diff --git a/packages/ebsi-support/package.json b/packages/ebsi-support/package.json index 237a93582..0b1df6612 100644 --- a/packages/ebsi-support/package.json +++ b/packages/ebsi-support/package.json @@ -15,8 +15,8 @@ }, "dependencies": { "@ethersproject/random": "^5.7.0", - "@sphereon/did-auth-siop": "0.16.1-next.181", - "@sphereon/did-auth-siop-adapter": "0.16.1-next.181", + "@sphereon/did-auth-siop": "0.16.1-next.187", + "@sphereon/did-auth-siop-adapter": "0.16.1-next.187", "@sphereon/pex": "5.0.0-unstable.27", "@sphereon/pex-models": "^2.3.1", "@sphereon/ssi-sdk-ext.did-resolver-ebsi": "0.25.0", @@ -44,8 +44,8 @@ "xstate": "^4.38.3" }, "devDependencies": { - "@sphereon/oid4vci-client": "0.16.1-next.181", - "@sphereon/oid4vci-common": "0.16.1-next.181", + "@sphereon/oid4vci-client": "0.16.1-next.187", + "@sphereon/oid4vci-common": "0.16.1-next.187", "@sphereon/ssi-express-support": "workspace:*", "@sphereon/ssi-sdk-ext.key-manager": "0.25.0", "@sphereon/ssi-sdk-ext.kms-local": "0.25.0", diff --git a/packages/mdl-mdoc/package.json b/packages/mdl-mdoc/package.json index d574e4691..02cda8592 100644 --- a/packages/mdl-mdoc/package.json +++ b/packages/mdl-mdoc/package.json @@ -14,7 +14,7 @@ "build:clean": "tsc --build --clean && tsc --build" }, "dependencies": { - "@sphereon/did-auth-siop": "0.16.1-next.181", + "@sphereon/did-auth-siop": "0.16.1-next.187", "@sphereon/kmp-mdl-mdoc": "0.2.0-SNAPSHOT.22", "@sphereon/pex": "5.0.0-unstable.27", "@sphereon/pex-models": "^2.3.1", @@ -35,8 +35,8 @@ "uuid": "^9.0.1" }, "devDependencies": { - "@sphereon/oid4vci-client": "0.16.1-next.181", - "@sphereon/oid4vci-common": "0.16.1-next.181", + "@sphereon/oid4vci-client": "0.16.1-next.187", + "@sphereon/oid4vci-common": "0.16.1-next.187", "@sphereon/ssi-express-support": "workspace:*", "@sphereon/ssi-sdk-ext.key-manager": "0.25.0", "@sphereon/ssi-sdk-ext.kms-local": "0.25.0", diff --git a/packages/oid4vci-holder/package.json b/packages/oid4vci-holder/package.json index d39287c3f..efd4d48e8 100644 --- a/packages/oid4vci-holder/package.json +++ b/packages/oid4vci-holder/package.json @@ -15,8 +15,8 @@ }, "dependencies": { "@sphereon/kmp-mdl-mdoc": "0.2.0-SNAPSHOT.22", - "@sphereon/oid4vci-client": "0.16.1-next.181", - "@sphereon/oid4vci-common": "0.16.1-next.181", + "@sphereon/oid4vci-client": "0.16.1-next.187", + "@sphereon/oid4vci-common": "0.16.1-next.187", "@sphereon/ssi-sdk-ext.did-utils": "0.25.0", "@sphereon/ssi-sdk-ext.identifier-resolution": "0.25.0", "@sphereon/ssi-sdk-ext.jwt-service": "0.25.0", diff --git a/packages/oid4vci-issuer-rest-api/__tests__/agent.ts b/packages/oid4vci-issuer-rest-api/__tests__/agent.ts index fcee74991..061e15b1f 100644 --- a/packages/oid4vci-issuer-rest-api/__tests__/agent.ts +++ b/packages/oid4vci-issuer-rest-api/__tests__/agent.ts @@ -6,7 +6,7 @@ import { SphereonKeyManager } from '@sphereon/ssi-sdk-ext.key-manager' import { toJwk } from '@sphereon/ssi-sdk-ext.key-utils' import { SphereonKeyManagementSystem } from '@sphereon/ssi-sdk-ext.kms-local' import { OID4VCIIssuer } from '@sphereon/ssi-sdk.oid4vci-issuer' -import { OID4VCIStore } from '@sphereon/ssi-sdk.oid4vci-issuer-store' +import { IMetadataImportArgs, OID4VCIStore } from '@sphereon/ssi-sdk.oid4vci-issuer-store' import { CredentialHandlerLDLocal, LdDefaultContexts, @@ -110,6 +110,7 @@ const privateKeyStore: PrivateKeyStore = new PrivateKeyStore(dbConnection, new S let importMetadatas = [ { + metadataType: 'issuer', correlationId: `${baseUrl}/sphereon`, overwriteExisting: true, // @ts-ignore @@ -163,8 +164,9 @@ let importMetadatas = [ ], } as IssuerMetadata, }, - { + metadataType: 'issuer', + correlationId: `${baseUrl}/dbc2023`, overwriteExisting: true, // @ts-ignore @@ -290,6 +292,7 @@ let importMetadatas = [ } as IssuerMetadata, }, { + metadataType: 'issuer', correlationId: `${baseUrl}/fma2023`, overwriteExisting: true, // @ts-ignore @@ -431,6 +434,7 @@ let importMetadatas = [ } as IssuerMetadata, }, { + metadataType: 'issuer', correlationId: `${baseUrl}/triall2023`, overwriteExisting: true, // @ts-ignore @@ -571,7 +575,7 @@ let importMetadatas = [ ], } as IssuerMetadata, }, -] +] satisfies Array console.log(JSON.stringify(importMetadatas, null, 2)) diff --git a/packages/oid4vci-issuer-rest-api/package.json b/packages/oid4vci-issuer-rest-api/package.json index 3400c50c3..9d435a7e0 100644 --- a/packages/oid4vci-issuer-rest-api/package.json +++ b/packages/oid4vci-issuer-rest-api/package.json @@ -11,9 +11,9 @@ "start:dev": "ts-node __tests__/RestAPI.ts" }, "dependencies": { - "@sphereon/oid4vci-common": "0.16.1-next.181", - "@sphereon/oid4vci-issuer": "0.16.1-next.181", - "@sphereon/oid4vci-issuer-server": "0.16.1-next.181", + "@sphereon/oid4vci-common": "0.16.1-next.187", + "@sphereon/oid4vci-issuer": "0.16.1-next.187", + "@sphereon/oid4vci-issuer-server": "0.16.1-next.187", "@sphereon/ssi-express-support": "workspace:*", "@sphereon/ssi-sdk-ext.identifier-resolution": "0.25.0", "@sphereon/ssi-sdk.kv-store-temp": "workspace:*", diff --git a/packages/oid4vci-issuer-rest-client/package.json b/packages/oid4vci-issuer-rest-client/package.json index e715f2c44..b5af7b40b 100644 --- a/packages/oid4vci-issuer-rest-client/package.json +++ b/packages/oid4vci-issuer-rest-client/package.json @@ -16,7 +16,7 @@ "generate-plugin-schema": "ts-node ../../packages/dev/bin/sphereon.js dev generate-plugin-schema" }, "dependencies": { - "@sphereon/oid4vci-common": "0.16.1-next.181", + "@sphereon/oid4vci-common": "0.16.1-next.187", "@sphereon/ssi-types": "workspace:*", "@veramo/core": "4.2.0", "cross-fetch": "^3.1.8" diff --git a/packages/oid4vci-issuer-store/package.json b/packages/oid4vci-issuer-store/package.json index 4d562e4bf..e2a6b8709 100644 --- a/packages/oid4vci-issuer-store/package.json +++ b/packages/oid4vci-issuer-store/package.json @@ -14,7 +14,7 @@ "build:clean": "tsc --build --clean && tsc --build" }, "dependencies": { - "@sphereon/oid4vci-common": "0.16.1-next.181", + "@sphereon/oid4vci-common": "0.16.1-next.187", "@sphereon/ssi-sdk-ext.did-utils": "0.25.0", "@sphereon/ssi-sdk-ext.identifier-resolution": "0.25.0", "@sphereon/ssi-sdk.kv-store-temp": "workspace:*", diff --git a/packages/oid4vci-issuer-store/src/agent/OID4VCIStore.ts b/packages/oid4vci-issuer-store/src/agent/OID4VCIStore.ts index 37d1173dd..d5c42ce46 100644 --- a/packages/oid4vci-issuer-store/src/agent/OID4VCIStore.ts +++ b/packages/oid4vci-issuer-store/src/agent/OID4VCIStore.ts @@ -1,4 +1,4 @@ -import { IssuerMetadata } from '@sphereon/oid4vci-common' +import { AuthorizationServerMetadata, IssuerMetadata } from '@sphereon/oid4vci-common' import { IKeyValueStore, IValueData, KeyValueStore, ValueStoreType } from '@sphereon/ssi-sdk.kv-store-temp' import { IAgentPlugin } from '@veramo/core' import { @@ -9,7 +9,7 @@ import { IMetadataPersistArgs, Ioid4vciStoreClearArgs, Ioid4vciStoreExistsArgs, - Ioid4vciStoreGetArgs, + IOid4vciStoreGetArgs, IOID4VCIStoreOpts, Ioid4vciStoreRemoveArgs, } from '../index' @@ -25,7 +25,8 @@ export class OID4VCIStore implements IAgentPlugin { this._defaultOpts = value } - private readonly _metadataStores: Map> + private readonly _issuerMetadataStores: Map> + private readonly _authorizationServerMetadataStores: Map> private readonly _optionStores: Map> private readonly defaultStoreId: string private readonly defaultNamespace: string @@ -57,12 +58,12 @@ export class OID4VCIStore implements IAgentPlugin { if (opts.defaultOpts) { this._defaultOpts = opts.defaultOpts } - if (opts?.metadataStores && opts.metadataStores instanceof Map) { - this._metadataStores = opts.metadataStores - } else if (opts?.metadataStores) { - this._metadataStores = new Map().set(this.defaultStoreId, opts.metadataStores) + if (opts?.issuerMetadataStores && opts.issuerMetadataStores instanceof Map) { + this._issuerMetadataStores = opts.issuerMetadataStores + } else if (opts?.issuerMetadataStores) { + this._issuerMetadataStores = new Map().set(this.defaultStoreId, opts.issuerMetadataStores) } else { - this._metadataStores = new Map().set( + this._issuerMetadataStores = new Map().set( this.defaultStoreId, new KeyValueStore({ namespace: this.defaultNamespace, @@ -70,9 +71,23 @@ export class OID4VCIStore implements IAgentPlugin { }), ) } + if (opts?.authorizationServerMetadataStores && opts.authorizationServerMetadataStores instanceof Map) { + this._authorizationServerMetadataStores = opts.authorizationServerMetadataStores + } else if (opts?.authorizationServerMetadataStores) { + this._authorizationServerMetadataStores = new Map().set(this.defaultStoreId, opts.authorizationServerMetadataStores) + } else { + this._authorizationServerMetadataStores = new Map().set( + this.defaultStoreId, + new KeyValueStore({ + namespace: this.defaultNamespace, + store: new Map(), + }), + ) + } if (opts && Array.isArray(opts?.importMetadatas)) { opts.importMetadatas.forEach((meta) => this.oid4vciStorePersistMetadata({ + metadataType: meta.metadataType, metadata: meta.metadata, storeId: meta.storeId ?? this.defaultStoreId, correlationId: meta.correlationId, @@ -100,7 +115,7 @@ export class OID4VCIStore implements IAgentPlugin { } } - private async oid4vciStoreGetIssuerOpts({ correlationId, storeId, namespace }: Ioid4vciStoreGetArgs): Promise { + private async oid4vciStoreGetIssuerOpts({ correlationId, storeId, namespace }: IOid4vciStoreGetArgs): Promise { return ( (await this.store({ stores: this._optionStores, storeId }).get( this.prefix({ @@ -155,35 +170,73 @@ export class OID4VCIStore implements IAgentPlugin { .then(() => true) } - private async oid4vciStoreGetMetadata({ correlationId, storeId, namespace }: Ioid4vciStoreGetArgs): Promise { - return this.store({ stores: this._metadataStores, storeId }).get(this.prefix({ namespace, correlationId })) + private async oid4vciStoreGetMetadata({ + metadataType, + correlationId, + storeId, + namespace, + }: IOid4vciStoreGetArgs): Promise { + if (metadataType === 'authorizationServer') { + return this.store({ + stores: this._authorizationServerMetadataStores, + storeId, + }).get(this.prefix({ namespace, correlationId })) + } + + return this.store({ + stores: this._issuerMetadataStores, + storeId, + }).get(this.prefix({ namespace, correlationId })) } - private async oid4vciStoreHasMetadata({ correlationId, storeId, namespace }: Ioid4vciStoreExistsArgs): Promise { - return this.store({ stores: this._metadataStores, storeId }).has(this.prefix({ namespace, correlationId })) + private async oid4vciStoreHasMetadata({ metadataType, correlationId, storeId, namespace }: Ioid4vciStoreExistsArgs): Promise { + if (metadataType === 'authorizationServer') { + return this.store({ + stores: this._authorizationServerMetadataStores, + storeId, + }).has(this.prefix({ namespace, correlationId })) + } + + return this.store({ + stores: this._issuerMetadataStores, + storeId, + }).has(this.prefix({ namespace, correlationId })) } - private async oid4vciStorePersistMetadata(args: IMetadataPersistArgs): Promise> { + private async oid4vciStorePersistMetadata(args: IMetadataPersistArgs): Promise> { const namespace = this.namespaceStr(args) const storeId = this.storeIdStr(args) - const { correlationId, metadata, ttl } = args + const { correlationId, metadata, ttl, metadataType } = args + if (args?.validation !== false) { //todo } - const existing = await this.store({ - stores: this._metadataStores, + + if (metadataType === 'authorizationServer') { + const existing = await this.store({ + stores: this._authorizationServerMetadataStores, + storeId, + }).getAsValueData(this.prefix({ namespace, correlationId })) + + if (!existing.value || (existing.value && args.overwriteExisting !== false)) { + return await this.store({ + stores: this._authorizationServerMetadataStores, + storeId, + }).set(this.prefix({ namespace, correlationId }), metadata as AuthorizationServerMetadata, ttl) + } + return existing + } + + const existing = await this.store({ + stores: this._issuerMetadataStores, storeId, - }).getAsValueData(this.prefix({ namespace, correlationId: correlationId })) + }).getAsValueData(this.prefix({ namespace, correlationId })) + if (!existing.value || (existing.value && args.overwriteExisting !== false)) { - // fixme: cast to issuer metadata - return await this.store({ stores: this._metadataStores, storeId }).set( - this.prefix({ - namespace, - correlationId: correlationId, - }), - metadata as IssuerMetadata, - ttl, - ) + return await this.store({ + stores: this._issuerMetadataStores, + storeId, + }).set(this.prefix({ namespace, correlationId }), metadata as IssuerMetadata, ttl) } return existing } @@ -191,16 +244,34 @@ export class OID4VCIStore implements IAgentPlugin { private async oid4vciStoreRemoveMetadata(args: Ioid4vciStoreRemoveArgs): Promise { const namespace = this.namespaceStr(args) const storeId = this.storeIdStr(args) - return this.store({ stores: this._metadataStores, storeId }).delete( - this.prefix({ - namespace, - correlationId: args.correlationId, - }), - ) + + if (args.metadataType === 'authorizationServer') { + return this.store({ + stores: this._authorizationServerMetadataStores, + storeId, + }).delete(this.prefix({ namespace, correlationId: args.correlationId })) + } + + return this.store({ + stores: this._issuerMetadataStores, + storeId, + }).delete(this.prefix({ namespace, correlationId: args.correlationId })) } - private async oid4vciStoreClearAllMetadata({ storeId }: Ioid4vciStoreClearArgs): Promise { - return await this.store({ stores: this._metadataStores, storeId }) + private async oid4vciStoreClearAllMetadata({ metadataType, storeId }: Ioid4vciStoreClearArgs): Promise { + if (metadataType === 'authorizationServer') { + return await this.store({ + stores: this._authorizationServerMetadataStores, + storeId, + }) + .clear() + .then(() => true) + } + + return await this.store({ + stores: this._issuerMetadataStores, + storeId, + }) .clear() .then(() => true) } @@ -210,7 +281,7 @@ export class OID4VCIStore implements IAgentPlugin { } private