feature/SDK-41_oidf-support

packages/contact-manager-rest-api/package.json

@@ -12,8 +12,8 @@
   },
   "dependencies": {
     "@sphereon/ssi-express-support": "workspace:*",
-    "@sphereon/ssi-sdk-ext.key-manager": "0.25.0",
-    "@sphereon/ssi-sdk-ext.key-utils": "0.25.0",
+    "@sphereon/ssi-sdk-ext.key-manager": "0.25.1-feature.SDK.41.oidf.support.20",
+    "@sphereon/ssi-sdk-ext.key-utils": "0.25.1-feature.SDK.41.oidf.support.20",
     "@sphereon/ssi-sdk.contact-manager": "workspace:*",
     "@sphereon/ssi-sdk.core": "workspace:*",
     "@sphereon/ssi-sdk.data-store": "workspace:*",

packages/data-store/package.json

@@ -16,8 +16,8 @@
   "dependencies": {
     "@sphereon/kmp-mdl-mdoc": "0.2.0-SNAPSHOT.22",
     "@sphereon/pex": "5.0.0-unstable.27",
-    "@sphereon/ssi-sdk-ext.did-utils": "0.25.0",
-    "@sphereon/ssi-sdk-ext.identifier-resolution": "0.25.0",
+    "@sphereon/ssi-sdk-ext.did-utils": "0.25.1-feature.SDK.41.oidf.support.20",
+    "@sphereon/ssi-sdk-ext.identifier-resolution": "0.25.1-feature.SDK.41.oidf.support.20",
     "@sphereon/ssi-sdk.agent-config": "workspace:*",
     "@sphereon/ssi-sdk.core": "workspace:*",
     "@sphereon/ssi-types": "workspace:*",

packages/ebsi-support/package.json

@@ -15,15 +15,15 @@
   },
   "dependencies": {
     "@ethersproject/random": "^5.7.0",
-    "@sphereon/did-auth-siop": "0.16.1-next.187",
-    "@sphereon/did-auth-siop-adapter": "0.16.1-next.187",
+    "@sphereon/did-auth-siop": "0.16.1-next.224",
+    "@sphereon/did-auth-siop-adapter": "0.16.1-next.224",
     "@sphereon/pex": "5.0.0-unstable.27",
     "@sphereon/pex-models": "^2.3.1",
-    "@sphereon/ssi-sdk-ext.did-resolver-ebsi": "0.25.0",
-    "@sphereon/ssi-sdk-ext.did-utils": "0.25.0",
-    "@sphereon/ssi-sdk-ext.identifier-resolution": "0.25.0",
-    "@sphereon/ssi-sdk-ext.jwt-service": "0.25.0",
-    "@sphereon/ssi-sdk-ext.key-utils": "0.25.0",
+    "@sphereon/ssi-sdk-ext.did-resolver-ebsi": "0.25.1-feature.SDK.41.oidf.support.20",
+    "@sphereon/ssi-sdk-ext.did-utils": "0.25.1-feature.SDK.41.oidf.support.20",
+    "@sphereon/ssi-sdk-ext.identifier-resolution": "0.25.1-feature.SDK.41.oidf.support.20",
+    "@sphereon/ssi-sdk-ext.jwt-service": "0.25.1-feature.SDK.41.oidf.support.20",
+    "@sphereon/ssi-sdk-ext.key-utils": "0.25.1-feature.SDK.41.oidf.support.20",
     "@sphereon/ssi-sdk.contact-manager": "workspace:*",
     "@sphereon/ssi-sdk.core": "workspace:*",
     "@sphereon/ssi-sdk.oid4vci-holder": "workspace:*",
@@ -44,11 +44,11 @@
     "xstate": "^4.38.3"
   },
   "devDependencies": {
-    "@sphereon/oid4vci-client": "0.16.1-next.187",
-    "@sphereon/oid4vci-common": "0.16.1-next.187",
+    "@sphereon/oid4vci-client": "0.16.1-next.224",
+    "@sphereon/oid4vci-common": "0.16.1-next.224",
     "@sphereon/ssi-express-support": "workspace:*",
-    "@sphereon/ssi-sdk-ext.key-manager": "0.25.0",
-    "@sphereon/ssi-sdk-ext.kms-local": "0.25.0",
+    "@sphereon/ssi-sdk-ext.key-manager": "0.25.1-feature.SDK.41.oidf.support.20",
+    "@sphereon/ssi-sdk-ext.kms-local": "0.25.1-feature.SDK.41.oidf.support.20",
     "@sphereon/ssi-sdk.agent-config": "workspace:*",
     "@sphereon/ssi-sdk.data-store": "workspace:*",
     "@sphereon/ssi-sdk.public-key-hosting": "workspace:*",

