@sphereon/ssi-sdk.oid4vci-issuer
Version:
211 lines (204 loc) • 8.57 kB
TypeScript
import { IPluginMethodMap, IAgentContext, IDIDManager, IResolver, IKeyManager, ICredentialIssuer, IAgentPlugin } from '@veramo/core';
import { CredentialDataSupplier, VcIssuer, CredentialSignerCallback, VcIssuerBuilder } from '@sphereon/oid4vci-issuer';
import { Grant, CredentialConfigurationSupported, JsonLdIssuerCredentialDefinition, CredentialDataSupplierInput, QRCodeOpts, StatusListOpts, CredentialOfferMode, CredentialOfferSession, CredentialRequest, CredentialResponse, AccessTokenRequest, AccessTokenResponse, ClientMetadata, CredentialIssuerMetadataOpts, IssuerMetadata, AuthorizationServerMetadata, JwtVerifyResult, Jwt } from '@sphereon/oid4vci-common';
import { ResolveOpts, IDIDOptions } from '@sphereon/ssi-sdk-ext.did-utils';
import * as _sphereon_ssi_sdk_ext_identifier_resolution from '@sphereon/ssi-sdk-ext.identifier-resolution';
import { IIdentifierResolution, ManagedIdentifierOptsOrResult } from '@sphereon/ssi-sdk-ext.identifier-resolution';
import { IOID4VCIStore } from '@sphereon/ssi-sdk.oid4vci-issuer-store';
import { ICredential } from '@sphereon/ssi-types';
import { IJwtService } from '@sphereon/ssi-sdk-ext.jwt-service';
import { JWTVerifyOptions } from 'did-jwt';
import { Resolvable } from 'did-resolver';
type IssuerCredentialDefinition = JsonLdIssuerCredentialDefinition;
interface IOID4VCIIssuer extends IPluginMethodMap {
oid4vciCreateOfferURI(createArgs: ICreateOfferArgs, context: IRequiredContext): Promise<ICreateCredentialOfferURIResult>;
oid4vciIssueCredential(issueArgs: IIssueCredentialArgs, context: IRequiredContext): Promise<CredentialResponse>;
oid4vciCreateAccessTokenResponse(accessTokenArgs: IAssertValidAccessTokenArgs, context: IRequiredContext): Promise<AccessTokenResponse>;
oid4vciGetInstance(args: IIssuerInstanceArgs, context: IRequiredContext): Promise<IssuerInstance>;
}
interface IOID4VCIIssuerOpts {
defaultStoreId?: string;
defaultNamespace?: string;
resolveOpts?: ResolveOpts;
returnSessions?: boolean;
}
interface ICreateOfferArgs extends IIssuerInstanceArgs {
grants?: Grant;
credentials?: Record<string, CredentialConfigurationSupported>;
credentialDefinition?: IssuerCredentialDefinition;
credentialOfferUri?: string;
credentialDataSupplierInput?: CredentialDataSupplierInput;
redirectUri?: string;
correlationId?: string;
sessionLifeTimeInSec?: number;
qrCodeOpts?: QRCodeOpts;
client_id?: string;
statusListOpts?: Array<StatusListOpts>;
offerMode?: CredentialOfferMode;
baseUri?: string;
scheme?: string;
pinLength?: number;
}
interface IIssueCredentialArgs extends IIssuerInstanceArgs {
credentialRequest: CredentialRequest;
credential?: ICredential;
credentialDataSupplier?: CredentialDataSupplier;
credentialDataSupplierInput?: CredentialDataSupplierInput;
newCNonce?: string;
cNonceExpiresIn?: number;
tokenExpiresIn?: number;
responseCNonce?: string;
}
interface IAssertValidAccessTokenArgs extends IIssuerInstanceArgs {
request: AccessTokenRequest;
expirationDuration: number;
}
interface IIssuerInstanceArgs {
credentialIssuer: string;
storeId?: string;
namespace?: string;
}
interface IIssuerInstanceOptions extends IMetadataOptions {
issuerOpts?: IIssuerOptions;
metadataOpts?: CredentialIssuerMetadataOpts;
}
interface IIssuerOptions {
asClientOpts?: ClientMetadata;
idOpts?: ManagedIdentifierOptsOrResult;
resolveOpts?: ResolveOpts;
/**
* @deprecated: use idOpts
*/
didOpts?: IDIDOptions;
userPinRequired?: boolean;
cNonceExpiresIn?: number;
/**
* Used in the callbacks for the first party flow
*/
presentationDefinitionId?: string;
}
interface IMetadataOptions {
credentialIssuer: string;
storeId?: string;
storeNamespace?: string;
}
type ICreateCredentialOfferURIResult = {
uri: string;
session?: CredentialOfferSession;
userPin?: string;
userPinLength?: number;
};
type IRequiredContext = IAgentContext<IIdentifierResolution & IDIDManager & IResolver & IKeyManager & ICredentialIssuer & IOID4VCIStore & IJwtService>;
declare class IssuerInstance {