oid4vciStoreDefaultMetadata(): Promise> { - return Promise.resolve(this.store({ stores: this._metadataStores, storeId: this.defaultStoreId })) + return Promise.resolve(this.store({ stores: this._issuerMetadataStores, storeId: this.defaultStoreId })) } private oid4vciStoreDefaultStoreId(): Promise { diff --git a/packages/oid4vci-issuer-store/src/types/IOID4VCIStore.ts b/packages/oid4vci-issuer-store/src/types/IOID4VCIStore.ts index b4f3d4db5..a45b89176 100644 --- a/packages/oid4vci-issuer-store/src/types/IOID4VCIStore.ts +++ b/packages/oid4vci-issuer-store/src/types/IOID4VCIStore.ts @@ -1,32 +1,43 @@ -import { IssuerMetadata, CredentialIssuerMetadataOpts } from '@sphereon/oid4vci-common' +import { IssuerMetadata, CredentialIssuerMetadataOpts, AuthorizationServerMetadata } from '@sphereon/oid4vci-common' import { IDIDOptions, ResolveOpts } from '@sphereon/ssi-sdk-ext.did-utils' import { ManagedIdentifierOptsOrResult } from '@sphereon/ssi-sdk-ext.identifier-resolution' import { IKeyValueStore, IValueData } from '@sphereon/ssi-sdk.kv-store-temp' import { IPluginMethodMap } from '@veramo/core' +export type MetadataTypeMap = { + issuer: IssuerMetadata + authorizationServer: AuthorizationServerMetadata +} + export interface IOID4VCIStore extends IPluginMethodMap { oid4vciStoreDefaultMetadata(): Promise> oid4vciStoreDefaultIssuerOptions(): Promise> oid4vciStoreDefaultStoreId(): Promise oid4vciStoreDefaultNamespace(): Promise - oid4vciStoreGetIssuerOpts({ correlationId, storeId, namespace }: Ioid4vciStoreGetArgs): Promise + oid4vciStoreGetIssuerOpts({ correlationId, storeId, namespace }: IOid4vciStoreGetArgs): Promise oid4vciStoreHasIssuerOpts({ correlationId, storeId, namespace }: Ioid4vciStoreExistsArgs): Promise oid4vciStorePersistIssuerOpts(args: IIssuerOptsPersistArgs): Promise> oid4vciStoreRemoveIssuerOpts({ storeId, correlationId, namespace }: Ioid4vciStoreRemoveArgs): Promise oid4vciStoreClearAllIssuerOpts({ storeId }: Ioid4vciStoreClearArgs): Promise - oid4vciStoreGetMetadata({ correlationId, storeId, namespace }: Ioid4vciStoreGetArgs): Promise - oid4vciStoreHasMetadata({ correlationId, storeId, namespace }: Ioid4vciStoreExistsArgs): Promise - oid4vciStorePersistMetadata(args: IMetadataPersistArgs): Promise> - oid4vciStoreRemoveMetadata({ storeId, correlationId, namespace }: Ioid4vciStoreRemoveArgs): Promise - oid4vciStoreClearAllMetadata({ storeId }: Ioid4vciStoreClearArgs): Promise + oid4vciStoreGetMetadata({ + metadataType, + correlationId, + storeId, + namespace, + }: IOid4vciStoreGetArgs): Promise + oid4vciStoreHasMetadata({ metadataType, correlationId, storeId, namespace }: Ioid4vciStoreExistsArgs): Promise + oid4vciStorePersistMetadata(args: IMetadataPersistArgs): Promise> + oid4vciStoreRemoveMetadata({ metadataType, storeId, correlationId, namespace }: Ioid4vciStoreRemoveArgs): Promise + oid4vciStoreClearAllMetadata({ metadataType, storeId }: Ioid4vciStoreClearArgs): Promise } export interface IOID4VCIStoreOpts { defaultStore?: string defaultNamespace?: string - metadataStores?: Map> | IKeyValueStore + issuerMetadataStores?: Map> | IKeyValueStore + authorizationServerMetadataStores?: Map> | IKeyValueStore issuerOptsStores?: Map> | IKeyValueStore importMetadatas?: IMetadataImportArgs[] importIssuerOpts?: IIssuerOptsImportArgs[] @@ -58,21 +69,25 @@ export interface IMetadataOptions { storeNamespace?: string } -export interface Ioid4vciStoreGetArgs { +export type Oid4vciMetadataType = 'issuer' | 'authorizationServer' + +export interface IOid4vciStoreGetArgs { + metadataType: Oid4vciMetadataType correlationId: string storeId?: string namespace?: string } -export type Ioid4vciStoreExistsArgs = Ioid4vciStoreGetArgs +export type Ioid4vciStoreExistsArgs = IOid4vciStoreGetArgs // export type Ioid4vciStoreClearArgs = Ioid4vciStoreGetArgs -export type Ioid4vciStoreRemoveArgs = Ioid4vciStoreGetArgs +export type Ioid4vciStoreRemoveArgs = IOid4vciStoreGetArgs export type IMetadataImportArgs = IMetadataPersistArgs export type IIssuerOptsImportArgs = IIssuerOptsPersistArgs export interface IMetadataPersistArgs extends Ioid4vciStorePersistArgs { - metadata: IssuerMetadata | CredentialIssuerMetadataOpts // The actual metadata + metadataType: Oid4vciMetadataType + metadata: IssuerMetadata | AuthorizationServerMetadata // The actual metadata } export interface IIssuerOptsPersistArgs extends Ioid4vciStorePersistArgs { @@ -88,6 +103,7 @@ export interface Ioid4vciStorePersistArgs { } export interface Ioid4vciStoreClearArgs { + metadataType: Oid4vciMetadataType storeId?: string // namespace?: string } diff --git a/packages/oid4vci-issuer/package.json b/packages/oid4vci-issuer/package.json index a7e950cc9..458d6dd0f 100644 --- a/packages/oid4vci-issuer/package.json +++ b/packages/oid4vci-issuer/package.json @@ -14,8 +14,8 @@ "build:clean": "tsc --build --clean && tsc --build" }, "dependencies": { - "@sphereon/oid4vci-common": "0.16.1-next.181", - "@sphereon/oid4vci-issuer": "0.16.1-next.181", + "@sphereon/oid4vci-common": "0.16.1-next.187", + "@sphereon/oid4vci-issuer": "0.16.1-next.187", "@sphereon/ssi-sdk-ext.did-utils": "0.25.0", "@sphereon/ssi-sdk-ext.identifier-resolution": "0.25.0", "@sphereon/ssi-sdk.agent-config": "workspace:*", diff --git a/packages/oid4vci-issuer/src/IssuerInstance.ts b/packages/oid4vci-issuer/src/IssuerInstance.ts index 7809d6a0a..7eec424da 100644 --- a/packages/oid4vci-issuer/src/IssuerInstance.ts +++ b/packages/oid4vci-issuer/src/IssuerInstance.ts @@ -1,7 +1,7 @@ import { VcIssuer } from '@sphereon/oid4vci-issuer' import { DIDDocument } from '@veramo/core' import { createVciIssuerBuilder } from './functions' -import { IssuerMetadata } from '@sphereon/oid4vci-common' +import { AuthorizationServerMetadata, IssuerMetadata } from '@sphereon/oid4vci-common' import { CredentialDataSupplier } from '@sphereon/oid4vci-issuer' import { IIssuerOptions, IMetadataOptions, IRequiredContext } from './types/IOID4VCIIssuer' @@ -10,20 +10,24 @@ export class IssuerInstance { private _issuer: VcIssuer | undefined private readonly _metadataOptions: IMetadataOptions private readonly _issuerOptions: IIssuerOptions - private readonly _metadata: IssuerMetadata + private readonly _issuerMetadata: IssuerMetadata + private readonly _authorizationServerMetadata: AuthorizationServerMetadata public constructor({ issuerOpts, metadataOpts, - metadata, + issuerMetadata, + authorizationServerMetadata, }: { issuerOpts: IIssuerOptions metadataOpts: IMetadataOptions - metadata: IssuerMetadata + issuerMetadata: IssuerMetadata + authorizationServerMetadata: AuthorizationServerMetadata }) { this._issuerOptions = issuerOpts this._metadataOptions = metadataOpts - this._metadata = metadata + this._issuerMetadata = issuerMetadata + this._authorizationServerMetadata = authorizationServerMetadata } public async get(opts: { context: IRequiredContext; credentialDataSupplier?: CredentialDataSupplier }): Promise> { @@ -31,7 +35,8 @@ export class IssuerInstance { const builder = await createVciIssuerBuilder( { issuerOpts: this.issuerOptions, - metadata: this.metadata, + issuerMetadata: this.issuerMetadata, + authorizationServerMetadata: this.authorizationServerMetadata, credentialDataSupplier: opts?.credentialDataSupplier, }, opts.context, @@ -49,7 +54,11 @@ export class IssuerInstance { return this._metadataOptions } - get metadata() { - return this._metadata + get issuerMetadata() { + return this._issuerMetadata + } + + get authorizationServerMetadata() { + return this._authorizationServerMetadata } } diff --git a/packages/oid4vci-issuer/src/agent/OID4VCIIssuer.ts b/packages/oid4vci-issuer/src/agent/OID4VCIIssuer.ts index 04b8f2d19..15857db02 100644 --- a/packages/oid4vci-issuer/src/agent/OID4VCIIssuer.ts +++ b/packages/oid4vci-issuer/src/agent/OID4VCIIssuer.ts @@ -1,6 +1,5 @@ -import { AccessTokenResponse, CredentialResponse } from '@sphereon/oid4vci-common' -import { assertValidAccessTokenRequest, createAccessTokenResponse } from '@sphereon/oid4vci-issuer' -import { VcIssuer } from '@sphereon/oid4vci-issuer' +import { AccessTokenResponse, AuthorizationServerMetadata, CredentialResponse, IssuerMetadata } from '@sphereon/oid4vci-common' +import { assertValidAccessTokenRequest, createAccessTokenResponse, VcIssuer } from '@sphereon/oid4vci-issuer' import { getAgentResolver } from '@sphereon/ssi-sdk-ext.did-utils' import { IMetadataOptions } from '@sphereon/ssi-sdk.oid4vci-issuer-store' import { DIDDocument, IAgentPlugin } from '@veramo/core' @@ -88,7 +87,8 @@ export class OID4VCIIssuer implements IAgentPlugin { //todo: prob doesn't make sense as credentialIssuer is mandatory anyway const metadataOpts = await this.getMetadataOpts({ ...args, credentialIssuer }, context) - const metadata = await this.getIssuerMetadata({ ...args, credentialIssuer }, context) + const issuerMetadata = await this.getIssuerMetadata({ ...args, credentialIssuer }, context) + const authorizationServerMetadata = await this.getAuthorizationServerMetadata({ ...args, credentialIssuer }, context) const issuerOpts = await this.getIssuerOpts({ ...args, credentialIssuer }, context) if (!issuerOpts.resolveOpts) { issuerOpts.resolveOpts = { ...issuerOpts.didOpts?.resolveOpts, ...this._opts.resolveOpts } @@ -96,7 +96,7 @@ export class OID4VCIIssuer implements IAgentPlugin { if (!issuerOpts.resolveOpts?.resolver) { issuerOpts.resolveOpts.resolver = getAgentResolver(context) } - this.instances.set(credentialIssuer, new IssuerInstance({ issuerOpts, metadataOpts, metadata })) + this.instances.set(credentialIssuer, new IssuerInstance({ issuerOpts, metadataOpts, issuerMetadata, authorizationServerMetadata })) return this.oid4vciGetInstance(args, context) } @@ -121,6 +121,7 @@ export class OID4VCIIssuer implements IAgentPlugin { const storeId = await this.storeId(opts, context) const namespace = await this.namespace(opts, context) const options = await context.agent.oid4vciStoreGetIssuerOpts({ + metadataType: 'authorizationServer', correlationId: credentialIssuer, storeId, namespace, @@ -152,13 +153,35 @@ export class OID4VCIIssuer implements IAgentPlugin { namespace?: string }, context: IRequiredContext, - ) { + ): Promise { const metadataOpts = await this.getMetadataOpts(opts, context) - let metadata = await context.agent.oid4vciStoreGetMetadata({ + const metadata = (await context.agent.oid4vciStoreGetMetadata({ + metadataType: 'issuer', correlationId: metadataOpts.credentialIssuer, namespace: metadataOpts.storeNamespace, storeId: metadataOpts.storeId, - }) + })) as IssuerMetadata + if (!metadata) { + throw Error(`Credential issuer ${opts.credentialIssuer} metadata not found for namespace ${opts.namespace} and store ${opts.storeId}`) + } + return metadata + } + + private async getAuthorizationServerMetadata( + opts: { + credentialIssuer: string + storeId?: string + namespace?: string + }, + context: IRequiredContext, + ): Promise { + const metadataOpts = await this.getMetadataOpts(opts, context) + const metadata = (await context.agent.oid4vciStoreGetMetadata({ + metadataType: 'authorizationServer', + correlationId: metadataOpts.credentialIssuer, + namespace: metadataOpts.storeNamespace, + storeId: metadataOpts.storeId, + })) as AuthorizationServerMetadata if (!metadata) { throw Error(`Credential issuer ${opts.credentialIssuer} metadata not found for namespace ${opts.namespace} and store ${opts.storeId}`) } diff --git a/packages/oid4vci-issuer/src/functions.ts b/packages/oid4vci-issuer/src/functions.ts index cd799e3c6..aca86ad84 100644 --- a/packages/oid4vci-issuer/src/functions.ts +++ b/packages/oid4vci-issuer/src/functions.ts @@ -1,4 +1,11 @@ -import { CredentialRequest, IssuerMetadata, Jwt, JwtVerifyResult, OID4VCICredentialFormat } from '@sphereon/oid4vci-common' +import { + AuthorizationServerMetadata, + CredentialRequest, + IssuerMetadata, + Jwt, + JwtVerifyResult, + OID4VCICredentialFormat, +} from '@sphereon/oid4vci-common' import { CredentialDataSupplier, CredentialIssuanceInput, CredentialSignerCallback, VcIssuer, VcIssuerBuilder } from '@sphereon/oid4vci-issuer' import { getAgentResolver, IDIDOptions } from '@sphereon/ssi-sdk-ext.did-utils' import { legacyKeyRefsToIdentifierOpts, ManagedIdentifierOptsOrResult } from '@sphereon/ssi-sdk-ext.identifier-resolution' @@ -119,8 +126,7 @@ export async function getAccessTokenSignerCallback( if (!issuer) { throw Error('No issuer configured for access tokens') } - const result = await createJWT(jwt.payload, { signer, issuer }, { ...jwt.header, typ: 'JWT' }) - return result + return await createJWT(jwt.payload, { signer, issuer }, { ...jwt.header, typ: 'JWT' }) } return accessTokenSignerCallback @@ -215,13 +221,14 @@ export async function getCredentialSignerCallback( export async function createVciIssuerBuilder( args: { issuerOpts: IIssuerOptions - metadata: IssuerMetadata + issuerMetadata: IssuerMetadata + authorizationServerMetadata: AuthorizationServerMetadata resolver?: Resolvable credentialDataSupplier?: CredentialDataSupplier }, context: IRequiredContext, ): Promise> { - const { issuerOpts, metadata } = args + const { issuerOpts, issuerMetadata, authorizationServerMetadata } = args const builder = new VcIssuerBuilder() // @ts-ignore @@ -238,9 +245,10 @@ export async function createVciIssuerBuilder( ...issuerOpts?.didOpts?.resolveOpts?.jwtVerifyOpts, ...args?.issuerOpts?.resolveOpts?.jwtVerifyOpts, resolver, - audience: metadata.credential_issuer as string, // FIXME legacy version had {display: NameAndLocale | NameAndLocale[]} as credential_issuer + audience: issuerMetadata.credential_issuer as string, // FIXME legacy version had {display: NameAndLocale | NameAndLocale[]} as credential_issuer } - builder.withIssuerMetadata(metadata) + builder.withIssuerMetadata(issuerMetadata) + builder.withAuthorizationMetadata(authorizationServerMetadata) // builder.withUserPinRequired(issuerOpts.userPinRequired ?? false) was removed from implementers draft v1 builder.withCredentialSignerCallback(await