@sphereon/ssi-types/dist/types/mso_mdoc.js

SSI Common Types

"use strict";
/**
 * Create some interface below to do a the mapping of the KMP library.
 * For now we are using the library directly, and thus do not need them,
 * but it would be nice if we can remove the imports and just have some interfaces here we can then use, like done
 * for sd-jwts
 */
Object.defineProperty(exports, "__esModule", { value: true });
exports.mdocDecodedCredentialToUniformCredential = void 0;
exports.isWrappedMdocCredential = isWrappedMdocCredential;
exports.isWrappedMdocPresentation = isWrappedMdocPresentation;
exports.getMdocDecodedPayload = getMdocDecodedPayload;
exports.decodeMdocIssuerSigned = decodeMdocIssuerSigned;
exports.encodeMdocIssuerSigned = encodeMdocIssuerSigned;
exports.decodeMdocDeviceResponse = decodeMdocDeviceResponse;
const kmp_mdoc_core_1 = require("@sphereon/kmp-mdoc-core");
const did_1 = require("./did");
var decodeFrom = kmp_mdoc_core_1.com.sphereon.kmp.decodeFrom;
var encodeTo = kmp_mdoc_core_1.com.sphereon.kmp.encodeTo;
var Encoding = kmp_mdoc_core_1.com.sphereon.kmp.Encoding;
var DeviceResponseCbor = kmp_mdoc_core_1.com.sphereon.mdoc.data.device.DeviceResponseCbor;
var IssuerSignedCbor = kmp_mdoc_core_1.com.sphereon.mdoc.data.device.IssuerSignedCbor;
function isWrappedMdocCredential(vc) {
    return vc.format === 'mso_mdoc';
}
function isWrappedMdocPresentation(vp) {
    return vp.format === 'mso_mdoc';
}
function getMdocDecodedPayload(mdoc) {
    const mdocJson = mdoc.toJson();
    if (!mdocJson.issuerSigned.nameSpaces) {
        throw Error(`Cannot access Issuer Signed items from the Mdoc`);
    }
    const issuerSignedJson = mdoc.issuerSigned.toJsonDTO();
    const namespaces = issuerSignedJson.nameSpaces;
    const decodedPayload = {};
    for (const [namespace, items] of Object.entries(namespaces)) {
        decodedPayload[namespace] = items.reduce((acc, item) => (Object.assign(Object.assign({}, acc), { [item.key]: item.value.value })), {});
    }
    return decodedPayload;
}
/**
 * Decode an Mdoc from its issuerSigned OID4VP Base64URL (string) to an object containing the disclosures,
 * signed payload, decoded payload
 *
 */
function decodeMdocIssuerSigned(oid4vpIssuerSigned) {
    // Issuer signed according to 18013-7 in base64url
    const issuerSigned = IssuerSignedCbor.Static.cborDecode(decodeFrom(oid4vpIssuerSigned, Encoding.BASE64URL));
    // Create an mdoc from it. // Validations need to be performed by the caller after this!
    const holderMdoc = issuerSigned.toDocument();
    return holderMdoc;
}
function encodeMdocIssuerSigned(issuerSigned, encoding = 'base64url') {
    return encodeTo(issuerSigned.cborEncode(), Encoding.BASE64URL);
}
/**
 * Decode an Mdoc from its vp_token OID4VP Base64URL (string) to an object containing the disclosures,
 * signed payload, decoded payload
 *
 */
function decodeMdocDeviceResponse(vpToken) {
    const deviceResponse = DeviceResponseCbor.Static.cborDecode(decodeFrom(vpToken, Encoding.BASE64URL));
    return deviceResponse;
}
// TODO naive implementation of mapping a mdoc onto a IVerifiableCredential. Needs some fixes and further implementation and needs to be moved out of ssi-types
const mdocDecodedCredentialToUniformCredential = (decoded, 
// @ts-ignore
opts) => {
    var _a;
    const mdoc = decoded.toJson();
    const json = mdoc.toJsonDTO();
    const type = 'Personal Identification Data';
    const MSO = mdoc.MSO;
    if (!MSO || !((_a = json.issuerSigned) === null || _a === void 0 ? void 0 : _a.nameSpaces)) {
        throw Error(`Cannot access Mobile Security Object or Issuer Signed items from the Mdoc`);
    }
    const nameSpaces = json.issuerSigned.nameSpaces;
    if (!('eu.europa.ec.eudi.pid.1' in nameSpaces)) {
        throw Error(`Only PID supported at present`);
    }
    const items = nameSpaces['eu.europa.ec.eudi.pid.1'];
    if (!items || items.length === 0) {
        throw Error(`No issuer signed items were found`);
    }
    const credentialSubject = items.reduce((acc, item) => {
        if (Array.isArray(item.value)) {
            acc[item.key] = item.value.map((val) => val.value).join(', ');
        }
        else {
            acc[item.key] = item.value.value;
        }
        return acc;
    }, {});
    const validFrom = MSO.validityInfo.validFrom;
    const validUntil = MSO.validityInfo.validUntil;
    const docType = MSO.docType;
    const expirationDate = validUntil;
    let issuanceDateStr = validFrom;
    const issuanceDate = issuanceDateStr;
    if (!issuanceDate) {
        throw Error(`JWT issuance date is required but was not present`);
    }
    const credential = {
        type: [docType], // Mdoc not a W3C VC, so no VerifiableCredential
        '@context': [], // Mdoc has no JSON-LD by default. Certainly not the VC DM1 default context for JSON-LD
        credentialSubject: Object.assign({ type }, credentialSubject),
        issuanceDate,
        expirationDate,
        proof: {
            type: did_1.IProofType.MdocProof2024,
            created: issuanceDate,
            proofPurpose: did_1.IProofPurpose.authentication,
            verificationMethod: json.issuerSigned.issuerAuth.payload,
            mso_mdoc: encodeTo(decoded.cborEncode(), Encoding.BASE64URL),
        },
    };
    return credential;
};
exports.mdocDecodedCredentialToUniformCredential = mdocDecodedCredentialToUniformCredential;
//# sourceMappingURL=mso_mdoc.js.map