Merge remote-tracking branch 'origin/develop' into feature/WAL-646

CHANGELOG.md

@@ -3,6 +3,44 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [0.7.3](https://github.com/Sphereon-Opensource/OID4VCI/compare/v0.7.2...v0.7.3) (2023-09-30)
+
+
+### Bug Fixes
+
+* allow token endpoint to be defined in metadata without triggering logic for external AS ([d99304c](https://github.com/Sphereon-Opensource/OID4VCI/commit/d99304cd02b92974785f516e8bd82900cc3e0925))
+
+
+
+
+
+## [0.7.2](https://github.com/Sphereon-Opensource/OID4VCI/compare/v0.7.1...v0.7.2) (2023-09-28)
+
+
+### Bug Fixes
+
+* id lookup against server metadata not working ([592ec4b](https://github.com/Sphereon-Opensource/OID4VCI/commit/592ec4b837898eb3022d19479d79b6065e7a0d9e))
+
+
+
+
+
+## [0.7.1](https://github.com/Sphereon-Opensource/OID4VCI/compare/v0.7.0...v0.7.1) (2023-09-28)
+
+
+### Bug Fixes
+
+* Better match credential offer types and formats onto issuer metadata ([4044c21](https://github.com/Sphereon-Opensource/OID4VCI/commit/4044c2175b4cbee16f44c8bb5499bba249ca4993))
+* clearinterval ([214e3c6](https://github.com/Sphereon-Opensource/OID4VCI/commit/214e3c6d7ced9b27c50186db8ed876330230a6a5))
+* Fix credential offer matching against metadata ([3c23bab](https://github.com/Sphereon-Opensource/OID4VCI/commit/3c23bab83569e04a4b5846fed83ce00d68e8ddce))
+* Fix credential offer matching against metadata ([b79027f](https://github.com/Sphereon-Opensource/OID4VCI/commit/b79027fe601ecccb1373ba399419e14f5ec2d7ff))
+* relax auth_endpoint handling. Doesn't have to be available when doing pre-auth flow. Client handles errors anyway in case of auth/par flow ([ce39958](https://github.com/Sphereon-Opensource/OID4VCI/commit/ce39958f21f82243f26111fd14bd2443517eef9c))
+* relax auth_endpoint handling. Doesn't have to be available when doing pre-auth flow. Client handles errors anyway in case of auth/par flow ([cb5f9c1](https://github.com/Sphereon-Opensource/OID4VCI/commit/cb5f9c1c12285508c6d403814d032e8883a59e7d))
+
+
+
+
+
 # [0.7.0](https://github.com/Sphereon-Opensource/OID4VCI/compare/v0.6.0...v0.7.0) (2023-08-19)
 
 

lerna.json

@@ -2,7 +2,7 @@
   "packages": [
     "packages/*"
   ],
-  "version": "0.7.0",
+  "version": "0.7.3",
   "npmClient": "pnpm",
   "command": {
     "publish": {

packages/callback-example/CHANGELOG.md

@@ -3,6 +3,33 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [0.7.3](https://github.com/Sphereon-Opensource/OID4VCI/compare/v0.7.2...v0.7.3) (2023-09-30)
+
+**Note:** Version bump only for package @sphereon/oid4vci-callback-example
+
+
+
+
+
+## [0.7.2](https://github.com/Sphereon-Opensource/OID4VCI/compare/v0.7.1...v0.7.2) (2023-09-28)
+
+**Note:** Version bump only for package @sphereon/oid4vci-callback-example
+
+
+
+
+
+## [0.7.1](https://github.com/Sphereon-Opensource/OID4VCI/compare/v0.7.0...v0.7.1) (2023-09-28)
+
+
+### Bug Fixes
+
+* Better match credential offer types and formats onto issuer metadata ([4044c21](https://github.com/Sphereon-Opensource/OID4VCI/commit/4044c2175b4cbee16f44c8bb5499bba249ca4993))
+
+
+
+
+
 # [0.7.0](https://github.com/Sphereon-Opensource/OID4VCI/compare/v0.6.0...v0.7.0) (2023-08-19)
 