getCredentialSignerCallback(idOpts, context)) builder.withJWTVerifyCallback(getJwtVerifyCallback({ verifyOpts: jwtVerifyOpts }, context)) @@ -258,14 +266,16 @@ export async function createVciIssuerBuilder( export async function createVciIssuer( { issuerOpts, - metadata, + issuerMetadata, + authorizationServerMetadata, credentialDataSupplier, }: { issuerOpts: IIssuerOptions - metadata: IssuerMetadata + issuerMetadata: IssuerMetadata + authorizationServerMetadata: AuthorizationServerMetadata credentialDataSupplier?: CredentialDataSupplier }, context: IRequiredContext, ): Promise> { - return (await createVciIssuerBuilder({ issuerOpts, metadata, credentialDataSupplier }, context)).build() + return (await createVciIssuerBuilder({ issuerOpts, issuerMetadata, authorizationServerMetadata, credentialDataSupplier }, context)).build() } diff --git a/packages/public-key-hosting/src/api-functions.ts b/packages/public-key-hosting/src/api-functions.ts index 6f0379a19..4e0c9bca2 100644 --- a/packages/public-key-hosting/src/api-functions.ts +++ b/packages/public-key-hosting/src/api-functions.ts @@ -1,4 +1,6 @@ import { checkAuth, ISingleEndpointOpts, sendErrorResponse } from '@sphereon/ssi-express-support' +import { ISphereonKeyManager } from '@sphereon/ssi-sdk-ext.key-manager' +import { contextHasPlugin } from '@sphereon/ssi-sdk.agent-config' import { Request, Response, Router } from 'express' import { JKWS_HOSTING_ALL_KEYS_PATH, JWKS_HOSTING_DID_KEYS_PATH } from './environment' import { toJWKS } from './functions' @@ -15,8 +17,12 @@ export function getAllJWKSEndpoint(router: Router, context: IRequiredContext, op logger.info(`All JWKS endpoint enabled, path ${path}`) router.get(path, checkAuth(opts?.endpoint), async (request: Request, response: Response) => { try { + if (!contextHasPlugin(context, 'keyManagerListKeys')) { + return sendErrorResponse(response, 500, 'Key manager plugin that can list keys is not found. Please enable the Sphereon Key Manager plugin if you want to use this endpoint') + } response.statusCode = 202 - return response.send({}) + const keys = await context.agent.keyManagerListKeys() + return response.send(toJWKS({ keys })) } catch (e) { return sendErrorResponse(response, 500, e.message as string, e) } diff --git a/packages/public-key-hosting/src/environment.ts b/packages/public-key-hosting/src/environment.ts index 2e7d08674..4576ece9d 100644 --- a/packages/public-key-hosting/src/environment.ts +++ b/packages/public-key-hosting/src/environment.ts @@ -1,2 +1,2 @@ export const JKWS_HOSTING_ALL_KEYS_PATH = process.env.JWKS_HOSTING_BASE_PATH ?? '/.well-known/jwks.json' -export const JWKS_HOSTING_DID_KEYS_PATH = process.env.JWKS_HOSTING_BASE_PATH ?? '/.well-known/jwks/dids/:did' +export const JWKS_HOSTING_DID_KEYS_PATH = process.env.JWKS_HOSTING_DID_PATH ?? '/.well-known/jwks/dids/:did' diff --git a/packages/siopv2-oid4vp-common/package.json b/packages/siopv2-oid4vp-common/package.json index 147c6206d..9d9a6e808 100644 --- a/packages/siopv2-oid4vp-common/package.json +++ b/packages/siopv2-oid4vp-common/package.json @@ -12,7 +12,7 @@ "access": "public" }, "dependencies": { - "@sphereon/did-auth-siop": "0.16.1-next.181", + "@sphereon/did-auth-siop": "0.16.1-next.187", "@sphereon/ssi-sdk.core": "workspace:*", "@sphereon/ssi-types": "workspace:*", "uint8arrays": "3.1.1" diff --git a/packages/siopv2-oid4vp-op-auth/__tests__/restAgent.test.ts b/packages/siopv2-oid4vp-op-auth/__tests__/restAgent.test.ts index 2f897e0a0..6adeb496a 100644 --- a/packages/siopv2-oid4vp-op-auth/__tests__/restAgent.test.ts +++ b/packages/siopv2-oid4vp-op-auth/__tests__/restAgent.test.ts @@ -96,6 +96,6 @@ const testContext = { isRestTest: true, } -xdescribe('REST integration tests', () => { +describe.skip('REST integration tests', () => { didAuthSiopOpAuthenticatorAgentLogic(testContext) }) diff --git a/packages/siopv2-oid4vp-op-auth/package.json b/packages/siopv2-oid4vp-op-auth/package.json index 9a17fc545..dc9932d96 100644 --- a/packages/siopv2-oid4vp-op-auth/package.json +++ b/packages/siopv2-oid4vp-op-auth/package.json @@ -14,9 +14,9 @@ "build:clean": "tsc --build --clean && tsc --build" }, "dependencies": { - "@sphereon/did-auth-siop": "0.16.1-next.181", - "@sphereon/did-auth-siop-adapter": "0.16.1-next.181", - "@sphereon/oid4vc-common": "0.16.1-next.181", + "@sphereon/did-auth-siop": "0.16.1-next.187", + "@sphereon/did-auth-siop-adapter": "0.16.1-next.187", + "@sphereon/oid4vc-common": "0.16.1-next.187", "@sphereon/pex": "5.0.0-unstable.27", "@sphereon/pex-models": "^2.3.1", "@sphereon/ssi-sdk-ext.did-utils": "0.25.0", diff --git a/packages/siopv2-oid4vp-op-auth/src/services/Siopv2MachineService.ts b/packages/siopv2-oid4vp-op-auth/src/services/Siopv2MachineService.ts index 97579d00c..46eadf91c 100644 --- a/packages/siopv2-oid4vp-op-auth/src/services/Siopv2MachineService.ts +++ b/packages/siopv2-oid4vp-op-auth/src/services/Siopv2MachineService.ts @@ -1,7 +1,7 @@ import { AuthorizationRequest, SupportedVersion } from '@sphereon/did-auth-siop' import { IPresentationDefinition, PEX } from '@sphereon/pex' import { InputDescriptorV1, InputDescriptorV2, PresentationDefinitionV1, PresentationDefinitionV2 } from '@sphereon/pex-models' -import { ManagedIdentifierOptsOrResult } from '@sphereon/ssi-sdk-ext.identifier-resolution' +import { isOID4VCIssuerIdentifier, ManagedIdentifierOptsOrResult } from '@sphereon/ssi-sdk-ext.identifier-resolution' import { verifiableCredentialForRoleFilter } from '@sphereon/ssi-sdk.credential-store' import { ConnectionType, CredentialRole } from '@sphereon/ssi-sdk.data-store' import { CredentialMapper, Loggers, PresentationSubmission } from '@sphereon/ssi-types' @@ -19,6 +19,7 @@ import { } from '../types' import { IAgentContext, IDIDManager } from '@veramo/core' import { getOrCreatePrimaryIdentifier, SupportedDidMethodEnum } from '@sphereon/ssi-sdk-ext.did-utils' +import { encodeJoseBlob } from '@sphereon/ssi-sdk.core' export const logger = Loggers.DEFAULT.get(LOGGER_NAMESPACE) @@ -83,25 +84,59 @@ export const siopSendAuthorizationResponse = async ( if (typeof firstUniqueDC !== 'object' || !