import { JarmDirectPostJwtResponseParams, JarmAuthResponseParams, JarmClientMetadata, JarmServerMetadata } from '@sphereon/jarm'; import { JwtIssuer, JwtHeader, CreateJwtCallback as CreateJwtCallback$1, JwtIssuanceContextBase, VerifyJwtCallbackBase, DidJwtVerifier, X5cJwtVerifier, CustomJwtVerifier, JwkJwtVerifier as JwkJwtVerifier$1, OpenIdFederationJwtVerifier, JwtPayload, JwtType, SigningAlgo, DynamicRegistrationClientMetadata, JWKS } from '@sphereon/oid4vc-common'; import { Format, PresentationDefinitionV1, PresentationDefinitionV2, PresentationSubmission as PresentationSubmission$1 } from '@sphereon/pex-models'; import { W3CVerifiablePresentation, CompactSdJwtVc, MdocOid4vpIssuerSigned, PresentationSubmission, MdocOid4vpMdocVpToken, HasherSync, WrappedVerifiablePresentation, Hasher, W3CVerifiableCredential, IPresentation, AdditionalClaims, IVerifiablePresentation, ISimpleLogger, OriginalVerifiableCredential, OriginalVerifiablePresentation, IIssuerId } from '@sphereon/ssi-types'; import { DcqlQuery, DcqlPresentation } from 'dcql'; import { PresentationSignCallBackParams, IPresentationDefinition, PEX, VerifiablePresentationFromOpts, VerifiablePresentationResult, SelectResults } from '@sphereon/pex'; import { PresentationEvaluationResults } from '@sphereon/pex/dist/main/lib/evaluation'; import { EventEmitter } from 'events'; declare enum SIOPErrors { INVALID_CLIENT_ID_MUST_MATCH_REDIRECT_URI = "Invalid request object payload. The redirect_uri must match the client_id with client_id_scheme 'redirect_uri'.", INVALID_CLIENT_ID_MUST_MATCH_RESPONSE_URI = "Invalid request object payload. The response_uri must match the client_id with client_id_scheme 'redirect_uri'.", INVALID_REQUEST = "The request contained invalid or conflicting parameters", AUTH_REQUEST_EXPECTS_VP = "authentication request expects a verifiable presentation in the response", AUTH_REQUEST_DOESNT_EXPECT_VP = "authentication request doesn't expect a verifiable presentation in the response", BAD_STATE = "The state in the payload does not match the supplied state", BAD_NONCE = "The nonce in the payload does not match the supplied nonce", NO_ALG_SUPPORTED = "Algorithm not supported.", BAD_PARAMS = "Wrong parameters provided.", BAD_IDTOKEN_RESPONSE_OPTS = "Id-token response options are not set.", NO_REQUEST_VERSION = "No request spec version provided.", NO_REQUEST = "No request (payload) provided.", NO_RESPONSE = "No response (payload) provided.", NO_PRESENTATION_SUBMISSION = "The VP did not contain a presentation submission. Did you forget to call PresentationExchange.checkSubmissionFrom?", BAD_VERIFIER_ATTESTATION = "Invalid verifier attestation. Bad JWT structure.", BAD_VERIFIER_ATTESTATION_REDIRECT_URIS = "Invalid verifier attestation. redirect_uri cannot be found in the the attestation jwts's redirect_uris.", CREDENTIAL_FORMATS_NOT_SUPPORTED = "CREDENTIAL_FORMATS_NOT_SUPPORTED", CREDENTIALS_FORMATS_NOT_PROVIDED = "Credentials format not provided by RP/OP", COULD_NOT_FIND_VCS_MATCHING_PD = "Could not find VerifiableCredentials matching presentationDefinition object in the provided VC list", DIDAUTH_REQUEST_PAYLOAD_NOT_CREATED = "DidAuthRequestPayload not created", DID_METHODS_NOT_SUPORTED = "DID_METHODS_NOT_SUPPORTED", ERROR_VERIFYING_SIGNATURE = "Error verifying the DID Auth Token signature.", INVALID_JWT = "Received an invalid JWT.", MISSING_X5C_HEADER_WITH_CLIENT_ID_SCHEME_X509 = "Missing x5c header with client_id_scheme 'x509_san_dns' | 'x509_san_uri'.", MISSING_KID_HEADER_WITH_CLIENT_ID_SCHEME_DID = "Missing kid header with client_id_scheme 'did'.", MISSING_ATTESTATION_JWT_WITH_CLIENT_ID_SCHEME_ATTESTATION = "Missing jwt header jwt with client_id_scheme 'verifier_attestation'.", MISSING_ATTESTATION_JWT_TYP = "Attestation JWT missing typ 'verifier-attestation+jwt'.", INVALID_CLIENT_ID_SCHEME = "Invalid client_id_scheme.", INVALID_REQUEST_OBJECT_ENTITY_ID_SCHEME_CLIENT_ID = "Request Object uses client_id_scheme 'entity_id', but the entity_id is missing or not an https endpoint.", EXPIRED = "The token has expired", INVALID_AUDIENCE = "Audience is invalid. Should be a string value.", NO_AUDIENCE = "No audience found in JWT payload or not configured", NO_JWT = "no JWT was supplied", NO_NONCE = "No nonce found in JWT payload", NO_REFERENCE_URI = "referenceUri must be defined when REFERENCE option is used", REFERENCE_URI_NO_PAYLOAD = "referenceUri specified, but object to host there is not present", NO_SELF_ISSUED_ISS = "The Response Token Issuer Claim (iss) MUST start with https://self-isued.me/v2", REGISTRATION_NOT_SET = "Registration metadata not set.", REQUEST_CLAIMS_PRESENTATION_NON_EXCLUSIVE = "Request claims can't have multiple of 'presentation_definition', 'presentation_definition_uri' and 'dcql_query", REQUEST_CLAIMS_PRESENTATION_DEFINITION_NOT_VALID = "Presentation definition in the request claims is not valid", REQUEST_OBJECT_TYPE_NOT_SET = "Request object type is not set.", RESPONSE_OPTS_PRESENTATIONS_SUBMISSION_IS_NOT_VALID = "presentation_submission object inside the response opts vp should be valid", RESPONSE_STATUS_UNEXPECTED = "Received unexpected response status", REG_OBJ_N_REG_URI_CANT_BE_SET_SIMULTANEOUSLY = "Registration can either be passed by value or passed by reference. Hence, registration object and registration URI can not be set simultaneously", REG_OBJ_MALFORMED = "The registration object is malformed.", REG_PASS_BY_REFERENCE_INCORRECTLY = "Request error", REGISTRATION_OBJECT_TYPE_NOT_SET = "Registration object type is not set.", SIOP_VERSION_NOT_SUPPORTED = "The SIOP spec version could not inferred from the authentication request payload", NO_VERIFIABLE_PRESENTATION_NO_CREDENTIALS = "Either no verifiable presentation or no credentials found in the verifiable presentation", VERIFY_BAD_PARAMS = "Verify bad parameters", VERIFIABLE_PRESENTATION_SIGNATURE_NOT_VALID = "The signature of the verifiable presentation is not valid", VERIFIABLE_PRESENTATION_VERIFICATION_FUNCTION_MISSING = "The verifiable presentation verification function is missing", PRESENTATION_SUBMISSION_DEFINITION_ID_DOES_NOT_MATCHING_DEFINITION_ID = "The 'definition_id' in the presentation submission does not match the id of the presentation definition." } interface EcdsaSignature { r: string; s: string; recoveryParam?: number | null; } interface JWTPayload { iss?: string; sub?: string; aud?: string | string[]; iat?: number; nbf?: number; type?: string; exp?: number; rexp?: number; jti?: string; [x: string]: any; } interface VerifiedJWT { payload: Partial; issuer: string; jwt: string; } /** * JSON Web Key ({@link https://www.rfc-editor.org/rfc/rfc7517 JWK}). "RSA", "EC", "OKP", and "oct" * key types are supported. */ interface JWK { /** JWK "alg" (Algorithm) Parameter. */ alg?: string; crv?: string; d?: string; dp?: string; dq?: string; e?: string; /** JWK "ext" (Extractable) Parameter. */ ext?: boolean; k?: string; /** JWK "key_ops" (Key Operations) Parameter. */ key_ops?: string[]; /** JWK "kid" (Key ID) Parameter. */ kid?: string; /** JWK "kty" (Key Type) Parameter. */ kty?: string; n?: string; oth?: Array<{ d?: string; r?: string; t?: string; }>; p?: string; q?: string; qi?: string; /** JWK "use" (Public Key Use) Parameter. */ use?: string; x?: string; y?: string; /** JWK "x5c" (X.509 Certificate Chain) Parameter. */ x5c?: string[]; /** JWK "x5t" (X.509 Certificate SHA-1 Thumbprint) Parameter. */ x5t?: string; /** "x5t#S256" (X.509 Certificate SHA-256 Thumbprint) Parameter. */ 'x5t#S256'?: string; /** JWK "x5u" (X.509 URL) Parameter. */ x5u?: string; [propName: string]: unknown; } type DecryptCompact = (input: { jwk: { kid: string; }; jwe: string; }) => Promise<{ plaintext: string; protectedHeader: Record & { alg: string; enc: string; }; }>; declare class IDToken { private _header?; private _payload?; private _jwt?; private readonly _responseOpts; private constructor(); static fromVerifiedAuthorizationRequest(verifiedAuthorizationRequest: VerifiedAuthorizationRequest, responseOpts: AuthorizationResponseOpts, verifyOpts?: VerifyAuthorizationResponseOpts): Promise; static fromIDToken(idTokenJwt: IDTokenJwt, verifyOpts?: VerifyAuthorizationResponseOpts): Promise; static fromIDTokenPayload(idTokenPayload: IDTokenPayload, responseOpts: AuthorizationResponseOpts, verifyOpts?: VerifyAuthorizationResponseOpts): Promise; payload(): IDTokenPayload; jwt(_jwtIssuer: JwtIssuer): Promise; private parseAndVerifyJwt; /** * Verifies a SIOP ID Response JWT on the RP Side * * @param idToken ID token to be validated * @param verifyOpts */ verify(verifyOpts: VerifyAuthorizationResponseOpts): Promise; static verify(idTokenJwt: IDTokenJwt, verifyOpts: VerifyAuthorizationResponseOpts): Promise; private assertValidResponseJWT; get header(): JwtHeader; get responseOpts(): AuthorizationResponseOpts; isSelfIssued(): Promise; } declare const createIDTokenPayload: (verifiedAuthorizationRequest: VerifiedAuthorizationRequest, responseOpts: AuthorizationResponseOpts) => Promise; interface RequestObjectContext extends JwtIssuanceContextBase { type: 'request-object'; } interface IdTokenContext extends JwtIssuanceContextBase { type: 'id-token'; authorizationResponseOpts: AuthorizationResponseOpts; } type JwtIssuanceContext = RequestObjectContext | IdTokenContext; type JwtIssuerWithContext = JwtIssuer & JwtIssuanceContext; type CreateJwtCallback = CreateJwtCallback$1; type JwkJwtVerifier = (JwkJwtVerifier$1 & { type: 'id-token'; jwkThumbprint: string; }) | (JwkJwtVerifier$1 & { type: 'request-object' | 'verifier-attestation' | 'dpop'; jwkThumbprint?: never; }); type JwtVerifier = DidJwtVerifier | X5cJwtVerifier | CustomJwtVerifier | JwkJwtVerifier | OpenIdFederationJwtVerifier; declare const getJwkVerifier: (jwt: { header: JwtHeader; payload: JwtPayload; }, jwkJwtVerifier: JwkJwtVerifier$1) => Promise; declare const getJwtVerifierWithContext: (jwt: { header: JwtHeader; payload: JwtPayload; }, options: { type: JwtType; }) => Promise; declare const getRequestObjectJwtVerifier: (jwt: { header: JwtHeader; payload: RequestObjectPayload; }, options: { raw: string; }) => Promise; type VerifyJwtCallback = VerifyJwtCallbackBase; interface AuthorizationResponseOpts { responseURI?: string; responseURIType?: ResponseURIType; registration?: ResponseRegistrationOpts; version?: SupportedVersion; audience?: string; createJwtCallback: CreateJwtCallback; jwtIssuer?: JwtIssuer; responseMode?: ResponseMode; responseType?: [ResponseType]; expiresIn?: number; accessToken?: string; tokenType?: string; refreshToken?: string; presentationExchange?: PresentationExchangeResponseOpts; dcqlResponse?: DcqlResponseOpts; isFirstParty?: boolean; } interface PresentationExchangeResponseOpts { verifiablePresentations: Array; vpTokenLocation?: VPTokenLocation; presentationSubmission?: PresentationSubmission; restrictToFormats?: Format; restrictToDIDMethods?: string[]; } interface DcqlResponseOpts { dcqlPresentation: Record | string>; } interface PresentationDefinitionPayloadOpts { presentation_definition?: IPresentationDefinition; presentation_definition_uri?: string; dcql_query?: never; } interface DcqlQueryPayloadOpts { dcql_query?: string; presentation_definition?: never; presentation_definition_uri?: never; } interface PresentationDefinitionWithLocation { version?: SupportedVersion; location: PresentationDefinitionLocation; definition: IPresentationDefinition; } interface VerifiablePresentationWithSubmissionData extends VerifiablePresentationWithFormat { vpTokenLocation: VPTokenLocation; submissionData: PresentationSubmission; } declare enum PresentationDefinitionLocation { CLAIMS_VP_TOKEN = "claims.vp_token", TOPLEVEL_PRESENTATION_DEF = "presentation_definition" } declare enum VPTokenLocation { AUTHORIZATION_RESPONSE = "authorization_response", ID_TOKEN = "id_token", TOKEN_RESPONSE = "token_response" } type PresentationVerificationResult = { verified: boolean; reason?: string; }; type PresentationVerificationCallback = (args: W3CVerifiablePresentation | CompactSdJwtVc | MdocOid4vpIssuerSigned, presentationSubmission?: PresentationSubmission) => Promise; type PresentationSignCallback = (args: PresentationSignCallBackParams) => Promise; interface VerifyAuthorizationResponseOpts { correlationId: string; verification: Verification; verifyJwtCallback: VerifyJwtCallback; hasher?: HasherSync; nonce?: string; state?: string; presentationDefinitions?: PresentationDefinitionWithLocation | PresentationDefinitionWithLocation[]; dcqlQuery?: DcqlQuery; audience?: string; restrictToFormats?: Format; restrictToDIDMethods?: string[]; } interface AuthorizationResponseWithCorrelationId { responseURI: string; response: AuthorizationResponse; correlationId: string; } declare class AuthorizationResponse { private readonly _authorizationRequest?; private readonly _idToken?; private readonly _payload; private readonly _options?; private constructor(); /** * Creates a SIOP Response Object * * @param requestObject * @param responseOpts * @param verifyOpts */ static fromRequestObject(requestObject: string, responseOpts: AuthorizationResponseOpts, verifyOpts: VerifyAuthorizationRequestOpts): Promise; static fromPayload(authorizationResponsePayload: AuthorizationResponsePayload, responseOpts?: AuthorizationResponseOpts): Promise; static fromAuthorizationRequest(authorizationRequest: AuthorizationRequest, responseOpts: AuthorizationResponseOpts, verifyOpts: VerifyAuthorizationRequestOpts): Promise; static fromVerifiedAuthorizationRequest(verifiedAuthorizationRequest: VerifiedAuthorizationRequest, responseOpts: AuthorizationResponseOpts, verifyOpts: VerifyAuthorizationRequestOpts): Promise; verify(verifyOpts: VerifyAuthorizationResponseOpts): Promise; get authorizationRequest(): AuthorizationRequest | undefined; get payload(): AuthorizationResponsePayload; get options(): AuthorizationResponseOpts | undefined; get idToken(): IDToken | undefined; getMergedProperty(key: string, opts?: { consistencyCheck?: boolean; hasher?: HasherSync; }): T | undefined; mergedPayloads(opts?: { consistencyCheck?: boolean; hasher?: HasherSync; }): AuthorizationResponsePayload; } interface RequestObjectOpts extends ObjectBy { payload?: RequestObjectPayloadOpts; createJwtCallback: CreateJwtCallback; jwtIssuer: JwtIssuer; } declare class RequestObject { private payload; private jwt?; private readonly opts; private constructor(); /** * Create a request object that typically is used as a JWT on RP side, typically this method is called automatically when creating an Authorization Request, but you could use it directly! * * @param authorizationRequestOpts Request Object options to build a Request Object * @remarks This method is used to generate a SIOP request Object. * First it generates the request object payload, and then it a signed JWT can be accessed on request. * * Normally you will want to use the Authorization Request class. That class creates a URI that includes the JWT from this class in the URI * If you do use this class directly, you can call the `convertRequestObjectToURI` afterwards to get the URI. * Please note that the Authorization Request allows you to differentiate between OAuth2 and OpenID parameters that become * part of the URI and which become part of the Request Object. If you generate a URI based upon the result of this class, * the URI will be constructed based on the Request Object only! */ static fromOpts(authorizationRequestOpts: CreateAuthorizationRequestOpts): Promise; static fromJwt(requestObjectJwt: RequestObjectJwt | undefined): Promise; static fromPayload(requestObjectPayload: RequestObjectPayload, authorizationRequestOpts: CreateAuthorizationRequestOpts): Promise; static fromAuthorizationRequestPayload(payload: AuthorizationRequestPayload): Promise; toJwt(): Promise; getPayload(): RequestObjectPayload | undefined; assertValid(): Promise; get options(): RequestObjectOpts | undefined; private removeRequestProperties; private static mergeOAuth2AndOpenIdProperties; } declare const createRequestObjectPayload: (opts: CreateAuthorizationRequestOpts) => Promise; declare const assertValidRequestObjectPayload: (verPayload: RequestObjectPayload | undefined) => void; declare const createResponsePayload: (authorizationRequest: AuthorizationRequest, responseOpts: AuthorizationResponseOpts, idTokenPayload?: IDTokenPayload) => Promise; /** * Properties can be in oAUth2 and OpenID (JWT) style. If they are in both the OpenID prop takes precedence as they are signed. * @param payload * @param requestObject */ declare const mergeOAuth2AndOpenIdInRequestPayload: (payload: AuthorizationRequestPayload, requestObject?: RequestObject) => Promise; declare const createDiscoveryMetadataPayload: (opts: DiscoveryMetadataOpts) => DiscoveryMetadataPayload; declare const extractNonceFromWrappedVerifiablePresentation: (wrappedVp: WrappedVerifiablePresentation) => string | undefined; declare const verifyPresentations: (authorizationResponse: AuthorizationResponse, verifyOpts: VerifyAuthorizationResponseOpts) => Promise<{ presentationExchange?: VerifiedOpenID4VPSubmission; dcql?: VerifiedOpenID4VPSubmissionDcql; }>; declare const extractDcqlPresentationFromDcqlVpToken: (vpToken: DcqlPresentation.Input | string, opts?: { hasher?: HasherSync; }) => { [credentialQueryId: string]: WrappedVerifiablePresentation; }; declare const extractPresentationsFromDcqlVpToken: (vpToken: DcqlPresentation.Input | string, opts?: { hasher?: HasherSync; }) => WrappedVerifiablePresentation[]; declare const extractPresentationsFromVpToken: (vpToken: Array | W3CVerifiablePresentation | CompactSdJwtVc | string, opts?: { hasher?: HasherSync; }) => WrappedVerifiablePresentation[] | WrappedVerifiablePresentation; declare const createPresentationSubmission: (verifiablePresentations: W3CVerifiablePresentation[], opts?: { presentationDefinitions: (PresentationDefinitionWithLocation | IPresentationDefinition)[]; }) => Promise; declare const putPresentationSubmissionInLocation: (authorizationRequest: AuthorizationRequest, responsePayload: AuthorizationResponsePayload, resOpts: AuthorizationResponseOpts, idTokenPayload?: IDTokenPayload) => Promise; declare const assertValidVerifiablePresentations: (args: { presentationDefinitions: PresentationDefinitionWithLocation[]; presentations: Array | WrappedVerifiablePresentation; verificationCallback: PresentationVerificationCallback; opts?: { limitDisclosureSignatureSuites?: string[]; restrictToFormats?: Format; restrictToDIDMethods?: string[]; presentationSubmission?: PresentationSubmission; hasher?: Hasher; }; }) => Promise; /** * Finds a valid DcqlQuery inside the given AuthenticationRequestPayload * throws exception if the DcqlQuery is not valid * returns the decoded dcql query if a valid instance found * @param authorizationRequestPayload object that can have a dcql_query inside * @param version */ declare class Dcql { static findValidDcqlQuery: (authorizationRequestPayload: AuthorizationRequestPayload) => Promise; static getDcqlPresentationResult: (record: DcqlPresentation | string, dcqlQuery: DcqlQuery, opts: { hasher?: HasherSync; }) => { credentials: [{ id: string; format: "mso_mdoc"; claims?: [{ namespace: string; claim_name: string; values?: (string | number | boolean)[] | undefined; id?: string | undefined; } | { path: [string, string]; values?: (string | number | boolean)[] | undefined; id?: string | undefined; intent_to_retain?: boolean | undefined; }, ...