 ### Features

packages/callback-example/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@sphereon/oid4vci-callback-example",
-  "version": "0.7.0",
+  "version": "0.7.3",
   "description": "OpenID 4 Verifiable Credential Issuance issuer callback example",
   "source": "lib/index.ts",
   "main": "dist/index.js",
@@ -18,7 +18,7 @@
     "@sphereon/oid4vci-client": "workspace:*",
     "@sphereon/oid4vci-common": "workspace:*",
     "@sphereon/oid4vci-issuer": "workspace:*",
-    "@sphereon/ssi-types": "^0.15.1",
+    "@sphereon/ssi-types": "0.17.2",
     "jose": "^4.10.0"
   },
   "devDependencies": {

packages/client/CHANGELOG.md

@@ -3,6 +3,39 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [0.7.3](https://github.com/Sphereon-Opensource/OID4VCI/compare/v0.7.2...v0.7.3) (2023-09-30)
+
+**Note:** Version bump only for package @sphereon/oid4vci-client
+
+
+
+
+
+## [0.7.2](https://github.com/Sphereon-Opensource/OID4VCI/compare/v0.7.1...v0.7.2) (2023-09-28)
+
+
+### Bug Fixes
+
+* id lookup against server metadata not working ([592ec4b](https://github.com/Sphereon-Opensource/OID4VCI/commit/592ec4b837898eb3022d19479d79b6065e7a0d9e))
+
+
+
+
+
+## [0.7.1](https://github.com/Sphereon-Opensource/OID4VCI/compare/v0.7.0...v0.7.1) (2023-09-28)
+
+
+### Bug Fixes
+
+* Better match credential offer types and formats onto issuer metadata ([4044c21](https://github.com/Sphereon-Opensource/OID4VCI/commit/4044c2175b4cbee16f44c8bb5499bba249ca4993))
+* clearinterval ([214e3c6](https://github.com/Sphereon-Opensource/OID4VCI/commit/214e3c6d7ced9b27c50186db8ed876330230a6a5))
+* relax auth_endpoint handling. Doesn't have to be available when doing pre-auth flow. Client handles errors anyway in case of auth/par flow ([ce39958](https://github.com/Sphereon-Opensource/OID4VCI/commit/ce39958f21f82243f26111fd14bd2443517eef9c))
+* relax auth_endpoint handling. Doesn't have to be available when doing pre-auth flow. Client handles errors anyway in case of auth/par flow ([cb5f9c1](https://github.com/Sphereon-Opensource/OID4VCI/commit/cb5f9c1c12285508c6d403814d032e8883a59e7d))
+
+
+
+
+
 # [0.7.0](https://github.com/Sphereon-Opensource/OID4VCI/compare/v0.6.0...v0.7.0) (2023-08-19)
 
 ### Bug Fixes

packages/client/lib/OpenID4VCIClient.ts

@@ -365,6 +365,10 @@ export class OpenID4VCIClient {
     return response.successBody;
   }
 
+  // FIXME: We really should convert <v11 to v12 objects first. Right now the logic doesn't map nicely and is brittle.
+  // We should resolve IDs to objects first in case of strings.
+  // When < v11 convert into a v12 object. When v12 object retain it.
+  // Then match the object array on server metadata
   getCredentialsSupported(
     restrictToInitiationTypes: boolean,
     format?: (OID4VCICredentialFormat | string) | (OID4VCICredentialFormat | string)[],
@@ -373,11 +377,11 @@ export class OpenID4VCIClient {
       issuerMetadata: this.endpointMetadata.credentialIssuerMetadata,
       version: this.version(),
       format: format,
-      types: restrictToInitiationTypes ? this.getCredentialTypes() : undefined,
+      types: restrictToInitiationTypes ? this.getCredentialOfferTypes() : undefined,
     });
   }
 
-  getCredentialTypes(): string[][] {
+  getCredentialOfferTypes(): string[][] {
     if (this.credentialOffer.version < OpenId4VCIVersion.VER_1_0_11) {
       const orig = this.credentialOffer.original_credential_offer as CredentialOfferPayloadV1_0_08;
       const types: string[] = typeof orig.credential_type === 'string' ? [orig.credential_type] : orig.credential_type;

packages/client/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@sphereon/oid4vci-client",
-  "version": "0.7.0",
+  "version": "0.7.3",
   "description": "OpenID for Verifiable Credential Issuance (OpenID4VCI) client",
   "source": "lib/index.ts",
   "main": "dist/index.js",
@@ -16,12 +16,11 @@
   },
   "dependencies": {
     "@sphereon/oid4vci-common": "workspace:*",
-    "@sphereon/ssi-types": "^0.15.1",
+    "@sphereon/ssi-types": "0.17.2",
     "cross-fetch": "^3.1.8",
     "debug": "^4.3.4"
   },
   "devDependencies": {
-    "uint8arrays": "3.1.1",
     "@types/jest": "^29.5.3",
     "@types/node": "^18.17.4",
     "@typescript-eslint/eslint-plugin": "^5.62.0",
@@ -40,7 +39,8 @@
     "open-cli": "^7.2.0",
     "ts-jest": "^29.1.1",
     "ts-node": "^10.9.1",
-    "typescript": "4.9.5"
+    "typescript": "4.9.5",
+    "uint8arrays": "3.1.1"
   },
   "engines": {
     "node": ">=16"