packages/kv-store/package.json

@@ -6,7 +6,8 @@
   "main": "dist/index.js",
   "types": "dist/index.d.ts",
   "scripts": {
-    "build": "tsc"
+    "build": "tsc",
+    "build:clean": "tsc --build --clean && tsc --build"
   },
   "dependencies": {
     "@veramo/utils": "4.2.0",

packages/kv-store/src/keyv/keyv.ts

@@ -126,8 +126,11 @@ export class Keyv<Value = any> extends EventEmitter implements KeyvStore<Value>
     const keyPrefixed = this._getKeyPrefixArray(keys)
     let promise: Promise<Array<KeyvStoredData<Value>>>
     if (this.store.getMany !== undefined) {
-      promise = this.store.getMany(keyPrefixed, options) as Promise<KeyvStoredData<Value>[]> //.then(value => !!value ? value.values() : undefined)
       // todo: Probably wise to check expired ValueData here, if the getMany does not implement this feature itself!
+      promise = this.store.getMany(keyPrefixed, options) as Promise<KeyvStoredData<Value>[]>
+    } else if (this.isMapWithEntries(this.store)) {
+      // Handle Map-based stores with prefix matching
+      promise = this.getFromMapWithPrefix(keyPrefixed)
     } else {
       promise = Promise.all(keyPrefixed.map((k) => this.store.get(k, options) as Promise<KeyvStoredData<Value>>))
     }
@@ -136,13 +139,12 @@ export class Keyv<Value = any> extends EventEmitter implements KeyvStore<Value>
 
     return Promise.resolve(allValues)
       .then((all) => {
-        keys.forEach((key, index) => {
-          const data = all[index]
-
+        const entries = Array.isArray(all) ? all : [all]
+        entries.forEach((data, index) => {
           let result = typeof data === 'string' ? this.deserialize(data) : !!data && this.opts.compression ? this.deserialize(data) : data
 
           if (result && typeof result === 'object' && 'expires' in result && typeof result.expires === 'number' && Date.now() > result.expires) {
-            this.delete(key)
+            this.delete(keys[index])
             result = undefined
           }
 
@@ -156,6 +158,26 @@ export class Keyv<Value = any> extends EventEmitter implements KeyvStore<Value>
       .then(() => Promise.all(results))
   }
 
+  private isMapWithEntries(store: any): store is Map<string, Value> {
+    return store instanceof Map && typeof store.entries === 'function'
+  }
+
+  private async getFromMapWithPrefix(prefixes: string[]): Promise<Array<KeyvStoredData<Value> | undefined>> {
+    if (!this.isMapWithEntries(this.store)) {
+      return []
+    }
+
+    const map = this.store as Map<string, Value>
+
+    return prefixes.flatMap((prefix) => {
+      const matchedValues = Array.from(map.entries())
+        .filter(([key]) => key.startsWith(prefix))
+        .map(([, value]) => value as KeyvStoredData<Value>)
+
+      return matchedValues.length > 0 ? matchedValues : [undefined]
+    })
+  }
+
   async get(
     key: string | string[],
     options?: { raw?: boolean },

