diff --git a/packages/client/lib/CredentialRequestClient.ts b/packages/client/lib/CredentialRequestClient.ts index 8bcdfb89..f4f3508d 100644 --- a/packages/client/lib/CredentialRequestClient.ts +++ b/packages/client/lib/CredentialRequestClient.ts @@ -123,9 +123,7 @@ export class CredentialRequestClient { return { format, proof, - credential_definition: { - vct: types[0], - }, + vct: types[0], }; } diff --git a/packages/client/lib/OpenID4VCIClient.ts b/packages/client/lib/OpenID4VCIClient.ts index f0548293..377b638a 100644 --- a/packages/client/lib/OpenID4VCIClient.ts +++ b/packages/client/lib/OpenID4VCIClient.ts @@ -411,8 +411,8 @@ export class OpenID4VCIClient { return [c]; } else if ('types' in c) { return c.types; - } else if ('vct' in c.credential_definition) { - return [c.credential_definition.vct]; + } else if ('vct' in c) { + return [c.vct]; } else { return c.credential_definition.types; } diff --git a/packages/client/lib/__tests__/SdJwt.spec.ts b/packages/client/lib/__tests__/SdJwt.spec.ts index 3a9c8804..e3f8311d 100644 --- a/packages/client/lib/__tests__/SdJwt.spec.ts +++ b/packages/client/lib/__tests__/SdJwt.spec.ts @@ -15,9 +15,7 @@ const issuerMetadata = new IssuerMetadataBuilderV1_11() .withTokenEndpoint('https://token-endpoint.example.com') .addSupportedCredential({ format: 'vc+sd-jwt', - credential_definition: { - vct: 'SdJwtCredential', - }, + vct: 'SdJwtCredential', id: 'SdJwtCredentialId', }) .build(); @@ -98,9 +96,7 @@ describe('sd-jwt vc', () => { const supported = client.getCredentialsSupported(true, 'vc+sd-jwt'); expect(supported).toEqual([ { - credential_definition: { - vct: 'SdJwtCredential', - }, + vct: 'SdJwtCredential', format: 'vc+sd-jwt', id: 'SdJwtCredentialId', }, @@ -143,7 +139,7 @@ describe('sd-jwt vc', () => { ); const credentials = await client.acquireCredentials({ - credentialTypes: [offered.credential_definition.vct], + credentialTypes: [offered.vct], format: 'vc+sd-jwt', alg, jwk, @@ -156,7 +152,7 @@ describe('sd-jwt vc', () => { expect(credentials).toEqual({ c_nonce: 'new-c-nonce', c_nonce_expires_in: 300000, - credential: 'sd-jwt', // TODO: make this a real sd-jwt vc + credential: 'sd-jwt', format: 'vc+sd-jwt', }); }, diff --git a/packages/common/lib/functions/CredentialOfferUtil.ts b/packages/common/lib/functions/CredentialOfferUtil.ts index 7f2428f1..df56e116 100644 --- a/packages/common/lib/functions/CredentialOfferUtil.ts +++ b/packages/common/lib/functions/CredentialOfferUtil.ts @@ -353,7 +353,7 @@ export function getTypesFromOffer(credentialOffer: UniformCredentialOfferPayload } else if (curr.format === 'jwt_vc_json') { return [...prev, ...curr.types]; } else if (curr.format === 'vc+sd-jwt') { - return [...prev, curr.credential_definition.vct]; + return [...prev, curr.vct]; } return prev; diff --git a/packages/common/lib/functions/CredentialRequestUtil.ts b/packages/common/lib/functions/CredentialRequestUtil.ts index 66ee9fe6..854ca3b6 100644 --- a/packages/common/lib/functions/CredentialRequestUtil.ts +++ b/packages/common/lib/functions/CredentialRequestUtil.ts @@ -9,7 +9,7 @@ export function getTypesFromRequest(credentialRequest: UniformCredentialRequest, } else if (credentialRequest.format === 'jwt_vc_json-ld' || credentialRequest.format === 'ldp_vc') { types = credentialRequest.credential_definition.types; } else if (credentialRequest.format === 'vc+sd-jwt') { - types = [credentialRequest.credential_definition.vct]; + types = [credentialRequest.vct]; } if (!types || types.length === 0) { diff --git a/packages/common/lib/functions/IssuerMetadataUtils.ts b/packages/common/lib/functions/IssuerMetadataUtils.ts index 40eb85d6..d031974d 100644 --- a/packages/common/lib/functions/IssuerMetadataUtils.ts +++ b/packages/common/lib/functions/IssuerMetadataUtils.ts @@ -104,7 +104,7 @@ export function getTypesFromCredentialSupported(credentialSupported: CredentialS if (credentialSupported.format === 