({ namespace: string; claim_name: string; values?: (string | number | boolean)[] | undefined; id?: string | undefined; } | { path: [string, string]; values?: (string | number | boolean)[] | undefined; id?: string | undefined; intent_to_retain?: boolean | undefined; })[]] | undefined; claim_sets?: [[string, ...string[]], ...[string, ...string[]][]] | undefined; meta?: { doctype_value?: string | undefined; } | undefined; } | { id: string; format: "vc+sd-jwt" | "dc+sd-jwt"; claims?: [{ path: [string | number | null, ...(string | number | null)[]]; values?: (string | number | boolean)[] | undefined; id?: string | undefined; }, ...{ path: [string | number | null, ...(string | number | null)[]]; values?: (string | number | boolean)[] | undefined; id?: string | undefined; }[]] | undefined; claim_sets?: [[string, ...string[]], ...[string, ...string[]][]] | undefined; meta?: { vct_values?: string[] | undefined; } | undefined; } | { id: string; format: "jwt_vc_json-ld" | "jwt_vc_json"; claims?: [{ path: [string | number | null, ...(string | number | null)[]]; values?: (string | number | boolean)[] | undefined; id?: string | undefined; }, ...{ path: [string | number | null, ...(string | number | null)[]]; values?: (string | number | boolean)[] | undefined; id?: string | undefined; }[]] | undefined; claim_sets?: [[string, ...string[]], ...[string, ...string[]][]] | undefined; }, ...({ id: string; format: "mso_mdoc"; claims?: [{ namespace: string; claim_name: string; values?: (string | number | boolean)[] | undefined; id?: string | undefined; } | { path: [string, string]; values?: (string | number | boolean)[] | undefined; id?: string | undefined; intent_to_retain?: boolean | undefined; }, ...({ namespace: string; claim_name: string; values?: (string | number | boolean)[] | undefined; id?: string | undefined; } | { path: [string, string]; values?: (string | number | boolean)[] | undefined; id?: string | undefined; intent_to_retain?: boolean | undefined; })[]] | undefined; claim_sets?: [[string, ...string[]], ...[string, ...string[]][]] | undefined; meta?: { doctype_value?: string | undefined; } | undefined; } | { id: string; format: "vc+sd-jwt" | "dc+sd-jwt"; claims?: [{ path: [string | number | null, ...(string | number | null)[]]; values?: (string | number | boolean)[] | undefined; id?: string | undefined; }, ...{ path: [string | number | null, ...(string | number | null)[]]; values?: (string | number | boolean)[] | undefined; id?: string | undefined; }[]] | undefined; claim_sets?: [[string, ...string[]], ...[string, ...string[]][]] | undefined; meta?: { vct_values?: string[] | undefined; } | undefined; } | { id: string; format: "jwt_vc_json-ld" | "jwt_vc_json"; claims?: [{ path: [string | number | null, ...(string | number | null)[]]; values?: (string | number | boolean)[] | undefined; id?: string | undefined; }, ...{ path: [string | number | null, ...(string | number | null)[]]; values?: (string | number | boolean)[] | undefined; id?: string | undefined; }[]] | undefined; claim_sets?: [[string, ...string[]], ...[string, ...string[]][]] | undefined; })[]]; invalid_matches: { [x: string]: { output: unknown; issues: [unknown, ...unknown[]]; presentation_id: string; success: false; typed: boolean; claim_set_index: number; }; }; valid_matches: { [x: string]: { output: { credential_format: "mso_mdoc"; doctype: string; namespaces: { [x: string]: { [x: string]: unknown; }; }; } | { claims: { [x: string]: string | number | boolean | { [key: string]: string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | /*elided*/ any)[])[])[])[])[])[])[])[])[])[])[]; } | (string | number | boolean | { [key: string]: string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | /*elided*/ any)[])[])[])[])[])[])[])[])[])[]; } | (string | number | boolean | { [key: string]: string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | /*elided*/ any)[])[])[])[])[])[])[])[])[]; } | (string | number | boolean | { [key: string]: string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | /*elided*/ any)[])[])[])[])[])[])[])[]; } | (string | number | boolean | { [key: string]: string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | /*elided*/ any)[])[])[])[])[])[])[]; } | (string | number | boolean | { [key: string]: string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | /*elided*/ any)[])[])[])[])[])[]; } | (string | number | boolean | { [key: string]: string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | /*elided*/ any)[])[])[])[])[]; } | (string | number | boolean | { [key: string]: string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | /*elided*/ any)[])[])[])[]; } | (string | number | boolean | { [key: string]: string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | /*elided*/ any)[])[])[]; } | (string | number | boolean | { [key: string]: string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | /*elided*/ any)[])[]; } | (string | number | boolean | { [key: string]: string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | /*elided*/ any)[]; } | (string | number | boolean | { [key: string]: string | number | boolean | /*elided*/ any | /*elided*/ any; } | /*elided*/ any)[])[])[])[])[])[])[])[])[])[])[]; }; credential_format: "vc+sd-jwt" | "dc+sd-jwt"; vct: string; } | { claims: { [x: string]: string | number | boolean | { [key: string]: string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | /*elided*/ any)[])[])[])[])[])[])[])[])[])[])[]; } | (string | number | boolean | { [key: string]: string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | /*elided*/ any)[])[])[])[])[])[])[])[])[])[]; } | (string | number | boolean | { [key: string]: string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | /*elided*/ any)[])[])[])[])[])[])[])[])[]; } | (string | number | boolean | { [key: string]: string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | /*elided*/ any)[])[])[])[])[])[])[])[]; } | (string | number | boolean | { [key: string]: string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | /*elided*/ any)[])[])[])[])[])[])[]; } | (string | number | boolean | { [key: string]: string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | /*elided*/ any)[])[])[])[])[])[]; } | (string | number | boolean | { [key: string]: string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | /*elided*/ any)[])[])[])[])[]; } | (string | number | boolean | { [key: string]: string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | /*elided*/ any)[])[])[])[]; } | (string | number | boolean | { [key: string]: string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | /*elided*/ any)[])[])[]; } | (string | number | boolean | { [key: string]: string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | /*elided*/ any)[])[]; } | (string | number | boolean | { [key: string]: string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | /*elided*/ any)[]; } | (string | number | boolean | { [key: string]: string | number | boolean | /*elided*/ any | /*elided*/ any; } | /*elided*/ any)[])[])[])[])[])[])[])[])[])[])[]; }; credential_format: "jwt_vc_json" | "jwt_vc_json-ld"; }; presentation_id: string; success: true; typed: true; claim_set_index: number; }; }; canBeSatisfied: boolean; credential_sets?: [{ options: [string[], ...string[][]]; required: boolean; matching_options: [string[], ...string[][]] | undefined; purpose?: string | number | { [x: string]: unknown; } | undefined; }, ...{ options: [string[], ...string[][]]; required: boolean; matching_options: [string[], ...string[][]] | undefined; purpose?: string | number | { [x: string]: unknown; } | undefined; }[]]; }; static assertValidDcqlPresentationResult: (record: DcqlPresentation | string, dcqlQuery: DcqlQuery, opts: { hasher?: HasherSync; }) => Promise<{ credentials: [{ id: string; format: "mso_mdoc"; claims?: [{ namespace: string; claim_name: string; values?: (string | number | boolean)[] | undefined; id?: string | undefined; } | { path: [string, string]; values?: (string | number | boolean)[] | undefined; id?: string | undefined; intent_to_retain?: boolean | undefined; }, ...({ namespace: string; claim_name: string; values?: (string | number | boolean)[] | undefined; id?: string | undefined; } | { path: [string, string]; values?: (string | number | boolean)[] | undefined; id?: string | undefined; intent_to_retain?: boolean | undefined; })[]] | undefined; claim_sets?: [[string, ...string[]], ...