@sphereon/oid4vci-issuer/dist/functions/ASOidcClient.js

OpenID 4 Verifiable Credential Issuance issuer REST endpoints

"use strict";
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
    return new (P || (P = Promise))(function (resolve, reject) {
        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
        step((generator = generator.apply(thisArg, _arguments || [])).next());
    });
};
Object.defineProperty(exports, "__esModule", { value: true });
exports.oidcAccessTokenVerifyCallback = void 0;
const oid4vc_common_1 = require("@sphereon/oid4vc-common");
const ssi_express_support_1 = require("@sphereon/ssi-express-support");
function oidcAccessTokenVerifyCallback(opts) {
    var _a;
    const clientMetadata = (_a = opts.clientMetadata) !== null && _a !== void 0 ? _a : { client_id: opts.credentialIssuer };
    return (args) => __awaiter(this, void 0, void 0, function* () {
        const oidcIssuer = yield (0, ssi_express_support_1.oidcDiscoverIssuer)({ issuerUrl: opts.authorizationServer });
        const oidcClient = yield (0, ssi_express_support_1.oidcGetClient)(oidcIssuer.issuer, clientMetadata);
        const introspection = yield oidcClient.introspect(args.jwt);
        if (!introspection.active) {
            return Promise.reject(Error('Access token is not active or invalid'));
        }
        const jwt = { header: (0, oid4vc_common_1.decodeProtectedHeader)(args.jwt), payload: (0, oid4vc_common_1.decodeJwt)(args.jwt) };
        return Object.assign(Object.assign(Object.assign({ jwt, alg: jwt.header.alg }, (jwt.header.jwk && { jwk: jwt.header.jwk })), (jwt.header.x5c && { x5c: jwt.header.x5c })), (jwt.header.kid && { kid: jwt.header.kid }));
    });
}
exports.oidcAccessTokenVerifyCallback = oidcAccessTokenVerifyCallback;
//# sourceMappingURL=ASOidcClient.js.map