private _issuer;
private readonly _metadataOptions;
private readonly _issuerOptions;
private _issuerMetadata;
private readonly _authorizationServerMetadata;
constructor({ issuerOpts, metadataOpts, issuerMetadata, authorizationServerMetadata, }: {
issuerOpts: IIssuerOptions;
metadataOpts: IMetadataOptions;
issuerMetadata: IssuerMetadata;
authorizationServerMetadata: AuthorizationServerMetadata;
});
get(opts: {
context: IRequiredContext;
credentialDataSupplier?: CredentialDataSupplier;
}): Promise<VcIssuer>;
get issuerOptions(): IIssuerOptions;
get metadataOptions(): IMetadataOptions;
get issuerMetadata(): IssuerMetadata;
set issuerMetadata(value: IssuerMetadata);
get authorizationServerMetadata(): AuthorizationServerMetadata;
}
declare class OID4VCIIssuer implements IAgentPlugin {
private static readonly _DEFAULT_OPTS_KEY;
private readonly instances;
readonly schema: any;
readonly methods: IOID4VCIIssuer;
private _opts;
constructor(opts?: IOID4VCIIssuerOpts);
private oid4vciCreateOfferURI;
private oid4vciIssueCredential;
private oid4vciCreateAccessTokenResponse;
private getExternalAS;
private createIssuerInstance;
oid4vciGetInstance(args: IIssuerInstanceArgs, context: IRequiredContext): Promise<IssuerInstance>;
private getIssuerOptsFromStore;
private getMetadataOpts;
private getIssuerMetadata;
private getAuthorizationServerMetadataFromStore;
private storeId;
private namespace;
}
declare function getJwtVerifyCallback({ verifyOpts }: {
verifyOpts?: JWTVerifyOptions;
}, _context: IRequiredContext): (args: {
jwt: string;
kid?: string;
}) => Promise<JwtVerifyResult>;
declare function getAccessTokenKeyRef(opts: {
/**
* Uniform identifier options
*/
idOpts?: ManagedIdentifierOptsOrResult;
/**
* @deprecated
*/
iss?: string;
/**
* @deprecated
*/
keyRef?: string;
/**
* @deprecated
*/
didOpts?: IDIDOptions;
}, context: IRequiredContext): Promise<_sphereon_ssi_sdk_ext_identifier_resolution.ManagedIdentifierResult>;
declare function getAccessTokenSignerCallback(opts: {
/**
* Uniform identifier options
*/
idOpts?: ManagedIdentifierOptsOrResult;
/**
* @deprecated
*/
iss?: string;
/**
* @deprecated
*/
keyRef?: string;
/**
* @deprecated
*/
didOpts?: IDIDOptions;
}, context: IRequiredContext): Promise<(jwt: Jwt, kid?: string) => Promise<string>>;
declare function getCredentialSignerCallback(idOpts: ManagedIdentifierOptsOrResult & {
crypto?: Crypto;
}, context: IRequiredContext): Promise<CredentialSignerCallback>;
declare function createVciIssuerBuilder(args: {
issuerOpts: IIssuerOptions;
issuerMetadata: IssuerMetadata;
authorizationServerMetadata: AuthorizationServerMetadata;
resolver?: Resolvable;
credentialDataSupplier?: CredentialDataSupplier;
}, context: IRequiredContext): Promise<VcIssuerBuilder>;
declare function createVciIssuer({ issuerOpts, issuerMetadata, authorizationServerMetadata, credentialDataSupplier, }: {
issuerOpts: IIssuerOptions;
issuerMetadata: IssuerMetadata;
authorizationServerMetadata: AuthorizationServerMetadata;
credentialDataSupplier?: CredentialDataSupplier;
}, context: IRequiredContext): Promise<VcIssuer>;
declare function createAuthRequestUriCallback(opts: {
path: string;
presentationDefinitionId: string;
}): Promise<() => Promise<string>>;
declare function createVerifyAuthResponseCallback(opts: {
path: string;
presentationDefinitionId: string;
}): Promise<(correlationId: string) => Promise<boolean>>;
/**
* @public
*/
declare const schema: any;
export { type IAssertValidAccessTokenArgs, type ICreateCredentialOfferURIResult, type ICreateOfferArgs, type IIssueCredentialArgs, type IIssuerInstanceArgs, type IIssuerInstanceOptions, type IIssuerOptions, type IMetadataOptions, type IOID4VCIIssuer, type IOID4VCIIssuerOpts, type IRequiredContext, type IssuerCredentialDefinition, IssuerInstance, OID4VCIIssuer, createAuthRequestUriCallback, createVciIssuer, createVciIssuerBuilder, createVerifyAuthResponseCallback, getAccessTokenKeyRef, getAccessTokenSignerCallback, getCredentialSignerCallback, getJwtVerifyCallback, schema };