Merge branch 'develop' into feature/SPRIND-89

# Conflicts: # packages/siop-oid4vp/lib/authorization-response/types.ts # packages/siop-oid4vp/lib/op/OP.ts # packages/siop-oid4vp/lib/schemas/AuthorizationResponseOpts.schema.ts
Sphereon-Opensource · Jan 24, 2025 · 147da96 · 147da96
2 parents fa16634 + 49de36e
commit 147da96
Show file tree

Hide file tree

Showing 42 changed files with 1,053 additions and 511 deletions.
diff --git a/.github/workflows/build-test-on-pr.yml b/.github/workflows/build-test-on-pr.yml
@@ -25,7 +25,7 @@ jobs:
           node-version: '20.x'
       - uses: pnpm/action-setup@v4
         with:
-          version: 9        
+          version: 9.15.3 # TODO remove later, we are temporary dealing with a broken pnpm version in the CI container
       - run: pnpm install
       - run: pnpm build
       - name: run CI tests

diff --git a/.github/workflows/build-test-publish-on-push.yml b/.github/workflows/build-test-publish-on-push.yml
@@ -39,7 +39,7 @@ jobs:
           node-version: '20.x'
       - uses: pnpm/action-setup@v4
         with:
-          version: 9
+          version: 9.15.3 # TODO remove later, we are temporary dealing with a broken pnpm version in the CI container
       - run: pnpm install
       - run: pnpm build
       - name: run integration tests

diff --git a/package.json b/package.json
@@ -23,7 +23,8 @@
     "node": ">=18"
   },
   "resolutions": {
-    "@sphereon/ssi-types": "0.30.2-feature.mdoc.funke2.367",
+    "@sphereon/ssi-types": "0.32.1-feature.VDX.341.53",
+    "dcql": "0.2.19",
     "node-fetch": "2.6.12"
   },
   "prettier": {
@@ -66,4 +67,3 @@
     "OID4VP"
   ]
 }
-
diff --git a/packages/callback-example/package.json b/packages/callback-example/package.json
@@ -19,7 +19,7 @@
     "@sphereon/oid4vci-client": "workspace:*",
     "@sphereon/oid4vci-common": "workspace:*",
     "@sphereon/oid4vci-issuer": "workspace:*",
-    "@sphereon/ssi-types": "0.30.2-feature.mdoc.funke2.367",
+    "@sphereon/ssi-types": "0.32.1-feature.VDX.341.53",
     "jose": "^4.10.0"
   },
   "devDependencies": {

diff --git a/packages/client/lib/OpenID4VCIClient.ts b/packages/client/lib/OpenID4VCIClient.ts
@@ -136,6 +136,7 @@ export class OpenID4VCIClient {
     pkce,
     authorizationRequest,
     createAuthorizationRequestURL,
+    endpointMetadata
   }: {
     credentialIssuer: string;
     kid?: string;
@@ -145,6 +146,7 @@ export class OpenID4VCIClient {
     createAuthorizationRequestURL?: boolean;
     authorizationRequest?: AuthorizationRequestOpts; // Can be provided here, or when manually calling createAuthorizationUrl
     pkce?: PKCEOpts;
+    endpointMetadata?: EndpointMetadataResult
   }) {
     const client = new OpenID4VCIClient({
       kid,
@@ -153,6 +155,7 @@ export class OpenID4VCIClient {
       credentialIssuer,
       pkce,
       authorizationRequest,
+      endpointMetadata
     });
     if (retrieveServerMetadata === undefined || retrieveServerMetadata) {
       await client.retrieveServerMetadata();
@@ -179,6 +182,7 @@ export class OpenID4VCIClient {
     createAuthorizationRequestURL,
     authorizationRequest,
     resolveOfferUri,
+    endpointMetadata
   }: {
     uri: string;
     kid?: string;
@@ -189,6 +193,7 @@ export class OpenID4VCIClient {
     pkce?: PKCEOpts;
     clientId?: string;
     authorizationRequest?: AuthorizationRequestOpts; // Can be provided here, or when manually calling createAuthorizationUrl
+    endpointMetadata?: EndpointMetadataResult
   }): Promise<OpenID4VCIClient> {
     const credentialOfferClient = await CredentialOfferClient.fromURI(uri, { resolve: resolveOfferUri });
     const client = new OpenID4VCIClient({
@@ -198,6 +203,7 @@ export class OpenID4VCIClient {
       clientId: clientId ?? authorizationRequest?.clientId ?? credentialOfferClient.clientId,
       pkce,
       authorizationRequest,
+      endpointMetadata
     });
 