packages/mdl-mdoc/package.json

@@ -14,13 +14,13 @@
     "build:clean": "tsc --build --clean && tsc --build"
   },
   "dependencies": {
-    "@sphereon/did-auth-siop": "0.16.1-next.187",
+    "@sphereon/did-auth-siop": "0.16.1-next.224",
     "@sphereon/kmp-mdl-mdoc": "0.2.0-SNAPSHOT.22",
     "@sphereon/pex": "5.0.0-unstable.27",
     "@sphereon/pex-models": "^2.3.1",
-    "@sphereon/ssi-sdk-ext.did-utils": "0.25.0",
-    "@sphereon/ssi-sdk-ext.key-utils": "0.25.0",
-    "@sphereon/ssi-sdk-ext.x509-utils": "0.25.0",
+    "@sphereon/ssi-sdk-ext.did-utils": "0.25.1-feature.SDK.41.oidf.support.20",
+    "@sphereon/ssi-sdk-ext.key-utils": "0.25.1-feature.SDK.41.oidf.support.20",
+    "@sphereon/ssi-sdk-ext.x509-utils": "0.25.1-feature.SDK.41.oidf.support.20",
     "@sphereon/ssi-sdk.core": "workspace:*",
     "@sphereon/ssi-types": "workspace:*",
     "@veramo/core": "4.2.0",
@@ -35,11 +35,11 @@
     "uuid": "^9.0.1"
   },
   "devDependencies": {
-    "@sphereon/oid4vci-client": "0.16.1-next.187",
-    "@sphereon/oid4vci-common": "0.16.1-next.187",
+    "@sphereon/oid4vci-client": "0.16.1-next.224",
+    "@sphereon/oid4vci-common": "0.16.1-next.224",
     "@sphereon/ssi-express-support": "workspace:*",
-    "@sphereon/ssi-sdk-ext.key-manager": "0.25.0",
-    "@sphereon/ssi-sdk-ext.kms-local": "0.25.0",
+    "@sphereon/ssi-sdk-ext.key-manager": "0.25.1-feature.SDK.41.oidf.support.20",
+    "@sphereon/ssi-sdk-ext.kms-local": "0.25.1-feature.SDK.41.oidf.support.20",
     "@sphereon/ssi-sdk.agent-config": "workspace:*",
     "@sphereon/ssi-sdk.data-store": "workspace:*",
     "@sphereon/ssi-sdk.public-key-hosting": "workspace:*",

packages/oid4vci-holder/package.json

@@ -15,12 +15,12 @@
   },
   "dependencies": {
     "@sphereon/kmp-mdl-mdoc": "0.2.0-SNAPSHOT.22",
-    "@sphereon/oid4vci-client": "0.16.1-next.187",
-    "@sphereon/oid4vci-common": "0.16.1-next.187",
-    "@sphereon/ssi-sdk-ext.did-utils": "0.25.0",
-    "@sphereon/ssi-sdk-ext.identifier-resolution": "0.25.0",
-    "@sphereon/ssi-sdk-ext.jwt-service": "0.25.0",
-    "@sphereon/ssi-sdk-ext.key-utils": "0.25.0",
+    "@sphereon/oid4vci-client": "0.16.1-next.224",
+    "@sphereon/oid4vci-common": "0.16.1-next.224",
+    "@sphereon/ssi-sdk-ext.did-utils": "0.25.1-feature.SDK.41.oidf.support.20",
+    "@sphereon/ssi-sdk-ext.identifier-resolution": "0.25.1-feature.SDK.41.oidf.support.20",
+    "@sphereon/ssi-sdk-ext.jwt-service": "0.25.1-feature.SDK.41.oidf.support.20",
+    "@sphereon/ssi-sdk-ext.key-utils": "0.25.1-feature.SDK.41.oidf.support.20",
     "@sphereon/ssi-sdk.contact-manager": "workspace:*",
     "@sphereon/ssi-sdk.core": "workspace:*",
     "@sphereon/ssi-sdk.credential-store": "workspace:*",
@@ -44,7 +44,7 @@
   },
   "devDependencies": {
     "@sphereon/oid4vc-common": "0.16.1-next.187",
-    "@sphereon/ssi-sdk-ext.did-resolver-jwk": "0.25.0",
+    "@sphereon/ssi-sdk-ext.did-resolver-jwk": "0.25.1-feature.SDK.41.oidf.support.20",
     "@types/i18n-js": "^3.8.9",
     "@types/lodash.memoize": "^4.1.9",
     "@types/uuid": "^9.0.8",