'jwt_vc_json' || credentialSupported.format === 'jwt_vc_json-ld' || credentialSupported.format === 'ldp_vc') { types = credentialSupported.types; } else if (credentialSupported.format === 'vc+sd-jwt') { - types = [credentialSupported.credential_definition.vct]; + types = [credentialSupported.vct]; } if (!types || types.length === 0) { diff --git a/packages/common/lib/types/Authorization.types.ts b/packages/common/lib/types/Authorization.types.ts index 0276d510..895eef20 100644 --- a/packages/common/lib/types/Authorization.types.ts +++ b/packages/common/lib/types/Authorization.types.ts @@ -5,7 +5,6 @@ import { JsonLdIssuerCredentialDefinition, OID4VCICredentialFormat, PRE_AUTH_CODE_LITERAL, - SdJwtVcCredentialDefinition, } from './Generic.types'; import { EndpointMetadata } from './ServerMetadata'; @@ -140,7 +139,8 @@ export interface AuthorizationDetailsJwtVcJsonLdAndLdpVc extends CommonAuthoriza export interface AuthorizationDetailsSdJwtVc extends CommonAuthorizationDetails { format: 'vc+sd-jwt'; - credential_definition: SdJwtVcCredentialDefinition; + vct: string; + claims?: IssuerCredentialSubject; } export enum GrantTypes { diff --git a/packages/common/lib/types/Generic.types.ts b/packages/common/lib/types/Generic.types.ts index 16e042df..28a75909 100644 --- a/packages/common/lib/types/Generic.types.ts +++ b/packages/common/lib/types/Generic.types.ts @@ -90,16 +90,12 @@ export interface CredentialSupportedJwtVcJson extends CommonCredentialSupported format: 'jwt_vc_json'; } -export interface SdJwtVcCredentialDefinition { - vct: string; // REQUIRED. JSON string designating the type of an SD-JWT vc - claims?: IssuerCredentialSubject; -} - export interface CredentialSupportedSdJwtVc extends CommonCredentialSupported { format: 'vc+sd-jwt'; - // REQUIRED. JSON object containing the detailed description of the credential type - credential_definition: SdJwtVcCredentialDefinition; + vct: string; + claims?: IssuerCredentialSubject; + order?: string[]; //An array of claims.display.name values that lists them in the order they should be displayed by the Wallet. } @@ -121,9 +117,14 @@ export interface CredentialOfferFormatJwtVcJson extends CommonCredentialOfferFor types: string[]; // REQUIRED. JSON array as defined in Appendix E.1.1.2. This claim contains the type values the Wallet shall request in the subsequent Credential Request. } +// NOTE: the sd-jwt format is added to oid4vci in a later draft version than currently +// supported, so there's no defined offer format. However, based on the request structure +// we support sd-jwt for older drafts of oid4vci as well export interface CredentialOfferFormatSdJwtVc extends CommonCredentialOfferFormat { format: 'vc+sd-jwt'; - credential_definition: SdJwtVcCredentialDefinition; + + vct: string; + claims?: IssuerCredentialSubject; } export type CredentialOfferFormat = CommonCredentialOfferFormat & @@ -176,7 +177,8 @@ export interface CredentialRequestJwtVcJsonLdAndLdpVc extends CommonCredentialRe export interface CredentialRequestSdJwtVc extends CommonCredentialRequest { format: 'vc+sd-jwt'; - credential_definition: SdJwtVcCredentialDefinition; + vct: string; + claims?: IssuerCredentialSubject; } export interface CommonCredentialResponse { diff --git a/packages/issuer/lib/builder/CredentialSupportedBuilderV1_11.ts b/packages/issuer/lib/builder/CredentialSupportedBuilderV1_11.ts index 1ba45598..ab2ecafa 100644 --- a/packages/issuer/lib/builder/CredentialSupportedBuilderV1_11.ts +++ b/packages/issuer/lib/builder/CredentialSupportedBuilderV1_11.ts @@ -125,9 +125,7 @@ export class CredentialSupportedBuilderV1_11 { if (this.types.length > 1) { throw new Error('Only one type is allowed for vc+sd-jwt') } - credentialSupported.credential_definition = { - vct: this.types[0], - } + credentialSupported.vct = this.types[0] } // And else would work here, but this way we get the correct typing else if (isNotFormat(credentialSupported, 'vc+sd-jwt')) {