packages/common/CHANGELOG.md

@@ -3,6 +3,39 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [0.7.3](https://github.com/Sphereon-Opensource/OID4VCI/compare/v0.7.2...v0.7.3) (2023-09-30)
+
+**Note:** Version bump only for package @sphereon/oid4vci-common
+
+
+
+
+
+## [0.7.2](https://github.com/Sphereon-Opensource/OID4VCI/compare/v0.7.1...v0.7.2) (2023-09-28)
+
+
+### Bug Fixes
+
+* id lookup against server metadata not working ([592ec4b](https://github.com/Sphereon-Opensource/OID4VCI/commit/592ec4b837898eb3022d19479d79b6065e7a0d9e))
+
+
+
+
+
+## [0.7.1](https://github.com/Sphereon-Opensource/OID4VCI/compare/v0.7.0...v0.7.1) (2023-09-28)
+
+
+### Bug Fixes
+
+* Better match credential offer types and formats onto issuer metadata ([4044c21](https://github.com/Sphereon-Opensource/OID4VCI/commit/4044c2175b4cbee16f44c8bb5499bba249ca4993))
+* Fix credential offer matching against metadata ([3c23bab](https://github.com/Sphereon-Opensource/OID4VCI/commit/3c23bab83569e04a4b5846fed83ce00d68e8ddce))
+* Fix credential offer matching against metadata ([b79027f](https://github.com/Sphereon-Opensource/OID4VCI/commit/b79027fe601ecccb1373ba399419e14f5ec2d7ff))
+* relax auth_endpoint handling. Doesn't have to be available when doing pre-auth flow. Client handles errors anyway in case of auth/par flow ([cb5f9c1](https://github.com/Sphereon-Opensource/OID4VCI/commit/cb5f9c1c12285508c6d403814d032e8883a59e7d))
+
+
+
+
+
 # [0.7.0](https://github.com/Sphereon-Opensource/OID4VCI/compare/v0.6.0...v0.7.0) (2023-08-19)
 
 ### Bug Fixes

packages/common/lib/functions/IssuerMetadataUtils.ts

@@ -70,22 +70,17 @@ export function getSupportedCredential(opts?: {
   const supportedFormats: (CredentialOfferFormat | string)[] = formats && formats.length > 0 ? formats : ['jwt_vc_json', 'jwt_vc_json-ld', 'ldp_vc'];
 
   const credentialSupportedOverlap: CredentialSupported[] = [];
-  if (opts?.types && typeof opts?.types === 'string') {
+  if ((opts?.types && typeof opts?.types === 'string') || opts?.types?.length === 1) {
+    const types = Array.isArray(opts.types) ? opts.types[0] : opts.types;
     const supported = credentialsSupported.filter(
-      (sup) => sup.id === opts.types || (initiationTypes && arrayEqualsIgnoreOrder(sup.types, initiationTypes)),
+      (sup) => sup.id === types || (initiationTypes && arrayEqualsIgnoreOrder(sup.types, initiationTypes)),
     );
     if (supported) {
       credentialSupportedOverlap.push(...supported);
     }
-  } /*else if (initiationTypes && Array.isArray(initiationTypes) && initiationTypes.length === 1) {
+  }
 
-    const supported = credentialsSupported.filter(
-      (sup) => sup.id === initiationTypes![0] || (arrayEqualsIgnoreOrder(sup.types, initiationTypes!) && sup.types.includes(initiationTypes![0])),
-    );
-    if (supported) {
-      credentialSupportedOverlap.push(...supported);
-    }
-  }*/ else {
+  if (credentialSupportedOverlap.length === 0) {
     // Make sure we include Verifiable Credential both on the offer side as well as in the metadata side, to ensure consistency of the issuer does not.
     if (initiationTypes && !initiationTypes.includes('VerifiableCredential')) {
       initiationTypes.push('VerifiableCredential');

