update sd-jwt profile from oid4vci

Signed-off-by: Timo Glastra <[email protected]>
Sphereon-Opensource · Dec 18, 2023 · 74d2d92 · 74d2d92
1 parent 3a8598c
commit 74d2d92
Show file tree

Hide file tree

Showing 9 changed files with 24 additions and 30 deletions.
diff --git a/packages/client/lib/CredentialRequestClient.ts b/packages/client/lib/CredentialRequestClient.ts
@@ -123,9 +123,7 @@ export class CredentialRequestClient {
       return {
         format,
         proof,
-        credential_definition: {
-          vct: types[0],
-        },
+        vct: types[0],
       };
     }
 

diff --git a/packages/client/lib/OpenID4VCIClient.ts b/packages/client/lib/OpenID4VCIClient.ts
@@ -411,8 +411,8 @@ export class OpenID4VCIClient {
           return [c];
         } else if ('types' in c) {
           return c.types;
-        } else if ('vct' in c.credential_definition) {
-          return [c.credential_definition.vct];
+        } else if ('vct' in c) {
+          return [c.vct];
         } else {
           return c.credential_definition.types;
         }

diff --git a/packages/client/lib/__tests__/SdJwt.spec.ts b/packages/client/lib/__tests__/SdJwt.spec.ts
@@ -15,9 +15,7 @@ const issuerMetadata = new IssuerMetadataBuilderV1_11()
   .withTokenEndpoint('https://token-endpoint.example.com')
   .addSupportedCredential({
     format: 'vc+sd-jwt',
-    credential_definition: {
-      vct: 'SdJwtCredential',
-    },
+    vct: 'SdJwtCredential',
     id: 'SdJwtCredentialId',
   })
   .build();
@@ -98,9 +96,7 @@ describe('sd-jwt vc', () => {
       const supported = client.getCredentialsSupported(true, 'vc+sd-jwt');
       expect(supported).toEqual([
         {
-          credential_definition: {
-            vct: 'SdJwtCredential',
-          },
+          vct: 'SdJwtCredential',
           format: 'vc+sd-jwt',
           id: 'SdJwtCredentialId',
         },
@@ -143,7 +139,7 @@ describe('sd-jwt vc', () => {
         );
 
       const credentials = await client.acquireCredentials({
-        credentialTypes: [offered.credential_definition.vct],
+        credentialTypes: [offered.vct],
         format: 'vc+sd-jwt',
         alg,
         jwk,
@@ -156,7 +152,7 @@ describe('sd-jwt vc', () => {
       expect(credentials).toEqual({
         c_nonce: 'new-c-nonce',
         c_nonce_expires_in: 300000,
-        credential: 'sd-jwt', // TODO: make this a real sd-jwt vc
+        credential: 'sd-jwt',
         format: 'vc+sd-jwt',
       });
     },

diff --git a/packages/common/lib/functions/CredentialOfferUtil.ts b/packages/common/lib/functions/CredentialOfferUtil.ts
@@ -353,7 +353,7 @@ export function getTypesFromOffer(credentialOffer: UniformCredentialOfferPayload
     } else if (curr.format === 'jwt_vc_json') {
       return [...prev, ...curr.types];
     } else if (curr.format === 'vc+sd-jwt') {
-      return [...prev, curr.credential_definition.vct];
+      return [...prev, curr.vct];
     }
 
     return prev;

diff --git a/packages/common/lib/functions/CredentialRequestUtil.ts b/packages/common/lib/functions/CredentialRequestUtil.ts
@@ -9,7 +9,7 @@ export function getTypesFromRequest(credentialRequest: UniformCredentialRequest,
   } else if (credentialRequest.format === 'jwt_vc_json-ld' || credentialRequest.format === 'ldp_vc') {
     types = credentialRequest.credential_definition.types;
   } else if (credentialRequest.format === 'vc+sd-jwt') {
-    types = [credentialRequest.credential_definition.vct];
+    types = [credentialRequest.vct];
   }
 