packages/oid4vci-holder/src/agent/OID4VCIHolder.ts

@@ -40,7 +40,7 @@ import {
   IdentityOrigin,
   IIssuerLocaleBranding,
   NonPersistedIdentity,
-  Party
+  Party,
 } from '@sphereon/ssi-sdk.data-store'
 import {
   CredentialMapper,
@@ -72,7 +72,6 @@ import { v4 as uuidv4 } from 'uuid'
 import { OID4VCIMachine } from '../machine/oid4vciMachine'
 import {
   AddContactIdentityArgs,
-  StoreIssuerBrandingArgs,
   AssertValidCredentialsArgs,
   Attribute,
   createCredentialsToSelectFromArgs,
@@ -81,9 +80,10 @@ import {
   GetContactArgs,
   GetCredentialArgs,
   GetCredentialsArgs,
+  GetFederationTrustArgs,
+  GetIssuerBrandingArgs,
   GetIssuerMetadataArgs,
   IOID4VCIHolder,
-  GetFederationTrustArgs,
   IssuanceOpts,
   MappedCredentialToAccept,
   OID4VCIHolderEvent,
@@ -100,10 +100,10 @@ import {
   StartResult,
   StoreCredentialBrandingArgs,
   StoreCredentialsArgs,
+  StoreIssuerBrandingArgs,
   VerificationResult,
   VerifyEBSICredentialIssuerArgs,
   VerifyEBSICredentialIssuerResult,
-  GetIssuerBrandingArgs
 } from '../types/IOID4VCIHolder'
 import {
   getBasicIssuerLocaleBranding,
@@ -117,6 +117,7 @@ import {
 } from './OID4VCIHolderService'
 
 import 'cross-fetch/polyfill'
+
 /**
  * {@inheritDoc IOID4VCIHolder}
  */
@@ -258,7 +259,7 @@ export class OID4VCIHolder implements IAgentPlugin {
       didMethodPreferences,
       jwtCryptographicSuitePreferences,
       defaultAuthorizationRequestOptions,
-      hasher
+      hasher,
     } = { ...options }
 
     this.hasher = hasher
@@ -315,15 +316,16 @@ export class OID4VCIHolder implements IAgentPlugin {
         ),
       createCredentialsToSelectFrom: (args: createCredentialsToSelectFromArgs) => this.oid4vciHoldercreateCredentialsToSelectFrom(args, context),
       getContact: (args: GetContactArgs) => this.oid4vciHolderGetContact(args, context),
-      getCredentials: (args: GetCredentialsArgs) => this.oid4vciHolderGetCredentials({ accessTokenOpts: args.accessTokenOpts ?? opts.accessTokenOpts, ...args }, context),
+      getCredentials: (args: GetCredentialsArgs) =>
+        this.oid4vciHolderGetCredentials({ accessTokenOpts: args.accessTokenOpts ?? opts.accessTokenOpts, ...args }, context),
       addContactIdentity: (args: AddContactIdentityArgs) => this.oid4vciHolderAddContactIdentity(args, context),
       getIssuerBranding: (args: GetIssuerBrandingArgs) => this.oid4vciHolderGetIssuerBranding(args, context),
       storeIssuerBranding: (args: StoreIssuerBrandingArgs) => this.oid4vciHolderStoreIssuerBranding(args, context),
       assertValidCredentials: (args: AssertValidCredentialsArgs) => this.oid4vciHolderAssertValidCredentials(args, context),
       storeCredentialBranding: (args: StoreCredentialBrandingArgs) => this.oid4vciHolderStoreCredentialBranding(args, context),
       storeCredentials: (args: StoreCredentialsArgs) => this.oid4vciHolderStoreCredentials(args, context),
       sendNotification: (args: SendNotificationArgs) => this.oid4vciHolderSendNotification(args, context),
-      getFederationTrust: (args: GetFederationTrustArgs) => this.getFederationTrust(args, context)
+      getFederationTrust: (args: GetFederationTrustArgs) => this.getFederationTrust(args, context),
     }
 
     const oid4vciMachineInstanceArgs: OID4VCIMachineInstanceOpts = {
@@ -458,7 +460,10 @@ export class OID4VCIHolder implements IAgentPlugin {
     }
   }
 