[string, ...string[]][]] | undefined; meta?: { doctype_value?: string | undefined; } | undefined; } | { id: string; format: "vc+sd-jwt" | "dc+sd-jwt"; claims?: [{ path: [string | number | null, ...(string | number | null)[]]; values?: (string | number | boolean)[] | undefined; id?: string | undefined; }, ...{ path: [string | number | null, ...(string | number | null)[]]; values?: (string | number | boolean)[] | undefined; id?: string | undefined; }[]] | undefined; claim_sets?: [[string, ...string[]], ...[string, ...string[]][]] | undefined; meta?: { vct_values?: string[] | undefined; } | undefined; } | { id: string; format: "jwt_vc_json-ld" | "jwt_vc_json"; claims?: [{ path: [string | number | null, ...(string | number | null)[]]; values?: (string | number | boolean)[] | undefined; id?: string | undefined; }, ...{ path: [string | number | null, ...(string | number | null)[]]; values?: (string | number | boolean)[] | undefined; id?: string | undefined; }[]] | undefined; claim_sets?: [[string, ...string[]], ...[string, ...string[]][]] | undefined; }, ...({ id: string; format: "mso_mdoc"; claims?: [{ namespace: string; claim_name: string; values?: (string | number | boolean)[] | undefined; id?: string | undefined; } | { path: [string, string]; values?: (string | number | boolean)[] | undefined; id?: string | undefined; intent_to_retain?: boolean | undefined; }, ...({ namespace: string; claim_name: string; values?: (string | number | boolean)[] | undefined; id?: string | undefined; } | { path: [string, string]; values?: (string | number | boolean)[] | undefined; id?: string | undefined; intent_to_retain?: boolean | undefined; })[]] | undefined; claim_sets?: [[string, ...string[]], ...[string, ...string[]][]] | undefined; meta?: { doctype_value?: string | undefined; } | undefined; } | { id: string; format: "vc+sd-jwt" | "dc+sd-jwt"; claims?: [{ path: [string | number | null, ...(string | number | null)[]]; values?: (string | number | boolean)[] | undefined; id?: string | undefined; }, ...{ path: [string | number | null, ...(string | number | null)[]]; values?: (string | number | boolean)[] | undefined; id?: string | undefined; }[]] | undefined; claim_sets?: [[string, ...string[]], ...[string, ...string[]][]] | undefined; meta?: { vct_values?: string[] | undefined; } | undefined; } | { id: string; format: "jwt_vc_json-ld" | "jwt_vc_json"; claims?: [{ path: [string | number | null, ...(string | number | null)[]]; values?: (string | number | boolean)[] | undefined; id?: string | undefined; }, ...{ path: [string | number | null, ...(string | number | null)[]]; values?: (string | number | boolean)[] | undefined; id?: string | undefined; }[]] | undefined; claim_sets?: [[string, ...string[]], ...[string, ...string[]][]] | undefined; })[]]; canBeSatisfied: boolean; invalid_matches: { [x: string]: { output: unknown; issues: [unknown, ...unknown[]]; success: false; typed: boolean; claim_set_index: number | undefined; presentation_id: string; }; } | undefined; valid_matches: { [x: string]: { output: { credential_format: "mso_mdoc"; doctype: string; namespaces: { [x: string]: { [x: string]: unknown; }; }; } | { credential_format: "vc+sd-jwt" | "dc+sd-jwt"; vct: string; claims: { [x: string]: string | number | boolean | { [key: string]: string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | /*elided*/ any)[])[])[])[])[])[])[])[])[])[])[]; } | (string | number | boolean | { [key: string]: string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | /*elided*/ any)[])[])[])[])[])[])[])[])[])[]; } | (string | number | boolean | { [key: string]: string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | /*elided*/ any)[])[])[])[])[])[])[])[])[]; } | (string | number | boolean | { [key: string]: string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | /*elided*/ any)[])[])[])[])[])[])[])[]; } | (string | number | boolean | { [key: string]: string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | /*elided*/ any)[])[])[])[])[])[])[]; } | (string | number | boolean | { [key: string]: string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | /*elided*/ any)[])[])[])[])[])[]; } | (string | number | boolean | { [key: string]: string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | /*elided*/ any)[])[])[])[])[]; } | (string | number | boolean | { [key: string]: string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | /*elided*/ any)[])[])[])[]; } | (string | number | boolean | { [key: string]: string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | /*elided*/ any)[])[])[]; } | (string | number | boolean | { [key: string]: string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | /*elided*/ any)[])[]; } | (string | number | boolean | { [key: string]: string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | /*elided*/ any)[]; } | (string | number | boolean | { [key: string]: string | number | boolean | /*elided*/ any | /*elided*/ any; } | /*elided*/ any)[])[])[])[])[])[])[])[])[])[])[]; }; } | { credential_format: "jwt_vc_json-ld" | "jwt_vc_json"; claims: { [x: string]: string | number | boolean | { [key: string]: string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | /*elided*/ any)[])[])[])[])[])[])[])[])[])[])[]; } | (string | number | boolean | { [key: string]: string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | /*elided*/ any)[])[])[])[])[])[])[])[])[])[]; } | (string | number | boolean | { [key: string]: string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | /*elided*/ any)[])[])[])[])[])[])[])[])[]; } | (string | number | boolean | { [key: string]: string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | /*elided*/ any)[])[])[])[])[])[])[])[]; } | (string | number | boolean | { [key: string]: string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | /*elided*/ any)[])[])[])[])[])[])[]; } | (string | number | boolean | { [key: string]: string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | /*elided*/ any)[])[])[])[])[])[]; } | (string | number | boolean | { [key: string]: string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | /*elided*/ any)[])[])[])[])[]; } | (string | number | boolean | { [key: string]: string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | /*elided*/ any)[])[])[])[]; } | (string | number | boolean | { [key: string]: string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | /*elided*/ any)[])[])[]; } | (string | number | boolean | { [key: string]: string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | /*elided*/ any)[])[]; } | (string | number | boolean | { [key: string]: string | number | boolean | /*elided*/ any | (string | number | boolean | /*elided*/ any | /*elided*/ any)[]; } | (string | number | boolean | { [key: string]: string | number | boolean | /*elided*/ any | /*elided*/ any; } | /*elided*/ any)[])[])[])[])[])[])[])[])[])[])[]; }; }; success: true; typed: true; claim_set_index: number | undefined; presentation_id: string; }; }; credential_sets?: [{ options: [string[], ...string[][]]; required: boolean; matching_options: [string[], ...string[][]] | undefined; purpose?: string | number | { [x: string]: unknown; } | undefined; }, ...{ options: [string[], ...string[][]]; required: boolean; matching_options: [string[], ...string[][]] | undefined; purpose?: string | number | { [x: string]: unknown; } | undefined; }[]] | undefined; }>; } interface ClaimPayloadOptsVID1 extends ClaimPayloadCommonOpts { id_token?: IdTokenClaimPayload; vp_token?: PresentationDefinitionPayloadOpts | DcqlQueryPayloadOpts; } interface ClaimPayloadCommonOpts { [x: string]: any; } interface AuthorizationRequestPayloadOpts extends Partial> { request_uri?: string; } interface RequestObjectPayloadOpts { scope: string; response_type: string; client_id: string; client_id_scheme?: ClientIdScheme; redirect_uri?: string; response_uri?: string; id_token_hint?: string; claims?: CT; nonce?: string; state?: string; aud?: string; authorization_endpoint?: string; response_mode?: ResponseMode; response_types_supported?: ResponseType[] | ResponseType; scopes_supported?: Scope[] | Scope; subject_types_supported?: SubjectType[] | SubjectType; request_object_signing_alg_values_supported?: SigningAlgo[] | SigningAlgo; [x: string]: any; } interface AuthorizationRequestCommonOpts { version: SupportedVersion; clientMetadata?: ClientMetadataOpts; payload?: AuthorizationRequestPayloadOpts; requestObject: RequestObjectOpts; uriScheme?: Schema | string; } type AuthorizationRequestOptsVID1 = AuthorizationRequestCommonOpts; interface AuthorizationRequestOptsVD11 extends AuthorizationRequestCommonOpts { idTokenType?: string; } type CreateAuthorizationRequestOpts = AuthorizationRequestOptsVID1 | AuthorizationRequestOptsVD11; interface VerifyAuthorizationRequestOpts { correlationId: string; verification: Verification; verifyJwtCallback: VerifyJwtCallback; nonce?: string; state?: string; supportedVersions?: SupportedVersion[]; hasher?: HasherSync; } /** * Determines where a property will end up. Methods that support this argument are optional. If you do not provide any value it will default to all targets. */ declare enum PropertyTarget { AUTHORIZATION_REQUEST = "authorization-request", REQUEST_OBJECT = "request-object" } type PropertyTargets = PropertyTarget | PropertyTarget[]; interface RequestPropertyWithTargets { targets?: PropertyTargets; propertyValue: T; } declare class URI implements AuthorizationRequestURI { private readonly _scheme; private readonly _requestObjectJwt; private readonly _authorizationRequestPayload; private readonly _encodedUri; private readonly _encodingFormat; private _registrationMetadataPayload; private constructor(); static fromUri(uri: string): Promise; /** * Create a signed URL encoded URI with a signed SIOP request token on RP side * * @param opts Request input data to build a SIOP Request Token * @remarks This method is used to generate a SIOP request with info provided by the RP. * First it generates the request payload and then it creates the signed JWT, which is returned as a URI * * Normally you will want to use this method to create the request. */ static fromOpts(opts: CreateAuthorizationRequestOpts): Promise; toAuthorizationRequest(): Promise; get requestObjectBy(): ObjectBy; get metadataObjectBy(): ObjectBy; /** * Create a URI from the request object, typically you will want to use the createURI version! * * @remarks This method is used to generate a SIOP request Object with info provided by the RP. * First it generates the request object payload, and then it creates the signed JWT. * * Please note that the createURI method allows you to differentiate between OAuth2 and OpenID parameters that become * part of the URI and which become part of the Request Object. If you generate a URI based upon the result of this method, * the URI will be constructed based on the Request Object only! */ static fromRequestObject(requestObject: RequestObject): Promise; static fromAuthorizationRequest(authorizationRequest: AuthorizationRequest): Promise; /** * Creates an URI Request * @param opts Options to define the Uri Request * @param authorizationRequestPayload * */ private static fromAuthorizationRequestPayload; /** * Create a Authentication Request Payload from a URI string * * @param uri */ static parse(uri: string): { scheme: string; authorizationRequestPayload: AuthorizationRequestPayload; }; static parseAndResolve(uri: string, rpRegistrationMetadata?: RPRegistrationMetadataPayload): Promise<{ scheme: string; authorizationRequestPayload: AuthorizationRequestPayload; requestObjectJwt: string; registrationMetadata: RPRegistrationMetadataPayload; }>; get encodingFormat(): UrlEncodingFormat; get encodedUri(): string; get authorizationRequestPayload(): AuthorizationRequestPayload; get requestObjectJwt(): RequestObjectJwt | undefined; get scheme(): string; get registrationMetadataPayload(): RPRegistrationMetadataPayload; } declare class AuthorizationRequest { private readonly _requestObject?; private readonly _payload; private readonly _options; private _uri; private constructor(); static fromUriOrJwt(jwtOrUri: string | URI): Promise; static fromPayload(payload: AuthorizationRequestPayload): Promise; static fromOpts(opts: CreateAuthorizationRequestOpts, requestObject?: RequestObject): Promise; get payload(): AuthorizationRequestPayload; get requestObject(): RequestObject | undefined; get options(): CreateAuthorizationRequestOpts | undefined; hasRequestObject(): boolean; getSupportedVersion(): Promise; getSupportedVersionsFromPayload(): Promise; uri(): Promise; /** * Verifies a SIOP Request JWT on OP side * * @param opts */ verify(opts: VerifyAuthorizationRequestOpts): Promise; static verify(requestOrUri: string, verifyOpts: VerifyAuthorizationRequestOpts): Promise; requestObjectJwt(): Promise; private static fromJwt; private static fromURI; toStateInfo(): Promise; containsResponseType(singleType: ResponseType | string): Promise; getMergedProperty(key: string): T | undefined; mergedPayloads(): RequestObjectPayload; getPresentationDefinitions(version?: SupportedVersion): Promise; getDcqlQuery(): Promise; } declare const createPresentationDefinitionClaimsProperties: (opts: ClaimPayloadOptsVID1) => Promise; declare const createAuthorizationRequestPayload: (opts: CreateAuthorizationRequestOpts, requestObject?: RequestObject) => Promise; declare const assertValidRPRegistrationMedataPayload: (regObj: RPRegistrationMetadataPayload) => void; declare function assertValidMetadata(opMetadata: DiscoveryMetadataPayload, rpMetadata: RPRegistrationMetadataPayload): CommonSupportedMetadata; declare function supportedCredentialsFormats(rpFormat: Format, opFormat: Format): Format; declare function decodeUriAsJson(uri: string): any; declare function encodeJsonAsURI(json: Record, _opts?: { arraysWithIndex?: string[]; }): string; declare function base64ToHexString(input: string, encoding?: 'base64url' | 'base64'): string; declare function fromBase64(base64: string): string; declare function base64urlEncodeBuffer(buf: { toString: (arg0: 'base64') => string; }): string; declare function base64urlToString(base64url: string): string; declare const getJson: (URL: string, opts?: { bearerToken?: string; contentType?: string | ContentType; accept?: string; customHeaders?: HeadersInit; exceptionOnHttpErrorStatus?: boolean; }) => Promise>; declare const formPost: (url: string, body: BodyInit, opts?: { bearerToken?: string; contentType?: string | ContentType; accept?: string; customHeaders?: HeadersInit; exceptionOnHttpErrorStatus?: boolean; }) => Promise>; declare const post: (url: string, body?: BodyInit, opts?: { bearerToken?: string; contentType?: string | ContentType; accept?: string; customHeaders?: HeadersInit; exceptionOnHttpErrorStatus?: boolean; }) => Promise>; declare const getWithUrl: (url: string, textResponse?: boolean) => Promise; declare const fetchByReferenceOrUseByValue: (referenceURI: string, valueObject: T, textResponse?: boolean) => Promise; declare function extractDataFromPath(obj: unknown, path: string): { path: string[]; value: any; }[]; declare function isStringNullOrEmpty(key: string): boolean; declare function removeNullUndefined(data: T): T; declare const verifyRevocation: (vpToken: WrappedVerifiablePresentation, revocationVerificationCallback: RevocationVerificationCallback, revocationVerification: RevocationVerification) => Promise; declare function getNonce(state: string, nonce?: string): string; declare function toNonce(input: string): string; declare function getState(state?: string): string; declare function createState(): string; type Jwks = { keys: JWK[]; }; type JwksMetadataParams = { jwks?: Jwks; jwks_uri?: string; }; /** * Fetches a JSON Web Key Set (JWKS) from the specified URI. * * @param jwksUri - The URI of the JWKS endpoint. * @returns A Promise that resolves to the JWKS object. * @throws Will throw an error if the fetch fails or if the response is not valid JSON. */ declare function fetchJwks(jwksUri: string): Promise; /** * Extracts JSON Web Key Set (JWKS) from the provided metadata. * If a jwks field is provided, the JWKS will be extracted from the field. * If a jwks_uri is provided, the JWKS will be fetched from the URI. * * @returns A promise that resolves to the extracted JWKS or undefined. * @throws {JoseJwksExtractionError} If the metadata format is invalid or no decryption key is found. * @param metadata */ declare const extractJwksFromJwksMetadata: (metadata: JwksMetadataParams) => Promise; declare class LanguageTagUtils { private static readonly LANGUAGE_TAG_SEPARATOR; /** * It will give back a fields which are language tag enabled. i.e. all fields with the fields names containing * language tags e.g. fieldName#nl-NL * * @param source is the object from which the language enabled fields and their values will be extracted. */ static getAllLanguageTaggedProperties(source: object): Map; /** * It will give back a fields which are language tag enabled and are listed in the required fields. * * @param source is the object from which the language enabled fields and their values will be extracted. * @param requiredFieldNames the fields which are supposed to be language enabled. These are the only fields which should be returned. */ static getLanguageTaggedProperties(source: object, requiredFieldNames: Array): Map; /** * It will give back a fields which are language tag enabled and are mapped in the required fields. * * @param source is the object from which the language enabled fields and their values will be extracted. * @param enabledFieldNamesMapping the fields which are supposed to be language enabled. These are the only fields which should be returned. And * the fields names will be transformed as per the mapping provided. */ static getLanguageTaggedPropertiesMapped(source: object, enabledFieldNamesMapping: Map): Map; private static extractLanguageTaggedField; private static getMappedFieldName; private static getLanguageTag; private static getFieldName; /*** * This function checks about the field to be language-tagged. * * @param languageTagSeparatorIndex * @private */ private static isFieldLanguageTagged; private static assertValidTargetFieldNames; } interface IRPSessionManager { getRequestStateByCorrelationId(correlationId: string, errorOnNotFound?: boolean): Promise; getRequestStateByNonce(nonce: string, errorOnNotFound?: boolean): Promise; getRequestStateByState(state: string, errorOnNotFound?: boolean): Promise; getResponseStateByCorrelationId(correlationId: string, errorOnNotFound?: boolean): Promise; getResponseStateByNonce(nonce: string, errorOnNotFound?: boolean): Promise; getResponseStateByState(state: string, errorOnNotFound?: boolean): Promise; getCorrelationIdByNonce(nonce: string, errorOnNotFound?: boolean): Promise; getCorrelationIdByState(state: string, errorOnNotFound?: boolean): Promise; deleteStateForCorrelationId(correlationId: string): any; } declare class RPBuilder { requestObjectBy: ObjectBy; createJwtCallback?: CreateJwtCallback; verifyJwtCallback?: VerifyJwtCallback; revocationVerification?: RevocationVerification; revocationVerificationCallback?: RevocationVerificationCallback; presentationVerificationCallback?: PresentationVerificationCallback; supportedVersions: SupportedVersion[]; eventEmitter?: EventEmitter; sessionManager?: IRPSessionManager; _responseRedirectUri?: string; private _authorizationRequestPayload; private _requestObjectPayload; clientMetadata?: ClientMetadataOpts; clientId: string; entityId: string; clientIdScheme: string; hasher: HasherSync; private constructor(); withScope(scope: string, targets?: PropertyTargets): RPBuilder; withResponseType(responseType: ResponseType | ResponseType[] | string, targets?: PropertyTargets): RPBuilder; withHasher(hasher: HasherSync): RPBuilder; withClientId(clientId: string, targets?: PropertyTargets): RPBuilder; withClientIdScheme(clientIdScheme: ClientIdScheme, targets?: PropertyTargets): RPBuilder; withEntityId(entityId: string, targets?: PropertyTargets): RPBuilder; withIssuer(issuer: ResponseIss, targets?: PropertyTargets): RPBuilder; withAudience(issuer: RequestAud, targets?: PropertyTargets): RPBuilder; withPresentationVerification(presentationVerificationCallback: PresentationVerificationCallback): RPBuilder; withRevocationVerification(mode: RevocationVerification): RPBuilder; withRevocationVerificationCallback(callback: RevocationVerificationCallback): RPBuilder; withAuthorizationEndpoint(authorizationEndpoint: string, targets?: PropertyTargets): RPBuilder; withRedirectUri(redirectUri: string, targets?: PropertyTargets): RPBuilder; withResponseRedirectUri(responseRedirectUri: string): RPBuilder; withResponseUri(redirectUri: string, targets?: PropertyTargets): RPBuilder; withRequestByReference(referenceUri: string): RPBuilder; withRequestByValue(): RPBuilder; withRequestBy(passBy: PassBy, referenceUri?: string): RPBuilder; withResponseMode(responseMode: ResponseMode, targets?: PropertyTargets): RPBuilder; withClientMetadata(clientMetadata: ClientMetadataOpts, targets?: PropertyTargets): RPBuilder; withCreateJwtCallback(createJwtCallback: CreateJwtCallback): RPBuilder; withVerifyJwtCallback(verifyJwtCallback: VerifyJwtCallback): RPBuilder; withDcqlQuery(dcqlQuery: DcqlQuery | string, targets?: PropertyTargets): RPBuilder; withPresentationDefinition(definitionOpts: { definition: IPresentationDefinition; definitionUri?: string; }, targets?: PropertyTargets): RPBuilder; private initSupportedVersions; addSupportedVersion(supportedVersion: SupportedVersion): RPBuilder; withSupportedVersions(supportedVersion: SupportedVersion[] | SupportedVersion): RPBuilder; withEventEmitter(eventEmitter?: EventEmitter): RPBuilder; withSessionManager(sessionManager: IRPSessionManager): RPBuilder; getSupportedRequestVersion(requireVersion?: boolean): SupportedVersion | undefined; static newInstance(supportedVersion?: SupportedVersion): RPBuilder; build(): RP; get authorizationRequestPayload(): Partial; get requestObjectPayload(): Partial; } declare class RP { get sessionManager(): IRPSessionManager; private readonly _createRequestOptions; private readonly _verifyResponseOptions; private readonly _eventEmitter?; private readonly _sessionManager?; private readonly _responseRedirectUri?; private constructor(); static fromRequestOpts(opts: CreateAuthorizationRequestOpts): RP; static builder(opts?: { requestVersion?: SupportedVersion; }): RPBuilder; createAuthorizationRequest(opts: { correlationId: string; nonce: string | RequestPropertyWithTargets; state: string | RequestPropertyWithTargets; jwtIssuer?: JwtIssuer; claims?: ClaimPayloadCommonOpts | RequestPropertyWithTargets; version?: SupportedVersion; requestByReferenceURI?: string; responseURI?: string; responseURIType?: ResponseURIType; }): Promise; createAuthorizationRequestURI(opts: { correlationId: string; nonce: string | RequestPropertyWithTargets; state: string | RequestPropertyWithTargets; jwtIssuer?: JwtIssuer; claims?: ClaimPayloadCommonOpts | RequestPropertyWithTargets; version?: SupportedVersion; requestByReferenceURI?: string; responseURI?: string; responseURIType?: ResponseURIType; }): Promise; signalAuthRequestRetrieved(opts: { correlationId: string; error?: Error; }): Promise; static processJarmAuthorizationResponse(response: string, opts: { decryptCompact: DecryptCompact; getAuthRequestPayload: (input: JarmDirectPostJwtResponseParams | JarmAuthResponseParams) => Promise<{ authRequestParams: RequestObjectPayload; }>; hasher?: HasherSync; }): Promise<{ authRequestParams: { response_type: string; client_metadata: { jwks?: { keys: ({ kty: string; kid?: string | undefined; } & { [key: string]: unknown; })[]; } | undefined; jwks_uri?: string | undefined; } & { [key: string]: unknown; }; client_id: string; state?: string | undefined; response_mode?: "jwt" | "query.jwt" | "fragment.jwt" | "form_post.jwt" | "direct_post.jwt" | undefined; } & { [key: string]: unknown; }; authResponseParams: { vp_token: string | string[]; presentation_submission: unknown; state?: string | undefined; iss?: string | undefined; exp?: number | undefined; aud?: string | undefined; nonce?: string | undefined; } & { [key: string]: unknown; }; type: "signed encrypted" | "encrypted" | "signed"; }>; verifyAuthorizationResponse(authorizationResponsePayload: AuthorizationResponsePayload, opts?: { correlationId?: string; hasher?: HasherSync; audience?: string; state?: string; nonce?: string; verification?: Verification; presentationDefinitions?: PresentationDefinitionWithLocation | PresentationDefinitionWithLocation[]; dcqlQuery?: DcqlQuery; }): Promise; get createRequestOptions(): CreateAuthorizationRequestOpts; get verifyResponseOptions(): Partial; getResponseRedirectUri(mappings?: Record): string | undefined; private newAuthorizationRequestOpts; private newVerifyAuthorizationResponseOpts; private emitEvent; addEventListener(register: RegisterEventListener): void; } /** * Please note that this session manager is not really meant to be used in large production settings, as it stores everything in memory! * It also doesn't do scheduled cleanups. It runs a cleanup whenever a request or response is received. In a high-volume production setting you will want scheduled cleanups running in the background * Since this is a low level library we have not created a full-fledged implementation. * We suggest to create your own implementation using the event system of the library */ declare class InMemoryRPSessionManager implements IRPSessionManager { private readonly authorizationRequests; private readonly authorizationResponses; private readonly nonceMapping; private readonly stateMapping; private readonly maxAgeInSeconds; private static getKeysForCorrelationId; constructor(eventEmitter: EventEmitter, opts?: { maxAgeInSeconds?: number; }); getRequestStateByCorrelationId(correlationId: string, errorOnNotFound?: boolean): Promise; getRequestStateByNonce(nonce: string, errorOnNotFound?: boolean): Promise; getRequestStateByState(state: string, errorOnNotFound?: boolean): Promise; getResponseStateByCorrelationId(correlationId: string, errorOnNotFound?: boolean): Promise; getResponseStateByNonce(nonce: string, errorOnNotFound?: boolean): Promise; getResponseStateByState(state: string, errorOnNotFound?: boolean): Promise; private getFromMapping; private onAuthorizationRequestCreatedSuccess; private onAuthorizationRequestCreatedFailed; private onAuthorizationRequestSentSuccess; private onAuthorizationRequestSentFailed; private onAuthorizationResponseReceivedSuccess; private onAuthorizationResponseReceivedFailed; private onAuthorizationResponseVerifiedFailed; private onAuthorizationResponseVerifiedSuccess; getCorrelationIdByNonce(nonce: string, errorOnNotFound?: boolean): Promise; getCorrelationIdByState(state: string, errorOnNotFound?: boolean): Promise; private getCorrelationIdImpl; private updateMapping; private updateState; deleteStateForCorrelationId(correlationId: string): Promise; private static cleanMappingForCorrelationId; private cleanup; } declare const DEFAULT_EXPIRATION_TIME: number; interface RequestObjectPayload extends RequestCommonPayload, JWTPayload { scope: string; response_type: ResponseType | string; client_id: string; client_id_scheme?: ClientIdScheme; entity_id?: string; client_metadata: ClientMetadataOpts; redirect_uri?: string; response_uri?: string; nonce: string; state: string; } type RequestObjectJwt = string; interface AuthorizationRequestCommonPayload extends RequestCommonPayload, JWTPayload { request?: string; request_uri?: string; } interface RequestCommonPayload extends JWTPayload { scope?: string; response_type?: ResponseType | string; client_id?: string; redirect_uri?: string; id_token_hint?: string; nonce?: string; state?: string; response_mode?: ResponseMode; } interface AuthorizationRequestPayloadVID1 extends AuthorizationRequestCommonPayload, RequestRegistrationPayloadProperties { claims?: ClaimPayloadVID1; } interface AuthorizationRequestPayloadVD11 extends AuthorizationRequestCommonPayload, RequestClientMetadataPayloadProperties, RequestIdTokenPayloadProperties { claims?: ClaimPayloadCommon; presentation_definition?: PresentationDefinitionV1 | PresentationDefinitionV2 | PresentationDefinitionV1[] | PresentationDefinitionV2[]; presentation_definition_uri?: string; } interface AuthorizationRequestPayloadVD12OID4VPD18 extends AuthorizationRequestCommonPayload, RequestClientMetadataPayloadProperties, RequestIdTokenPayloadProperties { claims?: ClaimPayloadCommon; presentation_definition?: PresentationDefinitionV1 | PresentationDefinitionV2 | PresentationDefinitionV1[] | PresentationDefinitionV2[]; presentation_definition_uri?: string; client_id_scheme?: ClientIdSchemeOID4VPD18; response_uri?: string; } interface AuthorizationRequestPayloadVD12OID4VPD20 extends AuthorizationRequestCommonPayload, RequestClientMetadataPayloadProperties, RequestIdTokenPayloadProperties { claims?: ClaimPayloadCommon; presentation_definition?: PresentationDefinitionV1 | PresentationDefinitionV2 | PresentationDefinitionV1[] | PresentationDefinitionV2[]; presentation_definition_uri?: string; client_id_scheme?: ClientIdSchemeOID4VPD20; response_uri?: string; dcql_query?: string; } type ClientIdSchemeOID4VPD18 = 'pre-registered' | 'redirect_uri' | 'entity_id' | 'did'; type ClientIdSchemeOID4VPD20 = ClientIdSchemeOID4VPD18 | 'x509_san_dns' | 'x509_san_uri' | 'entity_id' | 'verifier_attestation'; type ClientIdScheme = ClientIdSchemeOID4VPD18 | ClientIdSchemeOID4VPD20; type AuthorizationRequestPayload = AuthorizationRequestPayloadVID1 | AuthorizationRequestPayloadVD11 | AuthorizationRequestPayloadVD12OID4VPD18 | AuthorizationRequestPayloadVD12OID4VPD20; type JWTVcPresentationProfileAuthenticationRequestPayload = RequestIdTokenPayloadProperties; interface RequestIdTokenPayloadProperties { id_token_type?: string; } interface RequestClientMetadataPayloadProperties { client_metadata?: RPRegistrationMetadataPayload; client_metadata_uri?: string; } interface RequestRegistrationPayloadProperties { registration?: RPRegistrationMetadataPayload; registration_uri?: string; } type ResponseURIType = 'response_uri' | 'redirect_uri'; interface VerifiedAuthorizationRequest extends Partial { responseURIType: ResponseURIType; responseURI?: string; clientIdScheme?: string; correlationId: string; authorizationRequest: AuthorizationRequest; authorizationRequestPayload: AuthorizationRequestPayload; requestObject?: RequestObject; registrationMetadataPayload: RPRegistrationMetadataPayload; presentationDefinitions?: PresentationDefinitionWithLocation[]; dcqlQuery?: DcqlQuery; verifyOpts: VerifyAuthorizationRequestOpts; versions: SupportedVersion[]; } type IDTokenJwt = string; interface IDTokenPayload extends JWTPayload { iss?: ResponseIss.SELF_ISSUED_V2 | string; sub?: string; aud?: string; iat?: number; exp?: number; auth_time?: number; nonce?: string; _vp_token?: { presentation_submission: PresentationSubmission; }; } type EncodedDcqlQueryVpToken = string; interface AuthorizationResponsePayload { access_token?: string; token_type?: string; refresh_token?: string; expires_in?: number; state?: string; id_token?: string; vp_token?: Array | W3CVerifiablePresentation | CompactSdJwtVc | MdocOid4vpMdocVpToken | EncodedDcqlQueryVpToken; presentation_submission?: PresentationSubmission; verifiedData?: IPresentation | AdditionalClaims; is_first_party?: boolean; [x: string]: any; } interface IdTokenClaimPayload { [x: string]: any; } interface VpTokenClaimPayload { presentation_definition?: PresentationDefinitionV1 | PresentationDefinitionV2; presentation_definition_uri?: string; dcql_query?: string; } interface ClaimPayloadCommon { [x: string]: any; } interface ClaimPayloadVID1 extends ClaimPayloadCommon { id_token?: IdTokenClaimPayload; vp_token?: VpTokenClaimPayload; } /** * A wrapper for verifiablePresentation * */ interface VerifiablePresentationWithFormat { format: VerifiablePresentationTypeFormat; presentation: W3CVerifiablePresentation; } interface RequestStateInfo { client_id: string; nonce?: string; state?: string; iat?: number; } interface DiscoveryMetadataCommonOpts { authorizationEndpoint?: Schema | string; issuer?: ResponseIss | string; responseTypesSupported?: ResponseType[] | ResponseType; scopesSupported?: Scope[] | Scope; subjectTypesSupported?: SubjectType[] | SubjectType; idTokenSigningAlgValuesSupported?: SigningAlgo[] | SigningAlgo; requestObjectSigningAlgValuesSupported?: SigningAlgo[] | SigningAlgo; subject_syntax_types_supported?: string[]; tokenEndpoint?: string; userinfoEndpoint?: string; jwksUri?: string; registrationEndpoint?: string; responseModesSupported?: ResponseMode[] | ResponseMode; grantTypesSupported?: GrantType[] | GrantType; acrValuesSupported?: AuthenticationContextReferences[] | AuthenticationContextReferences; idTokenEncryptionAlgValuesSupported?: SigningAlgo[] | SigningAlgo; idTokenEncryptionEncValuesSupported?: string[] | string; userinfoSigningAlgValuesSupported?: SigningAlgo[] | SigningAlgo; userinfoEncryptionAlgValuesSupported?: SigningAlgo[] | SigningAlgo; userinfoEncryptionEncValuesSupported?: string[] | string; requestObjectEncryptionAlgValuesSupported?: SigningAlgo[] | SigningAlgo; requestObjectEncryptionEncValuesSupported?: string[] | string; tokenEndpointAuthMethodsSupported?: TokenEndpointAuthMethod[] | TokenEndpointAuthMethod; tokenEndpointAuthSigningAlgValuesSupported?: SigningAlgo[] | SigningAlgo; displayValuesSupported?: string[] | string; claimTypesSupported?: ClaimType[] | ClaimType; claimsSupported?: string[] | string; serviceDocumentation?: string; claimsLocalesSupported?: string[] | string; uiLocalesSupported?: string[] | string; claimsParameterSupported?: boolean; requestParameterSupported?: boolean; requestUriParameterSupported?: boolean; requireRequestUriRegistration?: boolean; opPolicyUri?: string; opTosUri?: string; [x: string]: any; } interface DiscoveryMetadataOptsVID1 extends DiscoveryMetadataCommonOpts { client_id?: string; redirectUris?: string[] | string; clientName?: string; clientUri?: string; scope?: string; contacts?: string[]; tosUri?: string; policyUri?: string; jwks?: JWKS; softwareId?: string; softwareVersion?: string; tokenEndpointAuthMethod?: string; applicationType?: string; responseTypes?: string; grantTypes?: string; vpFormats?: Format; } interface JWT_VCDiscoveryMetadataOpts extends DiscoveryMetadataOptsVID1 { logo_uri?: string; clientPurpose?: string; } interface DiscoveryMetadataOptsVD11 extends DiscoveryMetadataCommonOpts { idTokenTypesSupported?: IdTokenType[] | IdTokenType; vpFormatsSupported?: Format; } interface DiscoveryMetadataCommonPayload { authorization_endpoint?: Schema | string; issuer?: ResponseIss | string; response_types_supported?: ResponseType[] | ResponseType; scopes_supported?: Scope[] | Scope; subject_types_supported?: SubjectType[] | SubjectType; id_token_signing_alg_values_supported?: SigningAlgo[] | SigningAlgo; request_object_signing_alg_values_supported?: SigningAlgo[] | SigningAlgo; subject_syntax_types_supported?: string[]; token_endpoint?: string; userinfo_endpoint?: string; jwks_uri?: string; registration_endpoint?: string; response_modes_supported?: ResponseMode[] | ResponseMode; grant_types_supported?: GrantType[] | GrantType; acr_values_supported?: AuthenticationContextReferences[] | AuthenticationContextReferences; id_token_encryption_alg_values_supported?: SigningAlgo[] | SigningAlgo; /** * OPTIONAL. JSON array containing a list of the JWE encryption algorithms (enc values) supported by the OP for the ID Token to encode the Claims in a JWT [JWT]. */ id_token_encryption_enc_values_supported?: string[] | string; userinfo_signing_alg_values_supported?: SigningAlgo[] | SigningAlgo; userinfo_encryption_alg_values_supported?: SigningAlgo[] | SigningAlgo; /** * OPTIONAL. JSON array containing a list of the JWE encryption algorithms (enc values) [JWA] supported by the UserInfo Endpoint to encode the Claims in a JWT [JWT]. */ userinfo_encryption_enc_values_supported?: string[] | string; request_object_encryption_alg_values_supported?: SigningAlgo[] | SigningAlgo; /** * OPTIONAL. JSON array containing a list of the JWE encryption algorithms (enc values) supported by the OP for Request Objects. These algorithms are used both when the Request Object is passed by value and when it is passed by reference. */ request_object_encryption_enc_values_supported?: string[] | string; token_endpoint_auth_methods_supported?: TokenEndpointAuthMethod[] | TokenEndpointAuthMethod; token_endpoint_auth_signing_alg_values_supported?: SigningAlgo[] | SigningAlgo; /** * OPTIONAL. JSON array containing a list of the display parameter values that the OpenID Provider supports. These values are described in Section 3.1.2.1 of OpenID Connect Core 1.0 [OpenID.Core]. */ display_values_supported?: unknown[] | unknown; /** * OPTIONAL. JSON array containing a list of the Claim Types that the OpenID Provider supports. These Claim Types are described in