   if (!types || types.length === 0) {

diff --git a/packages/common/lib/functions/IssuerMetadataUtils.ts b/packages/common/lib/functions/IssuerMetadataUtils.ts
@@ -104,7 +104,7 @@ export function getTypesFromCredentialSupported(credentialSupported: CredentialS
   if (credentialSupported.format === 'jwt_vc_json' || credentialSupported.format === 'jwt_vc_json-ld' || credentialSupported.format === 'ldp_vc') {
     types = credentialSupported.types;
   } else if (credentialSupported.format === 'vc+sd-jwt') {
-    types = [credentialSupported.credential_definition.vct];
+    types = [credentialSupported.vct];
   }
 
   if (!types || types.length === 0) {

diff --git a/packages/common/lib/types/Authorization.types.ts b/packages/common/lib/types/Authorization.types.ts
@@ -5,7 +5,6 @@ import {
   JsonLdIssuerCredentialDefinition,
   OID4VCICredentialFormat,
   PRE_AUTH_CODE_LITERAL,
-  SdJwtVcCredentialDefinition,
 } from './Generic.types';
 import { EndpointMetadata } from './ServerMetadata';
 
@@ -140,7 +139,8 @@ export interface AuthorizationDetailsJwtVcJsonLdAndLdpVc extends CommonAuthoriza
 export interface AuthorizationDetailsSdJwtVc extends CommonAuthorizationDetails {
   format: 'vc+sd-jwt';
 
-  credential_definition: SdJwtVcCredentialDefinition;
+  vct: string;
+  claims?: IssuerCredentialSubject;
 }
 
 export enum GrantTypes {

diff --git a/packages/common/lib/types/Generic.types.ts b/packages/common/lib/types/Generic.types.ts
@@ -90,16 +90,12 @@ export interface CredentialSupportedJwtVcJson extends CommonCredentialSupported
   format: 'jwt_vc_json';
 }
 
-export interface SdJwtVcCredentialDefinition {
-  vct: string; // REQUIRED. JSON string designating the type of an SD-JWT vc
-  claims?: IssuerCredentialSubject;
-}
-
 export interface CredentialSupportedSdJwtVc extends CommonCredentialSupported {
   format: 'vc+sd-jwt';
 
-  // REQUIRED. JSON object containing the detailed description of the credential type
-  credential_definition: SdJwtVcCredentialDefinition;
+  vct: string;
+  claims?: IssuerCredentialSubject;
+
   order?: string[]; //An array of claims.display.name values that lists them in the order they should be displayed by the Wallet.
 }
 
@@ -121,9 +117,14 @@ export interface CredentialOfferFormatJwtVcJson extends CommonCredentialOfferFor
   types: string[]; // REQUIRED. JSON array as defined in Appendix E.1.1.2. This claim contains the type values the Wallet shall request in the subsequent Credential Request.
 }
 
+// NOTE: the sd-jwt format is added to oid4vci in a later draft version than currently
+// supported, so there's no defined offer format. However, based on the request structure
+// we support sd-jwt for older drafts of oid4vci as well
 export interface CredentialOfferFormatSdJwtVc extends CommonCredentialOfferFormat {
   format: 'vc+sd-jwt';
-  credential_definition: SdJwtVcCredentialDefinition;
+
+  vct: string;
+  claims?: IssuerCredentialSubject;
 }
 
 export type CredentialOfferFormat = CommonCredentialOfferFormat &
@@ -176,7 +177,8 @@ export interface CredentialRequestJwtVcJsonLdAndLdpVc extends CommonCredentialRe
 
 export interface CredentialRequestSdJwtVc extends CommonCredentialRequest {
   format: 'vc+sd-jwt';
-  credential_definition: SdJwtVcCredentialDefinition;
+  vct: string;
+  claims?: IssuerCredentialSubject;
 }
 
 export interface CommonCredentialResponse {

diff --git a/packages/issuer/lib/builder/CredentialSupportedBuilderV1_11.ts b/packages/issuer/lib/builder/CredentialSupportedBuilderV1_11.ts
@@ -125,9 +125,7 @@ export class CredentialSupportedBuilderV1_11 {
       if (this.types.length > 1) {
         throw new Error('Only one type is allowed for vc+sd-jwt')
       }
-      credentialSupported.credential_definition = {
-        vct: this.types[0],
-      }
+      credentialSupported.vct = this.types[0]
     }
     // And else would work here, but this way we get the correct typing
     else if (isNotFormat(credentialSupported, 'vc+sd-jwt')) {