packages/common/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@sphereon/oid4vci-common",
-  "version": "0.7.0",
+  "version": "0.7.3",
   "description": "OpenID 4 Verifiable Credential Issuance Common Types",
   "source": "lib/index.ts",
   "main": "dist/index.js",
@@ -10,7 +10,7 @@
     "build:clean": "tsc --build --clean && tsc --build"
   },
   "dependencies": {
-    "@sphereon/ssi-types": "^0.15.1",
+    "@sphereon/ssi-types": "0.17.2",
     "cross-fetch": "^3.1.8",
     "jwt-decode": "^3.1.2"
   },

packages/issuer-rest/CHANGELOG.md

@@ -3,6 +3,36 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [0.7.3](https://github.com/Sphereon-Opensource/OID4VCI/compare/v0.7.2...v0.7.3) (2023-09-30)
+
+
+### Bug Fixes
+
+* allow token endpoint to be defined in metadata without triggering logic for external AS ([d99304c](https://github.com/Sphereon-Opensource/OID4VCI/commit/d99304cd02b92974785f516e8bd82900cc3e0925))
+
+
+
+
+
+## [0.7.2](https://github.com/Sphereon-Opensource/OID4VCI/compare/v0.7.1...v0.7.2) (2023-09-28)
+
+**Note:** Version bump only for package @sphereon/oid4vci-issuer-server
+
+
+
+
+
+## [0.7.1](https://github.com/Sphereon-Opensource/OID4VCI/compare/v0.7.0...v0.7.1) (2023-09-28)
+
+
+### Bug Fixes
+
+* Better match credential offer types and formats onto issuer metadata ([4044c21](https://github.com/Sphereon-Opensource/OID4VCI/commit/4044c2175b4cbee16f44c8bb5499bba249ca4993))
+
+
+
+
+
 # [0.7.0](https://github.com/Sphereon-Opensource/OID4VCI/compare/v0.6.0...v0.7.0) (2023-08-19)
 
 ### Bug Fixes

packages/issuer-rest/lib/oid4vci-api-functions.ts

@@ -71,7 +71,7 @@ export function accessTokenEndpoint<DIDDoc extends object>(
   opts: ITokenEndpointOpts & ISingleEndpointOpts & { baseUrl: string | URL },
 ) {
   const tokenEndpoint = issuer.issuerMetadata.token_endpoint
-  const externalAS = !!tokenEndpoint
+  const externalAS = issuer.issuerMetadata.authorization_server
   if (externalAS) {
     console.log(`[OID4VCI] External Authorization Server ${tokenEndpoint} is being used. Not enabling issuer token endpoint`)
     return

packages/issuer-rest/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@sphereon/oid4vci-issuer-server",
-  "version": "0.7.0",
+  "version": "0.7.3",
   "description": "OpenID 4 Verifiable Credential Issuance Server",
   "source": "lib/index.ts",
   "main": "dist/index.js",
@@ -13,8 +13,8 @@
   "dependencies": {
     "@sphereon/oid4vci-common": "workspace:*",
     "@sphereon/oid4vci-issuer": "workspace:*",
-    "@sphereon/ssi-express-support": "^0.15.1",
-    "@sphereon/ssi-types": "^0.15.1",
+    "@sphereon/ssi-express-support": "0.17.2",
+    "@sphereon/ssi-types": "0.17.2",
     "body-parser": "^1.20.2",
     "cookie-parser": "^1.4.6",
     "cors": "^2.8.5",

packages/issuer/CHANGELOG.md

@@ -3,6 +3,34 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [0.7.3](https://github.com/Sphereon-Opensource/OID4VCI/compare/v0.7.2...v0.7.3) (2023-09-30)
+
+**Note:** Version bump only for package @sphereon/oid4vci-issuer
+
+
+
+
+
+## [0.7.2](https://github.com/Sphereon-Opensource/OID4VCI/compare/v0.7.1...v0.7.2) (2023-09-28)
+
+**Note:** Version bump only for package @sphereon/oid4vci-issuer
+
+
+
+
+
+## [0.7.1](https://github.com/Sphereon-Opensource/OID4VCI/compare/v0.7.0...v0.7.1) (2023-09-28)
+
+
+### Bug Fixes
+
+* Better match credential offer types and formats onto issuer metadata ([4044c21](https://github.com/Sphereon-Opensource/OID4VCI/commit/4044c2175b4cbee16f44c8bb5499bba249ca4993))
+* clearinterval ([214e3c6](https://github.com/Sphereon-Opensource/OID4VCI/commit/214e3c6d7ced9b27c50186db8ed876330230a6a5))
+
+
+
+
+
 # [0.7.0](https://github.com/Sphereon-Opensource/OID4VCI/compare/v0.6.0...v0.7.0) (2023-08-19)
 
 ### Features