('digitalCredential' in firstUniqueDC)) { return Promise.reject(Error('SiopMachine only supports UniqueDigitalCredentials for now')) } + let identifier: ManagedIdentifierOptsOrResult const digitalCredential = firstUniqueDC.digitalCredential - switch (digitalCredential.subjectCorrelationType) { - case 'DID': - identifier = await session.context.agent.identifierManagedGetByDid({ - identifier: digitalCredential.subjectCorrelationId, - kmsKeyRef: digitalCredential.kmsKeyRef, - }) - break - default: - identifier = await session.context.agent.identifierManagedGetByKid({ - identifier: digitalCredential.kmsKeyRef, - kmsKeyRef: digitalCredential.kmsKeyRef, - }) + const firstVC = firstUniqueDC.uniformVerifiableCredential + const holder = CredentialMapper.isSdJwtDecodedCredential(firstVC) + ? firstVC.decodedPayload.cnf?.jwk + ? //TODO SDK-19: convert the JWK to hex and search for the appropriate key and associated DID + //doesn't apply to did:jwk only, as you can represent any DID key as a JWK. So whenever you encounter a JWK it doesn't mean it had to come from a did:jwk in the system. It just can always be represented as a did:jwk + `did:jwk:${encodeJoseBlob(firstVC.decodedPayload.cnf?.jwk)}#0` + : firstVC.decodedPayload.sub + : Array.isArray(firstVC.credentialSubject) + ? firstVC.credentialSubject[0].id + : firstVC.credentialSubject.id + if (!digitalCredential.kmsKeyRef) { + // In case the store does not have the kmsKeyRef lets search for the holder + + if (!holder) { + return Promise.reject(`No holder found and no kmsKeyRef in DB. Cannot determine identifier to use`) + } + try { + identifier = await session.context.agent.identifierManagedGet({ identifier: holder }) + } catch (e) { + logger.debug(`Holder DID not found: ${holder}`) + throw e + } + } else if (isOID4VCIssuerIdentifier(digitalCredential.kmsKeyRef)) { + identifier = await session.context.agent.identifierManagedGetByOID4VCIssuer({ + identifier: firstUniqueDC.digitalCredential.kmsKeyRef, + }) + } else { + switch (digitalCredential.subjectCorrelationType) { + case 'DID': + identifier = await session.context.agent.identifierManagedGetByDid({ + identifier: digitalCredential.subjectCorrelationId ?? holder, + kmsKeyRef: digitalCredential.kmsKeyRef, + }) + break + // TODO other implementations? + default: + // Since we are using the kmsKeyRef we will find the KID regardless of the identifier. We set it for later access though + identifier = await session.context.agent.identifierManagedGetByKid({ + identifier: digitalCredential.subjectCorrelationId ?? holder ?? digitalCredential.kmsKeyRef, + kmsKeyRef: digitalCredential.kmsKeyRef, + }) + } } if (identifier === undefined && idOpts !== undefined && (await hasEbsiClient(request.authorizationRequest))) { identifier = await createEbsiIdentifier(agentContext) } + logger.debug(`Identifier`, identifier) + + // TODO Add mdoc support presentationsAndDefs = await oid4vp.createVerifiablePresentations(CredentialRole.HOLDER, credentialsAndDefinitions, { idOpts: identifier, diff --git a/packages/siopv2-oid4vp-rp-auth/package.json b/packages/siopv2-oid4vp-rp-auth/package.json index ac6a50970..6495e7892 100644 --- a/packages/siopv2-oid4vp-rp-auth/package.json +++ b/packages/siopv2-oid4vp-rp-auth/package.json @@ -14,9 +14,9 @@ "build:clean": "tsc --build --clean && tsc --build" }, "dependencies": { - "@sphereon/did-auth-siop": "0.16.1-next.181", - "@sphereon/did-auth-siop-adapter": "0.16.1-next.181", - "@sphereon/oid4vc-common": "0.16.1-next.181", + "@sphereon/did-auth-siop": "0.16.1-next.187", + "@sphereon/did-auth-siop-adapter": "0.16.1-next.187", + "@sphereon/oid4vc-common": "0.16.1-next.187", "@sphereon/pex": "5.0.0-unstable.27", "@sphereon/ssi-sdk-ext.did-utils": "0.25.0", "@sphereon/ssi-sdk-ext.identifier-resolution": "0.25.0", diff --git a/packages/siopv2-oid4vp-rp-rest-api/package.json b/packages/siopv2-oid4vp-rp-rest-api/package.json index 21f5954f4..cc20b7cc9 100644 --- a/packages/siopv2-oid4vp-rp-rest-api/package.json +++ b/packages/siopv2-oid4vp-rp-rest-api/package.json @@ -11,7 +11,7 @@ "start:dev": "ts-node __tests__/RestAPI.ts" }, "dependencies": { - "@sphereon/did-auth-siop": "0.16.1-next.181", + "@sphereon/did-auth-siop": "0.16.1-next.187", "@sphereon/ssi-express-support": "workspace:*", "@sphereon/ssi-sdk.core": "workspace:*", "@sphereon/ssi-sdk.credential-validation": "workspace:*", diff --git a/packages/w3c-vc-api/package.json b/packages/w3c-vc-api/package.json index a6902123a..e65033df4 100644 --- a/packages/w3c-vc-api/package.json +++ b/packages/w3c-vc-api/package.json @@ -11,7 +11,7 @@ "start:dev": "ts-node __tests__/agent.ts" }, "dependencies": { - "@sphereon/did-auth-siop": "0.16.1-next.181", + "@sphereon/did-auth-siop": "0.16.1-next.187", "@sphereon/ssi-express-support": "workspace:*", "@sphereon/ssi-sdk.agent-config": "workspace:*", "@sphereon/ssi-sdk.core": "workspace:*", diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index 4d6b1d0c2..28f535401 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -577,11 +577,11 @@ importers: specifier: ^5.7.0 version: 5.7.0 '@sphereon/did-auth-siop': - specifier: 0.16.1-next.181 - version: 0.16.1-next.181(encoding@0.1.13)(typescript@5.6.3) + specifier: 0.16.1-next.187 + version: 0.16.1-next.187(encoding@0.1.13)(typescript@5.6.3) '@sphereon/did-auth-siop-adapter': - specifier: 0.16.1-next.181 - version: 0.16.1-next.181(encoding@0.1.13)(typescript@5.6.3) + specifier: 0.16.1-next.187 + version: 0.16.1-next.187(encoding@0.1.13)(typescript@5.6.3) '@sphereon/pex': specifier: 5.0.0-unstable.27 version: 5.0.0-unstable.27 @@ -659,11 +659,11 @@ importers: version: 4.38.3 devDependencies: '@sphereon/oid4vci-client': - specifier: 0.16.1-next.181 - version: 0.16.1-next.181(encoding@0.1.13) + specifier: 0.16.1-next.187 + version: 0.16.1-next.187(encoding@0.1.13) '@sphereon/oid4vci-common': - specifier: 0.16.1-next.181 - version: 0.16.1-next.181(encoding@0.1.13) + specifier: 0.16.1-next.187 + version: 0.16.1-next.187(encoding@0.1.13) '@sphereon/ssi-express-support': specifier: workspace:* version: link:../ssi-express-support @@ -854,8 +854,8 @@ importers: packages/mdl-mdoc: dependencies: '@sphereon/did-auth-siop': - specifier: 0.16.1-next.181 - version: 0.16.1-next.181(encoding@0.1.13)(typescript@5.6.3) + specifier: 0.16.1-next.187 + version: 0.16.1-next.187(encoding@0.1.13)(typescript@5.6.3) '@sphereon/kmp-mdl-mdoc': specifier: 0.2.0-SNAPSHOT.22 version: 0.2.0-SNAPSHOT.22 @@ -912,11 +912,11 @@ importers: version: 9.0.1 devDependencies: '@sphereon/oid4vci-client': - specifier: 0.16.1-next.181 - version: 0.16.1-next.181(encoding@0.1.13) + specifier: 0.16.1-next.187 + version: 0.16.1-next.187(encoding@0.1.13) '@sphereon/oid4vci-common': - specifier: 0.16.1-next.181 - version: 0.16.1-next.181(encoding@0.1.13) + specifier: 0.16.1-next.187 + version: 0.16.1-next.187(encoding@0.1.13) '@sphereon/ssi-express-support': specifier: workspace:* version: link:../ssi-express-support @@ -1088,11 +1088,11 @@ importers: specifier: 0.2.0-SNAPSHOT.22 version: 0.2.0-SNAPSHOT.22 '@sphereon/oid4vci-client': - specifier: 0.16.1-next.181 - version: 0.16.1-next.181(encoding@0.1.13) + specifier: 0.16.1-next.187 + version: 0.16.1-next.187(encoding@0.1.13) '@sphereon/oid4vci-common': - specifier: 0.16.1-next.181 - version: 0.16.1-next.181(encoding@0.1.13) + specifier: 0.16.1-next.187 + version: 0.16.1-next.187(encoding@0.1.13) '@sphereon/ssi-sdk-ext.did-utils': specifier: 0.25.0 version: 0.25.0(encoding@0.1.13)(pg@8.12.0)(sqlite3@5.1.7)(ts-node@10.9.2(@types/node@20.17.1)(typescript@5.6.3)) @@ -1197,11 +1197,11 @@ importers: packages/oid4vci-issuer: dependencies: '@sphereon/oid4vci-common': - specifier: 0.16.1-next.181 - version: 0.16.1-next.181(encoding@0.1.13) + specifier: 0.16.1-next.187 + version: 0.16.1-next.187(encoding@0.1.13) '@sphereon/oid4vci-issuer': - specifier: 0.16.1-next.181 - version: 