-  private async oid4vciHoldercreateCredentialsToSelectFrom(args: createCredentialsToSelectFromArgs, context: RequiredContext): Promise<Array<CredentialToSelectFromResult>> {
+  private async oid4vciHoldercreateCredentialsToSelectFrom(
+    args: createCredentialsToSelectFromArgs,
+    context: RequiredContext,
+  ): Promise<Array<CredentialToSelectFromResult>> {
     const { credentialBranding, locale, selectedCredentials /*, openID4VCIClientState*/, credentialsSupported } = args
 
     // const client = await OpenID4VCIClient.fromState({ state: openID4VCIClientState! }) // TODO see if we need the check openID4VCIClientState defined
@@ -730,7 +735,10 @@ export class OID4VCIHolder implements IAgentPlugin {
     return context.agent.cmAddIdentity({ contactId: contact.id, identity })
   }
 
-  private async oid4vciHolderGetIssuerBranding(args: GetIssuerBrandingArgs, context: RequiredContext): Promise<Array<IIssuerLocaleBranding | IBasicIssuerLocaleBranding>> {
+  private async oid4vciHolderGetIssuerBranding(
+    args: GetIssuerBrandingArgs,
+    context: RequiredContext,
+  ): Promise<Array<IIssuerLocaleBranding | IBasicIssuerLocaleBranding>> {
     const { serverMetadata, contact } = args
 
     // Here we are fetching issuer branding for a contact. If no contact is found that means we encounter this contact for the first time. This also means we do not have any branding for the contact.
@@ -747,7 +755,7 @@ export class OID4VCIHolder implements IAgentPlugin {
 
     // We should have serverMetadata in the context else something went wrong
     if (!serverMetadata) {
-      return Promise.reject(Error('Missing serverMetadata in context'));
+      return Promise.reject(Error('Missing serverMetadata in context'))
     }
 
     return getBasicIssuerLocaleBranding({
@@ -759,12 +767,13 @@ export class OID4VCIHolder implements IAgentPlugin {
 
   private async oid4vciHolderStoreIssuerBranding(args: StoreIssuerBrandingArgs, context: RequiredContext): Promise<void> {
     const { issuerBranding, contact } = args
-    if (!issuerBranding || issuerBranding.length === 0 || (<Array<IIssuerLocaleBranding>>issuerBranding)[0].id) { // FIXME we need better separation between a contact(issuer) we encountered before and it's branding vs a new contact and it's branding
+    if (!issuerBranding || issuerBranding.length === 0 || (<Array<IIssuerLocaleBranding>>issuerBranding)[0].id) {
+      // FIXME we need better separation between a contact(issuer) we encountered before and it's branding vs a new contact and it's branding
       return
     }
 
     if (!contact) {
-      return Promise.reject(Error('Missing contact in context'));
+      return Promise.reject(Error('Missing contact in context'))
     }
 
     const issuerCorrelationId = contact?.identities
@@ -1051,19 +1060,13 @@ export class OID4VCIHolder implements IAgentPlugin {
     const openidFederation = params.get('openid_federation')
     const entityIdentifier = openidFederation ?? serverMetadata.issuer
 
-    const trustedAnchors = []
-    for (const trustAnchor of trustAnchors) {
-        const resolveResult = await context.agent.resolveTrustChain({
-          entityIdentifier,
-          trustAnchors: [trustAnchor]
-        })
-
-        if (!resolveResult.error) {
-          trustedAnchors.push(trustAnchor)
-        }
-    }
+    const result = await context.agent.identifierExternalResolveByOIDFEntityId({
+      method: 'entity_id',
+      trustAnchors: trustAnchors,
+      identifier: entityIdentifier,
+    })
 
-    return trustedAnchors
+    return Object.keys(result.trustedAnchors)
   }
 
   private async oid4vciHolderGetIssuerMetadata(args: GetIssuerMetadataArgs, context: RequiredContext): Promise<EndpointMetadataResult> {