4195,9 +4129,6 @@ packages: deprecation@2.3.1: resolution: {integrity: sha512-xmHIy4F3scKVwMsQ4WnVaS8bHOx0DmVwRywosKhaILI0ywMDWPtBSku2HNxRvF7jtwDRsoEwYQSfbxj8b7RlJQ==} - des.js@1.1.0: - resolution: {integrity: sha512-r17GxjhUCjSRy8aiJpr8/UadFIzMzJGexI3Nmz4ADi9LYSFx4gTBp80+NaX/YsXWWLhpZ7v/v/ubEc/bCNfKwg==} - destroy@1.2.0: resolution: {integrity: sha512-2sJGJTaXIIaR1w4iJSNoN0hnMY7Gpc/n8D4qSCJw8QqFWXf7cuAgnEHxBpweaVcPevC2l3KpjYCx3NypQQgaJg==} engines: {node: '>= 0.8', npm: 1.2.8000 || >= 1.4.16} @@ -4220,10 +4151,6 @@ packages: did-context@3.1.1: resolution: {integrity: sha512-iFpszgSxc7d1kNBJWC+PAzNTpe5LPalzsIunTMIpbG3O37Q7Zi7u4iIaedaM7UhziBhT+Agr9DyvAiXSUyfepQ==} - did-jwt-vc@3.1.3: - resolution: {integrity: sha512-qB1FiQ0sT/FUR5+mQ//P5lS0Gllrtes2OxC3WVMOt8ND0LolF92ohozv50ukyOvB2zBzgfm5durcIPqQcoI+LA==} - engines: {node: '>=14'} - did-jwt-vc@3.2.15: resolution: {integrity: sha512-M/WPiL34CQUiN4bvWnZ0OFHJ3usPtstfQfbNbHAWHvwjeCGi7nAdv62VXHgy2xIhJMc790hH7PsMN3i6SCGEyg==} engines: {node: '>=18'} @@ -4656,6 +4583,7 @@ packages: expression-eval@5.0.1: resolution: {integrity: sha512-7SL4miKp19lI834/F6y156xlNg+i9Q41tteuGNCq9C06S78f1bm3BXuvf0+QpQxv369Pv/P2R7Hb17hzxLpbDA==} + deprecated: The expression-eval npm package is no longer maintained. The package was originally published as part of a now-completed personal project, and I do not have incentives to continue maintenance. external-editor@3.1.0: resolution: {integrity: sha512-hMQ4CX1p1izmuLYyZqLMO/qGNw10wSv9QDCPfzXfyFrOaCSSoRfqE1Kf1s5an66J5JZC62NewG+mK49jOCtQew==} @@ -5214,11 +5142,6 @@ packages: engines: {node: '>=4.0'} hasBin: true - image-size@2.0.0-beta.2: - resolution: {integrity: sha512-1nDNnVxJixMWBynFgQ1q8+aVqK60TiNHpMyFAXt9xpzGZV+2lHI1IXjgdcAjBxPc4nx2ed1NdYs2I+Zfq+Zn7w==} - engines: {node: '>=18.18.0'} - hasBin: true - import-fresh@2.0.0: resolution: {integrity: sha512-eZ5H8rcgYazHbKC3PG4ClHNykCSxtAhxSSEM+2mb+7evD2CKF5V7c0dNum7AdpDh0ZdICwZY9sRSn8f+KH96sg==} engines: {node: '>=4'} @@ -5748,45 +5671,12 @@ packages: js-binary-schema-parser@2.0.3: resolution: {integrity: sha512-xezGJmOb4lk/M1ZZLTR/jaBHQ4gG/lqQnJqdIv4721DMggsa1bDVlHXNeHYogaIEHD9vCRv0fcL4hMA+Coarkg==} - js-crypto-aes@1.0.6: - resolution: {integrity: sha512-E2hu9z5+YtpDg9Un/bDfmH+I5dv/8aN+ozxv9L0ybZldcQ9T5iYDbBKdlKGBUKI3IvzoWSBSdnZnhwZaRIN46w==} - - js-crypto-ec@1.0.7: - resolution: {integrity: sha512-vou6cW3wGAQ75RzS++I/rthELPFp0nhHCmaAKQvdhwD480Q3FltLgyNkTMgcLTdN+Ghj8BRU1/+3oIEIOOK/MA==} - - js-crypto-env@1.0.5: - resolution: {integrity: sha512-8/UNN3sG8J+yMzqwSNVaobaWhIz4MqZFoOg5OB0DFXqS8eFjj2YvdmLJqIWXPl57Yw10SvYx0DQOtkfsWIV9Aw==} - - js-crypto-hash@1.0.7: - resolution: {integrity: sha512-GdbcVKjplbXJdR9oF2ks8+sBCLD7BUZ144Bc+Ie8OJuBHSIiHyMzdg2eD+ZYf87awTsKckNn1xIv+31+V2ewcA==} - - js-crypto-hmac@1.0.7: - resolution: {integrity: sha512-OVn2wjAuOV7ToQYvRKY2VoElCHoRW7BepycPPuH73xbLygDczkef41YsXMpKLnVAyS5kdwMJQy9qlMR9touHTg==} - - js-crypto-key-utils@1.0.7: - resolution: {integrity: sha512-8/y/hpKevnAgr5EXz2x4IXMfqjzYZAzzXXc9OnAyI5JNdUtAufJkGfwlmZ+o40lTHv3k1egCiP/6pG/dZiqiEA==} - - js-crypto-pbkdf@1.0.7: - resolution: {integrity: sha512-FGs1PZeqGWM8k8k5JlAhHbBhLYtls+iVmeJEC22DUJ98Q3qo9Ki4cu3i0oxhjA2VpZ8V4MmV1DJHDTFYY4iOwg==} - - js-crypto-random@1.0.5: - resolution: {integrity: sha512-WydEQ5rrWLzgSkX1QNsuGinkv7z57UkYnDGo5f5oGtBe9QeUWUehdmPNNG4a4Sf8xGkjZBOhKaZqT1ACnyYCBA==} - - js-crypto-rsa@1.0.7: - resolution: {integrity: sha512-HLBCWNGzuUZMNbZ3nndrVAqth1m1mvuCO4tW7PpBDn4nsdLSnPnPd+SA7NvjsufWry38DnZdpFrK2gqbsrksGw==} - - js-encoding-utils@0.7.3: - resolution: {integrity: sha512-cfjcyPOzkZ2esMAi6eAjuto7GiT6YpPan5xIeQyN/CFqFHTt1sdqP0PJPgzi3HqAqXKN9j9hduynkgwk+AAJOw==} - js-sha3@0.8.0: resolution: {integrity: sha512-gF1cRrHhIzNfToc802P800N8PpXS+evLLXfsVpowqmAFR9uwbi89WvXg2QspOmXL8QL86J4T1EpFu+yUkwJY3Q==} js-tokens@4.0.0: resolution: {integrity: sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==} - js-x509-utils@1.0.7: - resolution: {integrity: sha512-IDB3CtWyvkNJVbDPZvzM9o3Y6CyzDiMls6R23ZPwfmHHil7nRrpLxtA098SENhqjv1t/6WTeeCKQ5dhIMOGiUw==} - js-yaml@3.14.1: resolution: {integrity: sha512-okMH7OXXJ7YrN9Ok3/SXrnu4iX9yOk+25nqX4imS2npuvTYDmo/QEZoqwZkYaIDk3jVvBOTOIEgEhaLOynBS9g==} hasBin: true @@ -5900,10 +5790,6 @@ packages: resolution: {integrity: sha512-POQXvpdL69+CluYsillJ7SUhKvytYjW9vG/GKpnf+xP8UWgYEM/RaMzHHofbALDiKbbP1W8UEYmgGl39WkPZsg==} engines: {'0': node >= 0.2.0} - jsonpointer@5.0.1: - resolution: {integrity: sha512-p/nXbhSEcu3pZRdkW1OfJhpsVtW1gd4Wa1fnQc9YLiTfAjn0312eMKimbdIQzuZl9aa9xUGaRlP9T/CJE/ditQ==} - engines: {node: '>=0.10.0'} - just-diff-apply@5.5.0: resolution: {integrity: sha512-OYTthRfSh55WOItVqwpefPtNt2VdKsq5AnAK6apdtR6yCH8pr0CmSr710J0Mf+WdQy7K/OzMy7K2MgAfdQURDw==} @@ -6416,11 +6302,6 @@ packages: engines: {node: '>=10'} hasBin: true - mkdirp@2.1.6: - resolution: {integrity: sha512-+hEnITedc8LAtIP9u3HJDFIdcLV2vXP33sqLLIzkv1Db1zO/1OxbvYf0Y1OC/S/Qo5dxHXepofhmxL02PsKe+A==} - engines: {node: '>=10'} - hasBin: true - mkdirp@3.0.1: resolution: {integrity: sha512-+NsyUUAZDmo6YVHzL/stxSu3t9YS1iljliy3BSDrXJ/dkn1KYdmtZODGGjLcc9XLgVVpH4KshHB8XmZgMhaBXg==} engines: {node: '>=10'} @@ -6454,9 +6335,6 @@ packages: resolution: {integrity: sha512-eajQ/ZH7qXZQR2AgtfpmSMizQzmyYVmCql7pdhldPuYQi4atACekbJaQplk6dWyIi10jCaFnd6pqvcEFXjbaJw==} engines: {node: '>=16.0.0', npm: '>=7.0.0'} - multiformats@9.7.1: - resolution: {integrity: sha512-TaVmGEBt0fhxiNJMGphBfB+oGvUxFs8KgGvgl8d3C+GWtrFcvXdJ2196eg+dYhmSFClmgFfSfJEklo+SZzdNuw==} - multiformats@9.9.0: resolution: {integrity: sha512-HoMUjhH9T8DDBNT+6xzkrd9ga/XiBI4xLr58LJACwK6G3HTOPeMz4nB4KJs33L2BelrIJa7P0VuNaVF3hMYfjg==} @@ -7034,10 +6912,6 @@ packages: resolution: {integrity: sha512-nDywThFk1i4BQK4twPQ6TA4RT8bDY96yeuCVBWL3ePARCiEKDRSrNGbFIgUJpLp+XeIR65v8ra7WuJOFUBtkMA==} engines: {node: '>=8'} - pkijs@3.2.4: - resolution: {integrity: sha512-Et9V5QpvBilPFgagJcaKBqXjKrrgF5JL2mSDELk1vvbOTt4fuBhSSsGn9Tcz0TQTfS5GCpXQ31Whrpqeqp0VRg==} - engines: {node: '>=12.0.0'} - plist@3.1.0: resolution: {integrity: sha512-uysumyrvkUX0rX/dEVqt8gC3sTBzd4zoWfLeS29nb53imdaXVvLINYXTI2GNqzaMuvacNx4uJQ8+b3zXR0pkgQ==} engines: {node: '>=10.4.0'} @@ -7326,9 +7200,6 @@ packages: resolution: {integrity: sha512-EJ4UNY/U1t2P/2k6oqotuX2Cc3T6nxJwsM0N0asT7dhrtH1ltUxDn4NalSYmPE2rCkVpcf/X6R0wDwcFpzhd4w==} engines: {node: '>=6'} - reflect-metadata@0.2.2: - resolution: {integrity: sha512-urBwgfrvVP/eAyXx4hluJivBKzuEbSQs9rKWCrCkbSxNv8mxPcUZKeuoF3Uy4mJl3Lwprp6yy5/39VWigZ4K6Q==} - regenerate-unicode-properties@10.2.0: resolution: {integrity: sha512-DqHn3DwbmmPVzeKj9woBadqmXxLvQoQIwu7nopMc72ztvxVmVk2SBhSnx67zuye5TP+lJsb/TBQsjLKhnDf3MA==} engines: {node: '>=4'} @@ -7596,9 +7467,6 @@ packages: resolution: {integrity: sha512-QMEp5B7cftE7APOjk5Y6xgrbWu+WkLVQwk8JNjZ8nKRciZaByEW6MubieAiToS7+dwvrjGhH8jRXz3MVd0AYqQ==} hasBin: true - sha3@2.1.4: - resolution: {integrity: sha512-S8cNxbyb0UGUM2VhRD4Poe5N58gJnJsLJ5vC7FYWGUmGhcsj4++WaIOBFVDxlG0W3To6xBuiRh+i0Qp2oNCOtg==} - shallow-clone@3.0.1: resolution: {integrity: sha512-/6KqX+GVUdqPuPPd2LxDDxzX6CAbjJehAAOKlNpqqUpAqPM6HeL8f+o3a+JsyGjn2lv0WY8UsTgUJjU9Ok55NA==} engines: {node: '>=8'} @@ -8236,64 +8104,6 @@ packages: typedarray@0.0.6: resolution: {integrity: sha512-/aCDEGatGvZ2BIk+HmLf4ifCJFwvKFNb9/JeZPMulfgFracn9QFcAf5GO8B/mweUjSoblS5In0cWhqpfs/5PQA==} - typeorm@0.3.20: - resolution: {integrity: sha512-sJ0T08dV5eoZroaq9uPKBoNcGslHBR4E4y+EBHs//SiGbblGe7IeduP/IH4ddCcj0qp3PHwDwGnuvqEAnKlq/Q==} - engines: {node: '>=16.13.0'} - hasBin: true - peerDependencies: - '@google-cloud/spanner': ^5.18.0 - '@sap/hana-client': ^2.12.25 - better-sqlite3: ^7.1.2 || ^8.0.0 || ^9.0.0 - hdb-pool: ^0.1.6 - ioredis: ^5.0.4 - mongodb: ^5.8.0 - mssql: ^9.1.1 || ^10.0.1 - mysql2: ^2.2.5 || ^3.0.1 - oracledb: ^6.3.0 - pg: ^8.5.1 - pg-native: ^3.0.0 - pg-query-stream: ^4.0.0 - redis: ^3.1.1 || ^4.0.0 - sql.js: ^1.4.0 - sqlite3: ^5.0.3 - ts-node: ^10.7.0 - typeorm-aurora-data-api-driver: ^2.0.0 - peerDependenciesMeta: - '@google-cloud/spanner': - optional: true - '@sap/hana-client': - optional: true - better-sqlite3: - optional: true - hdb-pool: - optional: true - ioredis: - optional: true - mongodb: - optional: true - mssql: - optional: true - mysql2: - optional: true - oracledb: - optional: true - pg: - optional: true - pg-native: - optional: true - pg-query-stream: - optional: true - redis: - optional: true - sql.js: - optional: true - sqlite3: - optional: true - ts-node: - optional: true - typeorm-aurora-data-api-driver: - optional: true - typescript@5.3.3: resolution: {integrity: sha512-pXWcraxM0uxAS+tN0AG/BF2TyqmHO014Z070UsJ+pFvYuRSq8KH8DmWpnbXe0pEPDHXZV3FcAbJkijJ5oNEnWw==} engines: {node: '>=14.17'} @@ -8738,11 +8548,6 @@ packages: yallist@4.0.0: resolution: {integrity: sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==} - yaml@2.5.1: - resolution: {integrity: sha512-bLQOjaX/ADgQ20isPJRvF0iRUHIxVhYvr53Of7wGcWlO2jvtUlH5m87DsmulFVxRpNLOnI4tB6p/oh8D7kpn9Q==} - engines: {node: '>= 14'} - hasBin: true - yargs-parser@18.1.3: resolution: {integrity: sha512-o50j0JeToy/4K6OZcaQmW6lyXXKhq7csREXcDwk2omFPJEwUNOVtJKvmDr9EI1fAJZUyZcRF7kxGBWmRXudrCQ==} engines: {node: '>=6'} @@ -10135,7 +9940,7 @@ snapshots: '@digitalcredentials/bnid@2.1.2(react-native@0.71.19(@babel/core@7.25.2)(@babel/preset-env@7.25.4(@babel/core@7.25.2))(encoding@0.1.13)(react@18.3.1))': dependencies: '@digitalcredentials/base58-universal': 1.0.1 - react-native-securerandom: 1.0.1(react-native@0.71.19(@babel/core@7.25.2)(encoding@0.1.13)(react@18.3.1)) + react-native-securerandom: 1.0.1(react-native@0.71.19(@babel/core@7.25.2)(@babel/preset-env@7.25.4(@babel/core@7.25.2))(encoding@0.1.13)(react@18.3.1)) yargs: 15.4.1 transitivePeerDependencies: - react-native @@ -11857,11 +11662,6 @@ snapshots: '@scure/base@1.1.9': {} - '@sd-jwt/decode@0.6.1': - dependencies: - '@sd-jwt/types': 0.6.1 - '@sd-jwt/utils': 0.6.1 - '@sd-jwt/decode@0.7.2': dependencies: '@sd-jwt/types': 0.7.2 @@ -11873,15 +11673,8 @@ snapshots: '@sd-jwt/types': 0.7.2 '@sd-jwt/utils': 0.7.2 - '@sd-jwt/types@0.6.1': {} - '@sd-jwt/types@0.7.2': {} - '@sd-jwt/utils@0.6.1': - dependencies: - '@sd-jwt/types': 0.6.1 - js-base64: 3.7.7 - '@sd-jwt/utils@0.7.2': dependencies: '@sd-jwt/types': 0.7.2 @@ -11971,7 +11764,7 @@ snapshots: webcrypto-shim: 0.1.7 optionalDependencies: expo: 48.0.21(@babel/core@7.25.2)(encoding@0.1.13) - react-native-securerandom: 1.0.1(react-native@0.71.19(@babel/core@7.25.2)(encoding@0.1.13)(react@18.3.1)) + react-native-securerandom: 1.0.1(react-native@0.71.19(@babel/core@7.25.2)(@babel/preset-env@7.25.4(@babel/core@7.25.2))(encoding@0.1.13)(react@18.3.1)) '@sphereon/kmp-mdl-mdoc@0.2.0-SNAPSHOT.22': dependencies: @@ -11997,7 +11790,7 @@ snapshots: transitivePeerDependencies: - supports-color - '@sphereon/ssi-express-support@0.30.1': + '@sphereon/ssi-express-support@0.30.2-next.279': dependencies: body-parser: 1.20.3 casbin: 5.31.0 @@ -12015,226 +11808,6 @@ snapshots: transitivePeerDependencies: - supports-color - '@sphereon/ssi-sdk-ext.did-utils@0.24.1-unstable.130(encoding@0.1.13)(ts-node@10.9.2(@types/node@18.19.54)(typescript@5.4.5))': - dependencies: - '@ethersproject/networks': 5.7.1 - '@ethersproject/transactions': 5.7.0 - '@sphereon/did-uni-client': 0.6.3(encoding@0.1.13) - '@sphereon/ssi-sdk-ext.key-utils': 0.24.1-unstable.130 - '@sphereon/ssi-sdk-ext.x509-utils': 0.24.1-unstable.130 - '@sphereon/ssi-sdk.agent-config': 0.29.1-unstable.161(ts-node@10.9.2(@types/node@18.19.54)(typescript@5.4.5)) - '@sphereon/ssi-sdk.core': 0.29.1-unstable.161(encoding@0.1.13) - '@sphereon/ssi-types': 0.29.1-unstable.161 - '@stablelib/ed25519': 1.0.3 - '@veramo/core': 4.2.0 - '@veramo/utils': 4.2.0(encoding@0.1.13) - did-jwt: 6.11.6 - did-resolver: 4.1.0 - elliptic: 6.5.7 - uint8arrays: 3.1.1 - transitivePeerDependencies: - - '@google-cloud/spanner' - - '@sap/hana-client' - - better-sqlite3 - - encoding - - hdb-pool - - ioredis - - mongodb - - mssql - - mysql2 - - oracledb - - pg - - pg-native - - pg-query-stream - - redis - - sql.js - - sqlite3 - - supports-color - - ts-node - - typeorm-aurora-data-api-driver - - '@sphereon/ssi-sdk-ext.did-utils@0.24.1-unstable.130(encoding@0.1.13)(ts-node@10.9.2(@types/node@18.19.54)(typescript@5.5.3))': - dependencies: - '@ethersproject/networks': 5.7.1 - '@ethersproject/transactions': 5.7.0 - '@sphereon/did-uni-client': 0.6.3(encoding@0.1.13) - '@sphereon/ssi-sdk-ext.key-utils': 0.24.1-unstable.130 - '@sphereon/ssi-sdk-ext.x509-utils': 0.24.1-unstable.130 - '@sphereon/ssi-sdk.agent-config': 0.29.1-unstable.161(ts-node@10.9.2(@types/node@18.19.54)(typescript@5.5.3)) - '@sphereon/ssi-sdk.core': 0.29.1-unstable.161(encoding@0.1.13) - '@sphereon/ssi-types': 0.29.1-unstable.161 - '@stablelib/ed25519': 1.0.3 - '@veramo/core': 4.2.0 - '@veramo/utils': 4.2.0(encoding@0.1.13) - did-jwt: 6.11.6 - did-resolver: 4.1.0 - elliptic: 6.5.7 - uint8arrays: 3.1.1 - transitivePeerDependencies: - - '@google-cloud/spanner' - - '@sap/hana-client' - - better-sqlite3 - - encoding - - hdb-pool - - ioredis - - mongodb - - mssql - - mysql2 - - oracledb - - pg - - pg-native - - pg-query-stream - - redis - - sql.js - - sqlite3 - - supports-color - - ts-node - - typeorm-aurora-data-api-driver - - '@sphereon/ssi-sdk-ext.identifier-resolution@0.24.1-unstable.130(encoding@0.1.13)(ts-node@10.9.2(@types/node@18.19.54)(typescript@5.4.5))': - dependencies: - '@sphereon/ssi-sdk-ext.did-utils': 0.24.1-unstable.130(encoding@0.1.13)(ts-node@10.9.2(@types/node@18.19.54)(typescript@5.4.5)) - '@sphereon/ssi-sdk-ext.key-utils': 0.24.1-unstable.130 - '@sphereon/ssi-sdk-ext.x509-utils': 0.24.1-unstable.130 - '@sphereon/ssi-sdk.agent-config': 0.29.1-unstable.161(ts-node@10.9.2(@types/node@18.19.54)(typescript@5.4.5)) - '@sphereon/ssi-types': 0.29.1-unstable.161 - '@veramo/core': 4.2.0 - '@veramo/utils': 4.2.0(encoding@0.1.13) - debug: 4.3.7 - pkijs: 3.2.4 - uint8arrays: 3.1.1 - transitivePeerDependencies: - - '@google-cloud/spanner' - - '@sap/hana-client' - - better-sqlite3 - - encoding - - hdb-pool - - ioredis - - mongodb - - mssql - - mysql2 - - oracledb - - pg - - pg-native - - pg-query-stream - - redis - - sql.js - - sqlite3 - - supports-color - - ts-node - - typeorm-aurora-data-api-driver - - '@sphereon/ssi-sdk-ext.identifier-resolution@0.24.1-unstable.130(encoding@0.1.13)(ts-node@10.9.2(@types/node@18.19.54)(typescript@5.5.3))': - dependencies: - '@sphereon/ssi-sdk-ext.did-utils': 0.24.1-unstable.130(encoding@0.1.13)(ts-node@10.9.2(@types/node@18.19.54)(typescript@5.5.3)) - '@sphereon/ssi-sdk-ext.key-utils': 0.24.1-unstable.130 - '@sphereon/ssi-sdk-ext.x509-utils': 0.24.1-unstable.130 - '@sphereon/ssi-sdk.agent-config': 0.29.1-unstable.161(ts-node@10.9.2(@types/node@18.19.54)(typescript@5.5.3)) - '@sphereon/ssi-types': 0.29.1-unstable.161 - '@veramo/core': 4.2.0 - '@veramo/utils': 4.2.0(encoding@0.1.13) - debug: 4.3.7 - pkijs: 3.2.4 - uint8arrays: 3.1.1 - transitivePeerDependencies: - - '@google-cloud/spanner' - - '@sap/hana-client' - - better-sqlite3 - - encoding - - hdb-pool - - ioredis - - mongodb - - mssql - - mysql2 - - oracledb - - pg - - pg-native - - pg-query-stream - - redis - - sql.js - - sqlite3 - - supports-color - - ts-node - - typeorm-aurora-data-api-driver - - '@sphereon/ssi-sdk-ext.jwt-service@0.24.1-unstable.130(encoding@0.1.13)(ts-node@10.9.2(@types/node@18.19.54)(typescript@5.4.5))': - dependencies: - '@sphereon/ssi-sdk-ext.did-utils': 0.24.1-unstable.130(encoding@0.1.13)(ts-node@10.9.2(@types/node@18.19.54)(typescript@5.4.5)) - '@sphereon/ssi-sdk-ext.identifier-resolution': 0.24.1-unstable.130(encoding@0.1.13)(ts-node@10.9.2(@types/node@18.19.54)(typescript@5.4.5)) - '@sphereon/ssi-sdk-ext.key-manager': 0.24.1-unstable.130 - '@sphereon/ssi-sdk-ext.key-utils': 0.24.1-unstable.130 - '@sphereon/ssi-sdk-ext.x509-utils': 0.24.1-unstable.130 - '@sphereon/ssi-sdk.agent-config': 0.29.1-unstable.161(ts-node@10.9.2(@types/node@18.19.54)(typescript@5.4.5)) - '@sphereon/ssi-types': 0.29.1-unstable.161 - '@veramo/core': 4.2.0 - '@veramo/utils': 4.2.0(encoding@0.1.13) - debug: 4.3.7 - jwt-decode: 4.0.0 - uint8arrays: 3.1.1 - transitivePeerDependencies: - - '@google-cloud/spanner' - - '@sap/hana-client' - - better-sqlite3 - - encoding - - hdb-pool - - ioredis - - mongodb - - mssql - - mysql2 - - oracledb - - pg - - pg-native - - pg-query-stream - - redis - - sql.js - - sqlite3 - - supports-color - - ts-node - - typeorm-aurora-data-api-driver - - '@sphereon/ssi-sdk-ext.jwt-service@0.24.1-unstable.130(encoding@0.1.13)(ts-node@10.9.2(@types/node@18.19.54)(typescript@5.5.3))': - dependencies: - '@sphereon/ssi-sdk-ext.did-utils': 0.24.1-unstable.130(encoding@0.1.13)(ts-node@10.9.2(@types/node@18.19.54)(typescript@5.5.3)) - '@sphereon/ssi-sdk-ext.identifier-resolution': 0.24.1-unstable.130(encoding@0.1.13)(ts-node@10.9.2(@types/node@18.19.54)(typescript@5.5.3)) - '@sphereon/ssi-sdk-ext.key-manager': 0.24.1-unstable.130 - '@sphereon/ssi-sdk-ext.key-utils': 0.24.1-unstable.130 - '@sphereon/ssi-sdk-ext.x509-utils': 0.24.1-unstable.130 - '@sphereon/ssi-sdk.agent-config': 0.29.1-unstable.161(ts-node@10.9.2(@types/node@18.19.54)(typescript@5.5.3)) - '@sphereon/ssi-types': 0.29.1-unstable.161 - '@veramo/core': 4.2.0 - '@veramo/utils': 4.2.0(encoding@0.1.13) - debug: 4.3.7 - jwt-decode: 4.0.0 - uint8arrays: 3.1.1 - transitivePeerDependencies: - - '@google-cloud/spanner' - - '@sap/hana-client' - - better-sqlite3 - - encoding - - hdb-pool - - ioredis - - mongodb - - mssql - - mysql2 - - oracledb - - pg - - pg-native - - pg-query-stream - - redis - - sql.js - - sqlite3 - - supports-color - - ts-node - - typeorm-aurora-data-api-driver - - '@sphereon/ssi-sdk-ext.key-manager@0.24.1-unstable.130': - dependencies: - '@veramo/core': 4.2.0 - '@veramo/key-manager': 4.2.0 - uint8arrays: 3.1.1 - transitivePeerDependencies: - - supports-color - '@sphereon/ssi-sdk-ext.key-utils@0.23.0(expo@48.0.21(@babel/core@7.25.2)(encoding@0.1.13))(msrcrypto@1.5.8)(react-native-securerandom@1.0.1(react-native@0.71.19(@babel/core@7.25.2)(encoding@0.1.13)(react@18.3.1)))': dependencies: '@ethersproject/random': 5.7.0 @@ -12260,174 +11833,17 @@ snapshots: - react-native-securerandom - supports-color - '@sphereon/ssi-sdk-ext.key-utils@0.24.1-unstable.130': - dependencies: - '@ethersproject/random': 5.7.0 - '@sphereon/ssi-sdk-ext.x509-utils': 0.24.1-unstable.130 - '@sphereon/ssi-types': 0.29.1-unstable.161 - '@stablelib/ed25519': 1.0.3 - '@stablelib/sha256': 1.0.1 - '@stablelib/sha512': 1.0.1 - '@trust/keyto': 1.0.1 - '@veramo/core': 4.2.0 - base64url: 3.0.1 - debug: 4.3.7 - did-resolver: 4.1.0 - elliptic: 6.5.7 - lodash.isplainobject: 4.0.6 - multiformats: 9.9.0 - uint8arrays: 3.1.1 - varint: 6.0.0 - web-encoding: 1.1.5 - transitivePeerDependencies: - - supports-color - - '@sphereon/ssi-sdk-ext.x509-utils@0.24.1-unstable.130': - dependencies: - '@trust/keyto': 1.0.1 - debug: 4.3.7 - js-x509-utils: 1.0.7 - pkijs: 3.2.4 - uint8arrays: 3.1.1 - transitivePeerDependencies: - - supports-color - - '@sphereon/ssi-sdk.agent-config@0.29.1-unstable.161(ts-node@10.9.2(@types/node@18.19.54)(typescript@5.4.5))': - dependencies: - '@veramo/core': 4.2.0 - debug: 4.3.7 - jsonpointer: 5.0.1 - typeorm: 0.3.20(ts-node@10.9.2(@types/node@18.19.54)(typescript@5.4.5)) - url-parse: 1.5.10 - yaml: 2.5.1 - transitivePeerDependencies: - - '@google-cloud/spanner' - - '@sap/hana-client' - - better-sqlite3 - - hdb-pool - - ioredis - - mongodb - - mssql - - mysql2 - - oracledb - - pg - - pg-native - - pg-query-stream - - redis - - sql.js - - sqlite3 - - supports-color - - ts-node - - typeorm-aurora-data-api-driver - - '@sphereon/ssi-sdk.agent-config@0.29.1-unstable.161(ts-node@10.9.2(@types/node@18.19.54)(typescript@5.5.3))': - dependencies: - '@veramo/core': 4.2.0 - debug: 4.3.7 - jsonpointer: 5.0.1 - typeorm: 0.3.20(ts-node@10.9.2(@types/node@18.19.54)(typescript@5.5.3)) - url-parse: 1.5.10 - yaml: 2.5.1 - transitivePeerDependencies: - - '@google-cloud/spanner' - - '@sap/hana-client' - - better-sqlite3 - - hdb-pool - - ioredis - - mongodb - - mssql - - mysql2 - - oracledb - - pg - - pg-native - - pg-query-stream - - redis - - sql.js - - sqlite3 - - supports-color - - ts-node - - typeorm-aurora-data-api-driver - - '@sphereon/ssi-sdk.core@0.29.1-unstable.161(encoding@0.1.13)': - dependencies: - '@sphereon/ssi-types': 0.29.1-unstable.161 - '@veramo/core': 4.2.0 - cross-fetch: 3.1.8(encoding@0.1.13) - debug: 4.3.7 - image-size: 2.0.0-beta.2 - uint8arrays: 3.1.1 - transitivePeerDependencies: - - encoding - - supports-color - - '@sphereon/ssi-types@0.29.1-unstable.161': - dependencies: - '@sd-jwt/decode': 0.6.1 - debug: 4.3.7 - events: 3.3.0 - jwt-decode: 3.1.2 - transitivePeerDependencies: - - supports-color - - '@sphereon/ssi-types@0.30.1(encoding@0.1.13)(ts-node@10.9.2(@types/node@18.19.54)(typescript@5.4.5))': - dependencies: - '@sd-jwt/decode': 0.7.2 - '@sphereon/kmp-mdl-mdoc': 0.2.0-SNAPSHOT.22 - '@sphereon/ssi-sdk-ext.jwt-service': 0.24.1-unstable.130(encoding@0.1.13)(ts-node@10.9.2(@types/node@18.19.54)(typescript@5.4.5)) - debug: 4.3.7 - events: 3.3.0 - jwt-decode: 3.1.2 - transitivePeerDependencies: - - '@google-cloud/spanner' - - '@sap/hana-client' - - better-sqlite3 - - encoding - - hdb-pool - - ioredis - - mongodb - - mssql - - mysql2 - - oracledb - - pg - - pg-native - - pg-query-stream - - redis - - sql.js - - sqlite3 - - supports-color - - ts-node - - typeorm-aurora-data-api-driver - - '@sphereon/ssi-types@0.30.1(encoding@0.1.13)(ts-node@10.9.2(@types/node@18.19.54)(typescript@5.5.3))': + '@sphereon/ssi-types@0.30.2-next.129': dependencies: '@sd-jwt/decode': 0.7.2 '@sphereon/kmp-mdl-mdoc': 0.2.0-SNAPSHOT.22 - '@sphereon/ssi-sdk-ext.jwt-service': 0.24.1-unstable.130(encoding@0.1.13)(ts-node@10.9.2(@types/node@18.19.54)(typescript@5.5.3)) debug: 4.3.7 events: 3.3.0 jwt-decode: 3.1.2 transitivePeerDependencies: - - '@google-cloud/spanner' - - '@sap/hana-client' - - better-sqlite3 - - encoding - - hdb-pool - - ioredis - - mongodb - - mssql - - mysql2 - - oracledb - - pg - - pg-native - - pg-query-stream - - redis - - sql.js - - sqlite3 - supports-color - - ts-node - - typeorm-aurora-data-api-driver - '@sphereon/ssi-types@0.30.2-next.129': + '@sphereon/ssi-types@0.30.2-next.279': dependencies: '@sd-jwt/decode': 0.7.2 '@sphereon/kmp-mdl-mdoc': 0.2.0-SNAPSHOT.22 @@ -12449,8 +11865,6 @@ snapshots: transitivePeerDependencies: - encoding - '@sqltools/formatter@1.2.5': {} - '@stablelib/aead@1.0.1': {} '@stablelib/aes-kw@1.0.1': @@ -12755,12 +12169,6 @@ snapshots: '@stablelib/x25519': 1.0.3 '@transmute/ld-key-pair': 0.7.0-unstable.82 - '@trust/keyto@1.0.1': - dependencies: - asn1.js: 5.4.1 - base64url: 3.0.1 - elliptic: 6.5.7 - '@trust/keyto@2.0.0-alpha1': dependencies: asn1.js: 5.4.1 @@ -13134,37 +12542,6 @@ snapshots: transitivePeerDependencies: - supports-color - '@veramo/key-manager@4.2.0': - dependencies: - '@ethersproject/bytes': 5.7.0 - '@ethersproject/strings': 5.7.0 - '@ethersproject/transactions': 5.7.0 - '@stablelib/ed25519': 1.0.3 - '@veramo/core': 4.2.0 - did-jwt: 6.11.6 - uint8arrays: 3.1.1 - uuid: 9.0.1 - transitivePeerDependencies: - - supports-color - - '@veramo/utils@4.2.0(encoding@0.1.13)': - dependencies: - '@ethersproject/transactions': 5.7.0 - '@stablelib/ed25519': 1.0.3 - '@veramo/core': 4.2.0 - blakejs: 1.2.1 - cross-fetch: 3.1.8(encoding@0.1.13) - debug: 4.3.7 - did-jwt: 6.11.6 - did-jwt-vc: 3.1.3 - did-resolver: 4.1.0 - elliptic: 6.5.7 - multiformats: 9.7.1 - uint8arrays: 3.1.1 - transitivePeerDependencies: - - encoding - - supports-color - '@xmldom/xmldom@0.7.13': {} '@xmldom/xmldom@0.8.10': {} @@ -13297,8 +12674,6 @@ snapshots: normalize-path: 3.0.0 picomatch: 2.3.1 - app-root-path@3.1.0: {} - appdirsjs@1.2.7: {} application-config-path@0.1.1: {} @@ -13394,10 +12769,6 @@ snapshots: asmcrypto.js@2.3.2: {} - asn1.js-rfc5280@3.0.0: - dependencies: - asn1.js: 5.4.1 - asn1.js@5.4.1: dependencies: bn.js: 4.12.0 @@ -13648,8 +13019,6 @@ snapshots: inherits: 2.0.4 readable-stream: 3.6.2 - blakejs@1.2.1: {} - blueimp-md5@2.19.0: {} bn.js@4.12.0: {} @@ -13766,8 +13135,6 @@ snapshots: bytes@3.1.2: {} - bytestreamjs@2.0.1: {} - cacache@15.3.0: dependencies: '@npmcli/fs': 1.1.1 @@ -14531,11 +13898,6 @@ snapshots: deprecation@2.3.1: {} - des.js@1.1.0: - dependencies: - inherits: 2.0.4 - minimalistic-assert: 1.0.1 - destroy@1.2.0: {} detect-indent@5.0.0: {} @@ -14551,11 +13913,6 @@ snapshots: did-context@3.1.1: {} - did-jwt-vc@3.1.3: - dependencies: - did-jwt: 6.11.6 - did-resolver: 4.1.0 - did-jwt-vc@3.2.15: dependencies: did-jwt: 7.4.7 @@ -15922,8 +15279,6 @@ snapshots: image-size@0.6.3: {} - image-size@2.0.0-beta.2: {} - import-fresh@2.0.0: dependencies: caller-path: 2.0.0 @@ -16718,87 +16073,10 @@ snapshots: js-binary-schema-parser@2.0.3: {} - js-crypto-aes@1.0.6: - dependencies: - js-crypto-env: 1.0.5 - - js-crypto-ec@1.0.7: - dependencies: - asn1.js: 5.4.1 - buffer: 6.0.3 - elliptic: 6.5.7 - js-crypto-env: 1.0.5 - js-crypto-hash: 1.0.7 - js-crypto-key-utils: 1.0.7 - js-crypto-random: 1.0.5 - js-encoding-utils: 0.7.3 - - js-crypto-env@1.0.5: {} - - js-crypto-hash@1.0.7: - dependencies: - buffer: 6.0.3 - hash.js: 1.1.7 - js-crypto-env: 1.0.5 - md5: 2.3.0 - sha3: 2.1.4 - - js-crypto-hmac@1.0.7: - dependencies: - js-crypto-env: 1.0.5 - js-crypto-hash: 1.0.7 - - js-crypto-key-utils@1.0.7: - dependencies: - asn1.js: 5.4.1 - buffer: 6.0.3 - des.js: 1.1.0 - elliptic: 6.5.7 - js-crypto-aes: 1.0.6 - js-crypto-hash: 1.0.7 - js-crypto-pbkdf: 1.0.7 - js-crypto-random: 1.0.5 - js-encoding-utils: 0.7.3 - lodash.clonedeep: 4.5.0 - - js-crypto-pbkdf@1.0.7: - dependencies: - js-crypto-hash: 1.0.7 - js-crypto-hmac: 1.0.7 - js-encoding-utils: 0.7.3 - - js-crypto-random@1.0.5: - dependencies: - js-crypto-env: 1.0.5 - - js-crypto-rsa@1.0.7: - dependencies: - bn.js: 5.2.1 - buffer: 6.0.3 - js-crypto-env: 1.0.5 - js-crypto-hash: 1.0.7 - js-crypto-key-utils: 1.0.7 - js-crypto-random: 1.0.5 - js-encoding-utils: 0.7.3 - - js-encoding-utils@0.7.3: {} - js-sha3@0.8.0: {} js-tokens@4.0.0: {} - js-x509-utils@1.0.7: - dependencies: - asn1.js: 5.4.1 - asn1.js-rfc5280: 3.0.0 - bn.js: 5.2.1 - buffer: 6.0.3 - js-crypto-ec: 1.0.7 - js-crypto-key-utils: 1.0.7 - js-crypto-random: 1.0.5 - js-crypto-rsa: 1.0.7 - js-encoding-utils: 0.7.3 - js-yaml@3.14.1: dependencies: argparse: 1.0.10 @@ -16938,8 +16216,6 @@ snapshots: jsonparse@1.3.1: {} - jsonpointer@5.0.1: {} - just-diff-apply@5.5.0: {} just-diff@6.0.2: {} @@ -17796,8 +17072,6 @@ snapshots: mkdirp@1.0.4: {} - mkdirp@2.1.6: {} - mkdirp@3.0.1: {} modify-values@1.0.1: {} @@ -17826,8 +17100,6 @@ snapshots: multiformats@12.1.3: {} - multiformats@9.7.1: {} - multiformats@9.9.0: {} multimatch@5.0.0: @@ -18503,15 +17775,6 @@ snapshots: dependencies: find-up: 3.0.0 - pkijs@3.2.4: - dependencies: - '@noble/hashes': 1.5.0 - asn1js: 3.0.5 - bytestreamjs: 2.0.1 - pvtsutils: 1.3.5 - pvutils: 1.1.3 - tslib: 2.7.0 - plist@3.1.0: dependencies: '@xmldom/xmldom': 0.8.10 @@ -18697,7 +17960,7 @@ snapshots: react-native: 0.71.19(@babel/core@7.25.2)(@babel/preset-env@7.25.4(@babel/core@7.25.2))(encoding@0.1.13)(react@18.3.1) optional: true - react-native-securerandom@1.0.1(react-native@0.71.19(@babel/core@7.25.2)(encoding@0.1.13)(react@18.3.1)): + react-native-securerandom@1.0.1(react-native@0.71.19(@babel/core@7.25.2)(@babel/preset-env@7.25.4(@babel/core@7.25.2))(encoding@0.1.13)(react@18.3.1)): dependencies: base64-js: 1.5.1 react-native: 0.71.19(@babel/core@7.25.2)(@babel/preset-env@7.25.4(@babel/core@7.25.2))(encoding@0.1.13)(react@18.3.1) @@ -18850,8 +18113,6 @@ snapshots: reduce-flatten@2.0.0: optional: true - reflect-metadata@0.2.2: {} - regenerate-unicode-properties@10.2.0: dependencies: regenerate: 1.4.2 @@ -19137,10 +18398,6 @@ snapshots: inherits: 2.0.4 safe-buffer: 5.2.1 - sha3@2.1.4: - dependencies: - buffer: 6.0.3 - shallow-clone@3.0.1: dependencies: kind-of: 6.0.3 @@ -19853,50 +19110,6 @@ snapshots: typedarray@0.0.6: {} - typeorm@0.3.20(ts-node@10.9.2(@types/node@18.19.54)(typescript@5.4.5)): - dependencies: - '@sqltools/formatter': 1.2.5 - app-root-path: 3.1.0 - buffer: 6.0.3 - chalk: 4.1.2 - cli-highlight: 2.1.11 - dayjs: 1.11.13 - debug: 4.3.7 - dotenv: 16.4.5 - glob: 10.4.5 - mkdirp: 2.1.6 - reflect-metadata: 0.2.2 - sha.js: 2.4.11 - tslib: 2.7.0 - uuid: 9.0.1 - yargs: 17.7.2 - optionalDependencies: - ts-node: 10.9.2(@types/node@18.19.54)(typescript@5.4.5) - transitivePeerDependencies: - - supports-color - - typeorm@0.3.20(ts-node@10.9.2(@types/node@18.19.54)(typescript@5.5.3)): - dependencies: - '@sqltools/formatter': 1.2.5 - app-root-path: 3.1.0 - buffer: 6.0.3 - chalk: 4.1.2 - cli-highlight: 2.1.11 - dayjs: 1.11.13 - debug: 4.3.7 - dotenv: 16.4.5 - glob: 10.4.5 - mkdirp: 2.1.6 - reflect-metadata: 0.2.2 - sha.js: 2.4.11 - tslib: 2.7.0 - uuid: 9.0.1 - yargs: 17.7.2 - optionalDependencies: - ts-node: 10.9.2(@types/node@18.19.54)(typescript@5.5.3) - transitivePeerDependencies: - - supports-color - typescript@5.3.3: {} typescript@5.4.5: {} @@ -20265,8 +19478,6 @@ snapshots: yallist@4.0.0: {} - yaml@2.5.1: {} - yargs-parser@18.1.3: dependencies: camelcase: 5.3.1 From 347c8f7e7d2e317c8254ae7ac61ef6a8a1cc5ec9 Mon Sep 17 00:00:00 2001 From: sanderPostma Date: Wed, 20 Nov 2024 17:47:33 +0100 Subject: [PATCH 17/18] chore: mdoc VP fix --- .../siop-oid4vp/lib/authorization-response/OpenID4VP.ts | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/packages/siop-oid4vp/lib/authorization-response/OpenID4VP.ts b/packages/siop-oid4vp/lib/authorization-response/OpenID4VP.ts index 0db13b81..94302bae 100644 --- a/packages/siop-oid4vp/lib/authorization-response/OpenID4VP.ts +++ b/packages/siop-oid4vp/lib/authorization-response/OpenID4VP.ts @@ -290,7 +290,14 @@ export const assertValidVerifiablePresentations = async (args: { if (!presentations || (Array.isArray(presentations) && presentations.length === 0)) { return Promise.reject(Error('missing presentation(s)')) } - const presentationsArray = Array.isArray(presentations) ? presentations : [presentations] + + // Handle mdocs, keep them out of pex + let presentationsArray = (Array.isArray(presentations) ? presentations : [presentations]) + if (presentationsArray.every(p => p.format === 'mso_mdoc')) { + return + } + presentationsArray = presentationsArray.filter((p) => p.format !== 'mso_mdoc') + if ( (!args.presentationDefinitions || args.presentationDefinitions.filter((a) => a.definition).length === 0) && (!presentationsArray || (Array.isArray(presentationsArray) && presentationsArray.filter((vp) => vp.presentation).length === 0)) From addbde5bd1281d1a688e4a26795b079c14d04863 Mon Sep 17 00:00:00 2001 From: sanderPostma Date: Fri, 22 Nov 2024 10:47:27 +0100 Subject: [PATCH 18/18] chore: cleanup --- packages/oid4vci-common/lib/types/ServerMetadata.ts | 1 - 1 file changed, 1 deletion(-) diff --git a/packages/oid4vci-common/lib/types/ServerMetadata.ts b/packages/oid4vci-common/lib/types/ServerMetadata.ts index 6f7d0ff2..b8f6208c 100644 --- a/packages/oid4vci-common/lib/types/ServerMetadata.ts +++ b/packages/oid4vci-common/lib/types/ServerMetadata.ts @@ -166,7 +166,6 @@ export enum WellKnownEndpoints { OPENID_CONFIGURATION = '/.well-known/openid-configuration', OAUTH_AS = '/.well-known/oauth-authorization-server', OPENID4VCI_ISSUER = '/.well-known/openid-credential-issuer', - OPENID_FEDERATION = '/.well-known/openid-federation', } export type AuthorizationServerType = 'OIDC' | 'OAuth 2.0' | 'OID4VCI'; // OID4VCI means the Issuer hosts a token endpoint itself