     if (retrieveServerMetadata === undefined || retrieveServerMetadata) {

diff --git a/packages/client/package.json b/packages/client/package.json
@@ -17,7 +17,7 @@
   "dependencies": {
     "@sphereon/oid4vc-common": "workspace:*",
     "@sphereon/oid4vci-common": "workspace:*",
-    "@sphereon/ssi-types": "0.30.2-feature.mdoc.funke2.367",
+    "@sphereon/ssi-types": "0.32.1-feature.VDX.341.53",
     "cross-fetch": "^3.1.8",
     "debug": "^4.3.5"
   },

diff --git a/packages/common/package.json b/packages/common/package.json
@@ -10,7 +10,7 @@
     "build:clean": "tsc --build --clean && tsc --build"
   },
   "dependencies": {
-    "@sphereon/ssi-types": "0.30.2-feature.mdoc.funke2.367",
+    "@sphereon/ssi-types": "0.32.1-feature.VDX.341.53",
     "jwt-decode": "^4.0.0",
     "sha.js": "^2.4.11",
     "uint8arrays": "3.1.1",

diff --git a/packages/issuer-rest/package.json b/packages/issuer-rest/package.json
@@ -15,7 +15,7 @@
     "@sphereon/oid4vci-common": "workspace:*",
     "@sphereon/oid4vci-issuer": "workspace:*",
     "@sphereon/ssi-express-support": "0.30.2-feature.mdoc.funke2.367",
-    "@sphereon/ssi-types": "0.30.2-feature.mdoc.funke2.367",
+    "@sphereon/ssi-types": "0.32.1-feature.VDX.341.53",
     "body-parser": "^1.20.2",
     "cookie-parser": "^1.4.6",
     "cors": "^2.8.5",

diff --git a/packages/issuer/package.json b/packages/issuer/package.json
@@ -12,7 +12,7 @@
   "dependencies": {
     "@sphereon/oid4vc-common": "workspace:*",
     "@sphereon/oid4vci-common": "workspace:*",
-    "@sphereon/ssi-types": "0.30.2-feature.mdoc.funke2.367",
+    "@sphereon/ssi-types": "0.32.1-feature.VDX.341.53",
     "uuid": "^9.0.0"
   },
   "peerDependencies": {

diff --git a/packages/oid4vci-common/package.json b/packages/oid4vci-common/package.json
@@ -11,7 +11,7 @@
   },
   "dependencies": {
     "@sphereon/oid4vc-common": "workspace:*",
-    "@sphereon/ssi-types": "0.30.2-feature.mdoc.funke2.367",
+    "@sphereon/ssi-types": "0.32.1-feature.VDX.341.53",
     "cross-fetch": "^3.1.8",
     "debug": "^4.3.5",
     "jwt-decode": "^4.0.0",

diff --git a/packages/siop-oid4vp/lib/__tests__/AuthenticationRequest.request.spec.ts b/packages/siop-oid4vp/lib/__tests__/AuthenticationRequest.request.spec.ts
@@ -26,6 +26,7 @@ import {
   VERIFIERZ_PURPOSE_TO_VERIFY,
   VERIFIERZ_PURPOSE_TO_VERIFY_NL,
 } from './data/mockedData'
+import { DcqlQuery } from 'dcql'
 