0.16.1-next.181(awesome-qr@2.1.5-rc.0(encoding@0.1.13))(encoding@0.1.13) + specifier: 0.16.1-next.187 + version: 0.16.1-next.187(awesome-qr@2.1.5-rc.0(encoding@0.1.13))(encoding@0.1.13) '@sphereon/ssi-sdk-ext.did-utils': specifier: 0.25.0 version: 0.25.0(encoding@0.1.13)(pg@8.12.0)(sqlite3@5.1.7)(ts-node@10.9.2(@types/node@20.17.1)(typescript@5.6.3)) @@ -1273,14 +1273,14 @@ importers: packages/oid4vci-issuer-rest-api: dependencies: '@sphereon/oid4vci-common': - specifier: 0.16.1-next.181 - version: 0.16.1-next.181(encoding@0.1.13) + specifier: 0.16.1-next.187 + version: 0.16.1-next.187(encoding@0.1.13) '@sphereon/oid4vci-issuer': - specifier: 0.16.1-next.181 - version: 0.16.1-next.181(awesome-qr@2.1.5-rc.0(encoding@0.1.13))(encoding@0.1.13) + specifier: 0.16.1-next.187 + version: 0.16.1-next.187(awesome-qr@2.1.5-rc.0(encoding@0.1.13))(encoding@0.1.13) '@sphereon/oid4vci-issuer-server': - specifier: 0.16.1-next.181 - version: 0.16.1-next.181(@noble/hashes@1.2.0)(awesome-qr@2.1.5-rc.0(encoding@0.1.13))(encoding@0.1.13)(passport-azure-ad@4.3.5)(passport-http-bearer@1.0.1) + specifier: 0.16.1-next.187 + version: 0.16.1-next.187(@noble/hashes@1.2.0)(awesome-qr@2.1.5-rc.0(encoding@0.1.13))(encoding@0.1.13)(passport-azure-ad@4.3.5)(passport-http-bearer@1.0.1) '@sphereon/ssi-express-support': specifier: workspace:* version: link:../ssi-express-support @@ -1439,8 +1439,8 @@ importers: packages/oid4vci-issuer-rest-client: dependencies: '@sphereon/oid4vci-common': - specifier: 0.16.1-next.181 - version: 0.16.1-next.181(encoding@0.1.13) + specifier: 0.16.1-next.187 + version: 0.16.1-next.187(encoding@0.1.13) '@sphereon/ssi-types': specifier: workspace:* version: link:../ssi-types @@ -1476,8 +1476,8 @@ importers: packages/oid4vci-issuer-store: dependencies: '@sphereon/oid4vci-common': - specifier: 0.16.1-next.181 - version: 0.16.1-next.181(encoding@0.1.13) + specifier: 0.16.1-next.187 + version: 0.16.1-next.187(encoding@0.1.13) '@sphereon/ssi-sdk-ext.did-utils': specifier: 0.25.0 version: 0.25.0(encoding@0.1.13)(pg@8.12.0)(sqlite3@5.1.7)(ts-node@10.9.2(@types/node@20.17.1)(typescript@5.6.3)) @@ -2134,8 +2134,8 @@ importers: packages/siopv2-oid4vp-common: dependencies: '@sphereon/did-auth-siop': - specifier: 0.16.1-next.181 - version: 0.16.1-next.181(encoding@0.1.13)(typescript@5.6.3) + specifier: 0.16.1-next.187 + version: 0.16.1-next.187(encoding@0.1.13)(typescript@5.6.3) '@sphereon/ssi-sdk.core': specifier: workspace:* version: link:../ssi-sdk-core @@ -2156,14 +2156,14 @@ importers: packages/siopv2-oid4vp-op-auth: dependencies: '@sphereon/did-auth-siop': - specifier: 0.16.1-next.181 - version: 0.16.1-next.181(encoding@0.1.13)(typescript@5.6.3) + specifier: 0.16.1-next.187 + version: 0.16.1-next.187(encoding@0.1.13)(typescript@5.6.3) '@sphereon/did-auth-siop-adapter': - specifier: 0.16.1-next.181 - version: 0.16.1-next.181(encoding@0.1.13)(typescript@5.6.3) + specifier: 0.16.1-next.187 + version: 0.16.1-next.187(encoding@0.1.13)(typescript@5.6.3) '@sphereon/oid4vc-common': - specifier: 0.16.1-next.181 - version: 0.16.1-next.181 + specifier: 0.16.1-next.187 + version: 0.16.1-next.187 '@sphereon/pex': specifier: 5.0.0-unstable.27 version: 5.0.0-unstable.27 @@ -2289,14 +2289,14 @@ importers: packages/siopv2-oid4vp-rp-auth: dependencies: '@sphereon/did-auth-siop': - specifier: 0.16.1-next.181 - version: 0.16.1-next.181(encoding@0.1.13)(typescript@5.6.3) + specifier: 0.16.1-next.187 + version: 0.16.1-next.187(encoding@0.1.13)(typescript@5.6.3) '@sphereon/did-auth-siop-adapter': - specifier: 0.16.1-next.181 - version: 0.16.1-next.181(encoding@0.1.13)(typescript@5.6.3) + specifier: 0.16.1-next.187 + version: 0.16.1-next.187(encoding@0.1.13)(typescript@5.6.3) '@sphereon/oid4vc-common': - specifier: 0.16.1-next.181 - version: 0.16.1-next.181 + specifier: 0.16.1-next.187 + version: 0.16.1-next.187 '@sphereon/pex': specifier: 5.0.0-unstable.27 version: 5.0.0-unstable.27 @@ -2377,8 +2377,8 @@ importers: packages/siopv2-oid4vp-rp-rest-api: dependencies: '@sphereon/did-auth-siop': - specifier: 0.16.1-next.181 - version: 0.16.1-next.181(encoding@0.1.13)(typescript@5.6.3) + specifier: 0.16.1-next.187 + version: 0.16.1-next.187(encoding@0.1.13)(typescript@5.6.3) '@sphereon/ssi-express-support': specifier: workspace:* version: link:../ssi-express-support @@ -3480,8 +3480,8 @@ importers: packages/w3c-vc-api: dependencies: '@sphereon/did-auth-siop': - specifier: 0.16.1-next.181 - version: 0.16.1-next.181(encoding@0.1.13)(typescript@5.6.3) + specifier: 0.16.1-next.187 + version: 0.16.1-next.187(encoding@0.1.13)(typescript@5.6.3) '@sphereon/ssi-express-support': specifier: workspace:* version: link:../ssi-express-support @@ -5961,12 +5961,12 @@ packages: '@sinonjs/fake-timers@8.1.0': resolution: {integrity: sha512-OAPJUAtgeINhh/TAlUID4QTs53Njm7xzddaVlEs/SXwgtiD1tW22zAB/W1wdqfrpmikgaWQ9Fw6Ws+hsiRm5Vg==} - '@sphereon/did-auth-siop-adapter@0.16.1-next.181': - resolution: {integrity: sha512-lMP3k4DcQGKjR9R6F9yirD74DNcuW4JFD7iHyAy7zpy3Zslo8K70VQJk91P7WZThJO/2bpNXJUL2kspugHt/Sg==} + '@sphereon/did-auth-siop-adapter@0.16.1-next.187': + resolution: {integrity: sha512-h1UuemCO+V9XwosFYzx9ERVMb9l3fHyYtK84e+WJds2wFPKCUli8WMYsbMp1rjh5ld7ovXqvlQr3M2nNxAO+0Q==} engines: {node: '>=18'} - '@sphereon/did-auth-siop@0.16.1-next.181': - resolution: {integrity: sha512-Phh9ZIQdXnSLDD1JUSqSm6EehswCZtvS64wGlSnmMoESu4SYsfM8D5hWjJg+Nogm5k93zgig3q6HcaazpvBrAA==} + '@sphereon/did-auth-siop@0.16.1-next.187': + resolution: {integrity: sha512-L3HA5+5tr+OLQOlJF+i5t9MJryzQyM+p1MuQjKj/fdGkTTcXKCZhHm4ymW06QxJFOJ/LZwkQfNSRsBbUKGgNLg==} engines: {node: '>=18'} '@sphereon/did-provider-oyd@0.25.0': @@ -5989,8 +5989,8 @@ packages: '@sphereon/react-native-argon2': ^2.0.9 react-native: '>=0.60.0' - '@sphereon/jarm@0.16.1-next.181': - resolution: {integrity: sha512-UIctIg5uUGGAZsfNAyiwKkq2OLCzlUQMadE/2QoJhvz0YyWppXOThuvXz3rPTLCgu7bqkkNIIBFCLjplasEvLQ==} + '@sphereon/jarm@0.16.1-next.187': + resolution: {integrity: sha512-rN06MBRYjtXcGBB/LL5PL7zZ0I0T+yNqE4G9rZkKqcFUHCifAuDVV5iKaPZOVaYgdJ1xCPCeoNyDhmyij7OMCw==} engines: {node: '>=18'} '@sphereon/kmp-mdl-mdoc@0.2.0-SNAPSHOT.22': @@ -6000,20 +6000,20 @@ packages: '@sphereon/lto-did-ts@0.1.8-unstable.0': resolution: {integrity: sha512-3jzwwuYX/VYuze+T9/yg4PcsJ5iNNwAfTp4WfS4aSfPFBErDAfKXqn6kOb0wFYGkhejr3Jz+rljPC2iKZiHiGA==} - '@sphereon/oid4vc-common@0.16.1-next.181': - resolution: {integrity: sha512-v/Tg1YGSTPwpE+1ccSqzKPdlyk5vRIoihXvLxqc9oBOVSEQ/yHKb1tKoO/HFjwwaQ069NEG2OzzJ4oQn/8GPFQ==} + '@sphereon/oid4vc-common@0.16.1-next.187': + resolution: {integrity: sha512-OYOT3Z3moNb6JyGHYX9tcaOcrCAUn9opNKQ9wuKoiSyckXS6RZXinuDlGETISnMCf3cQZCWAHOc6ctfHv1eHDw==} engines: {node: '>=18'} - '@sphereon/oid4vci-client@0.16.1-next.181': - resolution: {integrity: sha512-Gtrqr2EiZyLmS1HcmrF55R0Cc42gEN1+iU8k+TKJ7tpb5zUz8MVfzqB/BUF68EeWHSoEk2CqhmIbn/dZlGYmyg==} + '@sphereon/oid4vci-client@0.16.1-next.187': + resolution: {integrity: sha512-a3V4gXVkD4Evg9OYPjNOYb2uhBCljo5iS1m8cQJ1KhEurx34aF8X7fWxKzdebBFOLiwA6fiRvfN4i+yL8L8yoQ==} engines: {node: '>=18'} - '@sphereon/oid4vci-common@0.16.1-next.181': - resolution: {integrity: sha512-q/KKrIgPjCcBF8jBdpWs5+gWCbPfBb2CTFNZ4rOBtCMagOZj5hnnsVWfXtLrgz2IVD7edJtexiXLph7e9sQVHA==} + '@sphereon/oid4vci-common@0.16.1-next.187': + resolution: {integrity: sha512-7mWnxVHMm6Sm3ukQUb9N0SerHPu02W+8damFSN1hIQNgI/vSYCVfZcFL8YOPanxh0KAO9JYA5+QuVDMxp0WQyw==} engines: {node: '>=18'} - '@sphereon/oid4vci-issuer-server@0.16.1-next.181': - resolution: {integrity: sha512-QS4dBROi5MkdnqhrbiSa8SMaJIXUeDjgkfZpBfmGrQeFGGGJ0xKYlBkbAbXQkISTXSbPke+J63qjM/HqybDiRA==} + '@sphereon/oid4vci-issuer-server@0.16.1-next.187': + resolution: {integrity: sha512-PWyEVhyyTIfLh0c73IzuwUGHJRDiE6wd3fqAaSJZv2A2Pc6WJyOgo/stQtLPJd5TuqSLBRaDgcr5dW50WEA7QQ==} engines: {node: '>=18'} peerDependencies: awesome-qr: ^2.1.5-rc.0 @@ -6021,8 +6021,8 @@ packages: awesome-qr: optional: true - '@sphereon/oid4vci-issuer@0.16.1-next.181': - resolution: {integrity: sha512-Yv0WQJCGQLoNy6bPx4FcDxq2ElfhbGZ+ohaKLCM3CtKPSvwHDZP3U5V5wo7uKAQKqf2RJzGNMgbQsmvOGnXQBw==} + '@sphereon/oid4vci-issuer@0.16.1-next.187': + resolution: {integrity: sha512-B2EAiaOJVWzonA/rPTlwl24eRvQ86P2/+ew7TWRgiaqKOO779kOzYPUgQeuljr7Jrl5+U2z2gQYBHtGKt4NkBA==} engines: {node: '>=18'} peerDependencies: awesome-qr: ^2.1.5-rc.0 @@ -10069,6 +10069,9 @@ packages: jose@5.9.4: resolution: {integrity: sha512-WBBl6au1qg6OHj67yCffCgFR3BADJBXN8MdRvCgJDuMv3driV2nHr7jdGvaKX9IolosAsn+M0XRArqLXUhyJHQ==} + jose@5.9.6: + resolution: {integrity: sha512-AMlnetc9+CV9asI19zHmrgS/WYsWUwCn2R7RzlbJWD7F9eWYUTGyBmU9o6PxngtLGOiDGPRu+Uc4fhKzbpteZQ==} + js-base64@3.7.7: resolution: {integrity: sha512-7rCnleh0z2CkXhH67J8K1Ytz0b2Y+yxTPL+/KOJoa20hfnVQ/3/T6W/KflYI4bRHRagNeXeU2bkNGI3v1oS/lw==} @@ -17286,11 +17289,11 @@ snapshots: dependencies: '@sinonjs/commons': 1.8.6 - '@sphereon/did-auth-siop-adapter@0.16.1-next.181(encoding@0.1.13)(typescript@5.6.3)': + '@sphereon/did-auth-siop-adapter@0.16.1-next.187(encoding@0.1.13)(typescript@5.6.3)': dependencies: - '@sphereon/did-auth-siop': 0.16.1-next.181(encoding@0.1.13)(typescript@5.6.3) + '@sphereon/did-auth-siop': 0.16.1-next.187(encoding@0.1.13)(typescript@5.6.3) '@sphereon/did-uni-client': 0.6.3(encoding@0.1.13) - '@sphereon/oid4vc-common': 0.16.1-next.181 + '@sphereon/oid4vc-common': 0.16.1-next.187 '@sphereon/wellknown-dids-client': 0.1.3(encoding@0.1.13) did-jwt: 6.11.6(patch_hash=afqywxnnjnsy6hwgax66dyyiey) did-resolver: 4.1.0 @@ -17299,11 +17302,11 @@ snapshots: - supports-color - typescript - '@sphereon/did-auth-siop@0.16.1-next.181(encoding@0.1.13)(typescript@5.6.3)': + '@sphereon/did-auth-siop@0.16.1-next.187(encoding@0.1.13)(typescript@5.6.3)': dependencies: '@astronautlabs/jsonpath': 1.1.2 - '@sphereon/jarm': 0.16.1-next.181(typescript@5.6.3) - '@sphereon/oid4vc-common': 0.16.1-next.181 + '@sphereon/jarm': 0.16.1-next.187(typescript@5.6.3) + '@sphereon/oid4vc-common': 0.16.1-next.187 '@sphereon/pex': 5.0.0-unstable.27 '@sphereon/pex-models': 2.3.1 '@sphereon/ssi-types': link:packages/ssi-types @@ -17364,9 +17367,9 @@ snapshots: react-native: 0.75.2(@babel/core@7.25.2)(@babel/preset-env@7.25.3(@babel/core@7.25.2))(@types/react@18.3.4)(encoding@0.1.13)(react@18.3.1)(typescript@5.6.3) uint8arrays: 3.1.1 - '@sphereon/jarm@0.16.1-next.181(typescript@5.6.3)': + '@sphereon/jarm@0.16.1-next.187(typescript@5.6.3)': dependencies: - '@sphereon/oid4vc-common': 0.16.1-next.181 + '@sphereon/oid4vc-common': 0.16.1-next.187 valibot: 0.42.1(typescript@5.6.3) transitivePeerDependencies: - typescript @@ -17390,7 +17393,7 @@ snapshots: - encoding - typescript - '@sphereon/oid4vc-common@0.16.1-next.181': + '@sphereon/oid4vc-common@0.16.1-next.187': dependencies: '@sphereon/ssi-types': link:packages/ssi-types jwt-decode: 4.0.0 @@ -17398,10 +17401,10 @@ snapshots: uint8arrays: 3.1.1 uuid: 9.0.1 - '@sphereon/oid4vci-client@0.16.1-next.181(encoding@0.1.13)': + '@sphereon/oid4vci-client@0.16.1-next.187(encoding@0.1.13)': dependencies: - '@sphereon/oid4vc-common': 0.16.1-next.181 - '@sphereon/oid4vci-common': 0.16.1-next.181(encoding@0.1.13) + '@sphereon/oid4vc-common': 0.16.1-next.187 + '@sphereon/oid4vci-common': 0.16.1-next.187(encoding@0.1.13) '@sphereon/ssi-types': link:packages/ssi-types cross-fetch: 3.1.8(encoding@0.1.13) debug: 4.3.6 @@ -17409,9 +17412,9 @@ snapshots: - encoding - supports-color - '@sphereon/oid4vci-common@0.16.1-next.181(encoding@0.1.13)': + '@sphereon/oid4vci-common@0.16.1-next.187(encoding@0.1.13)': dependencies: - '@sphereon/oid4vc-common': 0.16.1-next.181 + '@sphereon/oid4vc-common': 0.16.1-next.187 '@sphereon/ssi-types': link:packages/ssi-types cross-fetch: 3.1.8(encoding@0.1.13) debug: 4.3.6 @@ -17422,11 +17425,11 @@ snapshots: - encoding - supports-color - '@sphereon/oid4vci-issuer-server@0.16.1-next.181(@noble/hashes@1.2.0)(awesome-qr@2.1.5-rc.0(encoding@0.1.13))(encoding@0.1.13)(passport-azure-ad@4.3.5)(passport-http-bearer@1.0.1)': + '@sphereon/oid4vci-issuer-server@0.16.1-next.187(@noble/hashes@1.2.0)(awesome-qr@2.1.5-rc.0(encoding@0.1.13))(encoding@0.1.13)(passport-azure-ad@4.3.5)(passport-http-bearer@1.0.1)': dependencies: - '@sphereon/oid4vc-common': 0.16.1-next.181 - '@sphereon/oid4vci-common': 0.16.1-next.181(encoding@0.1.13) - '@sphereon/oid4vci-issuer': 0.16.1-next.181(awesome-qr@2.1.5-rc.0(encoding@0.1.13))(encoding@0.1.13) + '@sphereon/oid4vc-common': 0.16.1-next.187 + '@sphereon/oid4vci-common': 0.16.1-next.187(encoding@0.1.13) + '@sphereon/oid4vci-issuer': 0.16.1-next.187(awesome-qr@2.1.5-rc.0(encoding@0.1.13))(encoding@0.1.13) '@sphereon/ssi-express-support': 0.30.1(@noble/hashes@1.2.0)(passport-azure-ad@4.3.5)(passport-http-bearer@1.0.1) '@sphereon/ssi-types': link:packages/ssi-types body-parser: 1.20.2 @@ -17445,10 +17448,10 @@ snapshots: - passport-http-bearer - supports-color - '@sphereon/oid4vci-issuer@0.16.1-next.181(awesome-qr@2.1.5-rc.0(encoding@0.1.13))(encoding@0.1.13)': + '@sphereon/oid4vci-issuer@0.16.1-next.187(awesome-qr@2.1.5-rc.0(encoding@0.1.13))(encoding@0.1.13)': dependencies: - '@sphereon/oid4vc-common': 0.16.1-next.181 - '@sphereon/oid4vci-common': 0.16.1-next.181(encoding@0.1.13) + '@sphereon/oid4vc-common': 0.16.1-next.187 + '@sphereon/oid4vci-common': 0.16.1-next.187(encoding@0.1.13) '@sphereon/ssi-types': link:packages/ssi-types uuid: 9.0.1 optionalDependencies: @@ -17723,7 +17726,7 @@ snapshots: '@veramo/core': 4.2.0(patch_hash=c5oempznsz4br5w3tcuk2i2mau) '@veramo/utils': 4.2.0(encoding@0.1.13) debug: 4.3.6 - jose: 5.9.4 + jose: 5.9.6 jwt-decode: 4.0.0 uint8arrays: 3.1.1 transitivePeerDependencies: @@ -23040,7 +23043,7 @@ snapshots: jest-diff@29.7.0: dependencies: - chalk: 4.1.0 + chalk: 4.1.2 diff-sequences: 29.6.3 jest-get-type: 29.6.3 pretty-format: 29.7.0 @@ -23561,6 +23564,8 @@ snapshots: jose@5.9.4: {} + jose@5.9.6: {} + js-base64@3.7.7: {} js-binary-schema-parser@2.0.3: {} @@ -24810,7 +24815,7 @@ snapshots: array-differ: 3.0.0 array-union: 2.1.0 arrify: 2.0.1 - minimatch: 3.0.5 + minimatch: 3.1.2 mute-stream@0.0.8: {}