 const EXAMPLE_REDIRECT_URL = 'https://acme.com/hello'
 const EXAMPLE_REFERENCE_URL = 'https://rp.acme.com/siop/jwts'
@@ -671,4 +672,85 @@ describe('create Request JWT should', () => {
     }
     await expect(URI.fromOpts(opts)).rejects.toThrow(SIOPErrors.REQUEST_CLAIMS_PRESENTATION_DEFINITION_NOT_VALID)
   })
+
+  it('should succeed when requesting with a valid dcql query', async () => {
+    const dcqlQuery: DcqlQuery = {
+      credentials: [
+        {
+          id: 'Credentials',
+          format: 'jwt_vc_json',
+          claims: [
+            {
+              id: 'ID Card Credential',
+              path: ['$.issuer.id'],
+              values: ['did:example:issuer'],
+            },
+          ],
+        },
+      ],
+    }
+    const opts: CreateAuthorizationRequestOpts = {
+      version: SupportedVersion.SIOPv2_ID1,
+      payload: {
+        client_id: WELL_KNOWN_OPENID_FEDERATION,
+        scope: 'test',
+        response_type: 'vp_token',
+        request_object_signing_alg_values_supported: [SigningAlgo.ES256, SigningAlgo.EDDSA],
+        redirect_uri: EXAMPLE_REDIRECT_URL,
+      },
+      requestObject: {
+        jwtIssuer: { method: 'did', didUrl: KID, alg: SigningAlgo.ES256K },
+        passBy: PassBy.REFERENCE,
+        reference_uri: EXAMPLE_REFERENCE_URL,
+
+        createJwtCallback: getCreateJwtCallback({
+          hexPrivateKey: HEX_KEY,
+          did: DID,
+          kid: KID,
+          alg: SigningAlgo.ES256K,
+        }),
+        payload: {
+          client_id: WELL_KNOWN_OPENID_FEDERATION,
+          scope: 'test',
+          response_type: 'vp_token',
+          redirect_uri: EXAMPLE_REDIRECT_URL,
+          request_object_signing_alg_values_supported: [SigningAlgo.EDDSA, SigningAlgo.ES256],
+          claims: {
+            vp_token: {
+              dcql_query: JSON.stringify(dcqlQuery)
+            },
+          },
+        },
+      },
+      clientMetadata: {
+        client_id: WELL_KNOWN_OPENID_FEDERATION,
+        idTokenSigningAlgValuesSupported: [SigningAlgo.EDDSA, SigningAlgo.ES256],
+        requestObjectSigningAlgValuesSupported: [SigningAlgo.EDDSA, SigningAlgo.ES256],
+        responseTypesSupported: [ResponseType.ID_TOKEN],
+        scopesSupported: [Scope.OPENID_DIDAUTHN, Scope.OPENID],
+        subject_syntax_types_supported: ['did:ethr:', SubjectIdentifierType.DID],
+        subjectTypesSupported: [SubjectType.PAIRWISE],
+        vpFormatsSupported: {
+          ldp_vc: {
+            proof_type: [IProofType.EcdsaSecp256k1Signature2019, IProofType.EcdsaSecp256k1Signature2019],
+          },
+        },
+
+        passBy: PassBy.VALUE,
+
+        logo_uri: VERIFIER_LOGO_FOR_CLIENT,
+        clientName: VERIFIER_NAME_FOR_CLIENT,
+        'clientName#nl-NL': VERIFIER_NAME_FOR_CLIENT_NL + '2022100305',
+        clientPurpose: VERIFIERZ_PURPOSE_TO_VERIFY,
+        'clientPurpose#nl-NL': VERIFIERZ_PURPOSE_TO_VERIFY_NL,
+      },
+    }
+
+    const uriRequest = await URI.fromOpts(opts)
+
+    const uriDecoded = decodeURIComponent(uriRequest.encodedUri)
+    expect(uriDecoded.startsWith('openid4vp://?')).toBeTruthy()
+    expect(uriDecoded).toContain(`request_uri=https://rp.acme.com/siop/jwts`)
+    expect((await (await uriRequest.toAuthorizationRequest())?.requestObject?.getPayload())?.claims.vp_token).toBeDefined()
+  })
 })