Section 5.6 of OpenID Connect Core 1.0 [OpenID.Core]. Values defined by this specification are normal, aggregated, and distributed. If omitted, the implementation supports only normal Claims. */ claim_types_supported?: ClaimType[] | ClaimType; /** * RECOMMENDED. JSON array containing a list of the Claim Names of the Claims that the OpenID Provider MAY be able to supply values for. Note that for privacy or other reasons, this might not be an exhaustive list. */ claims_supported?: string[] | string; service_documentation?: string; claims_locales_supported?: string[] | string; ui_locales_supported?: string[] | string; claims_parameter_supported?: boolean; request_parameter_supported?: boolean; request_uri_parameter_supported?: boolean; require_request_uri_registration?: boolean; op_policy_uri?: string; op_tos_uri?: string; [x: string]: any; } interface DiscoveryMetadataPayloadVID1 extends DynamicRegistrationClientMetadata, DiscoveryMetadataCommonPayload { client_id?: string; application_type?: string; vp_formats?: Format; } interface JWT_VCDiscoveryMetadataPayload extends DiscoveryMetadataPayloadVID1 { client_purpose?: string; } interface DiscoveryMetadataPayloadVD11 extends DiscoveryMetadataCommonPayload { id_token_types_supported?: IdTokenType[] | IdTokenType; vp_formats_supported?: Format; } type DiscoveryMetadataPayload = DiscoveryMetadataPayloadVID1 | JWT_VCDiscoveryMetadataPayload | DiscoveryMetadataPayloadVD11; type DiscoveryMetadataOpts = (JWT_VCDiscoveryMetadataOpts | DiscoveryMetadataOptsVID1 | DiscoveryMetadataOptsVD11) & DiscoveryMetadataCommonOpts; type ClientMetadataOpts = RPRegistrationMetadataOpts & ClientMetadataProperties & JarmClientMetadata & JwksMetadataParams; type ResponseRegistrationOpts = DiscoveryMetadataOpts & ClientMetadataProperties; type RPRegistrationMetadataOpts = Partial> & { [x: string]: any; }; type RPRegistrationMetadataPayload = Pick & { [x: string]: any; }; interface CommonSupportedMetadata { subject_syntax_types_supported?: string[]; vp_formats: Format; } interface ObjectBy { passBy: PassBy; reference_uri?: string; targets?: PropertyTargets; } declare enum AuthenticationContextReferences { PHR = "phr", PHRH = "phrh" } declare enum ClaimType { NORMAL = "normal", AGGREGATED = "aggregated", DISTRIBUTED = "distributed" } declare enum IdTokenType { SUBJECT_SIGNED = "subject_signed", ATTESTER_SIGNED = "attester_signed" } interface ClientMetadataProperties extends ObjectBy { id_token_encrypted_response_alg?: EncKeyAlgorithm; id_token_encrypted_response_enc?: EncSymmetricAlgorithmCode; } declare enum VerifiablePresentationTypeFormat { JWT_VP = "jwt_vp", LDP_VP = "ldp_vp", SD_JWT_VC = "vc+sd-jwt", MSO_MDOC = "mso_mdoc" } declare enum VerifiableCredentialTypeFormat { LDP_VC = "ldp_vc", JWT_VC = "jwt_vc", SD_JWT_VC = "vc+sd-jwt", MSO_MDOC = "mso_mdoc" } declare enum EncSymmetricAlgorithmCode { XC20P = "XC20P" } declare enum EncKeyAlgorithm { ECDH_ES = "ECDH-ES" } declare enum PassBy { NONE = "NONE", REFERENCE = "REFERENCE", VALUE = "VALUE" } declare enum ResponseContext { RP = "rp", OP = "op" } interface Verification { presentationVerificationCallback?: PresentationVerificationCallback; revocationOpts?: RevocationOpts; replayRegistry?: IRPSessionManager; } interface ResponseClaims { verified_claims?: string; encryption_key?: JsonWebKey; } interface VerifiedIDToken { jwt: string; payload: IDTokenPayload; verifyOpts: VerifyAuthorizationResponseOpts; } interface VerifiedOpenID4VPSubmissionDcql { dcqlQuery: DcqlQuery; presentation: { [credentialQueryId: string]: WrappedVerifiablePresentation; }; nonce?: string; } interface VerifiedOpenID4VPSubmission { submissionData: PresentationSubmission; presentationDefinitions: PresentationDefinitionWithLocation[]; presentations: WrappedVerifiablePresentation[]; nonce?: string; } interface VerifiedAuthorizationResponse { correlationId: string; authorizationResponse: AuthorizationResponse; oid4vpSubmission?: VerifiedOpenID4VPSubmission; oid4vpSubmissionDcql?: VerifiedOpenID4VPSubmissionDcql; nonce?: string; state: string; idToken?: VerifiedIDToken; verifyOpts?: VerifyAuthorizationResponseOpts; } declare enum GrantType { AUTHORIZATION_CODE = "authorization_code", IMPLICIT = "implicit" } declare enum ResponseMode { FRAGMENT = "fragment", FORM_POST = "form_post", POST = "post",// Used in OID4VP spec <= version 17 DIRECT_POST = "direct_post", QUERY = "query", DIRECT_POST_JWT = "direct_post.jwt", QUERY_JWT = "query.jwt", FRAGMENT_JWT = "fragment.jwt" } declare enum ProtocolFlow { SAME_DEVICE = "same_device", CROSS_DEVICE = "cross_device" } interface SignatureResponse { jws: string; } declare enum UrlEncodingFormat { FORM_URL_ENCODED = "application/x-www-form-urlencoded" } type SIOPURI = { encodedUri: string; encodingFormat: UrlEncodingFormat; }; interface UriResponse extends SIOPURI { responseMode?: ResponseMode; bodyEncoded?: string; } interface AuthorizationRequestURI extends SIOPURI { scheme: string; requestObjectBy: ObjectBy; authorizationRequestPayload: AuthorizationRequestPayload; requestObjectJwt?: RequestObjectJwt; } interface ParsedAuthorizationRequestURI extends SIOPURI { scheme: string; requestObjectJwt?: RequestObjectJwt; authorizationRequestPayload: AuthorizationRequestPayload; registration: RPRegistrationMetadataPayload; } declare enum KeyType { EC = "EC" } declare enum KeyCurve { SECP256k1 = "secp256k1", ED25519 = "ed25519" } declare enum TokenEndpointAuthMethod { CLIENT_SECRET_POST = "client_secret_post", CLIENT_SECRET_BASIC = "client_secret_basic", CLIENT_SECRET_JWT = "client_secret_jwt", PRIVATE_KEY_JWT = "private_key_jwt" } declare enum Scope { OPENID = "openid", OPENID_DIDAUTHN = "openid did_authn", PROFILE = "profile", EMAIL = "email", ADDRESS = "address", PHONE = "phone" } declare enum ResponseType { ID_TOKEN = "id_token", VP_TOKEN = "vp_token" } declare enum SubjectIdentifierType { JKT = "jkt", DID = "did" } declare enum SubjectSyntaxTypesSupportedValues { DID = "did", JWK_THUMBPRINT = "urn:ietf:params:oauth:jwk-thumbprint" } declare enum CredentialFormat { JSON_LD = "w3cvc-jsonld", JWT = "jwt" } declare enum SubjectType { PUBLIC = "public", PAIRWISE = "pairwise" } declare enum Schema { OPENID = "openid:", OPENID_VC = "openid-vc:" } declare enum ResponseIss { SELF_ISSUED_V1 = "https://self-issued.me", SELF_ISSUED_V2 = "https://self-issued.me/v2", JWT_VC_PRESENTATION_V1 = "https://self-issued.me/v2/openid-vc" } declare enum RequestAud { SELF_ISSUED_V2 = "https://self-issued.me/v2" } declare const isRequestOpts: (object: CreateAuthorizationRequestOpts | AuthorizationResponseOpts) => object is CreateAuthorizationRequestOpts; declare const isResponseOpts: (object: RequestObjectOpts | AuthorizationResponseOpts) => object is RequestObjectOpts; declare const isRequestPayload: (object: AuthorizationRequestPayload | RequestObjectPayload | AuthorizationResponsePayload | IDTokenPayload) => object is AuthorizationRequestPayload; declare const isResponsePayload: (object: RequestObjectPayload | IDTokenPayload) => object is IDTokenPayload; declare const isVP: (object: IVerifiablePresentation | IPresentation) => object is IVerifiablePresentation; declare const isPresentation: (object: IVerifiablePresentation | IPresentation) => object is IPresentation; declare enum RevocationStatus { VALID = "valid", INVALID = "invalid" } interface IRevocationVerificationStatus { status: RevocationStatus; error?: string; } type RevocationVerificationCallback = (vc: W3CVerifiableCredential, type: VerifiableCredentialTypeFormat) => Promise; declare enum RevocationVerification { NEVER = "never",// We don't want to verify revocation IF_PRESENT = "if_present",// If credentialStatus is present, did-auth-siop will verify revocation. If present and not valid an exception is thrown ALWAYS = "always" } interface RevocationOpts { revocationVerification: RevocationVerification; revocationVerificationCallback?: RevocationVerificationCallback; } declare enum SupportedVersion { SIOPv2_ID1 = 70, SIOPv2_D11 = 110, SIOPv2_D12_OID4VP_D18 = 180, SIOPv2_D12_OID4VP_D20 = 200, JWT_VC_PRESENTATION_PROFILE_v1 = 71 } interface SIOPResonse { origResponse: Response; successBody?: T; errorBody?: ErrorResponse; } interface ErrorResponse extends Response { error: string; error_description?: string; error_uri?: string; state?: string; } declare enum ContentType { FORM_URL_ENCODED = "application/x-www-form-urlencoded", UTF_8 = "UTF-8" } declare enum AuthorizationEvents { ON_AUTH_REQUEST_CREATED_SUCCESS = "onAuthRequestCreatedSuccess", ON_AUTH_REQUEST_CREATED_FAILED = "onAuthRequestCreatedFailed", ON_AUTH_REQUEST_SENT_SUCCESS = "onAuthRequestSentSuccess", ON_AUTH_REQUEST_SENT_FAILED = "onAuthRequestSentFailed", ON_AUTH_REQUEST_RECEIVED_SUCCESS = "onAuthRequestReceivedSuccess", ON_AUTH_REQUEST_RECEIVED_FAILED = "onAuthRequestReceivedFailed", ON_AUTH_REQUEST_VERIFIED_SUCCESS = "onAuthRequestVerifiedSuccess", ON_AUTH_REQUEST_VERIFIED_FAILED = "onAuthRequestVerifiedFailed", ON_AUTH_RESPONSE_CREATE_SUCCESS = "onAuthResponseCreateSuccess", ON_AUTH_RESPONSE_CREATE_FAILED = "onAuthResponseCreateFailed", ON_AUTH_RESPONSE_SENT_SUCCESS = "onAuthResponseSentSuccess", ON_AUTH_RESPONSE_SENT_FAILED = "onAuthResponseSentFailed", ON_AUTH_RESPONSE_RECEIVED_SUCCESS = "onAuthResponseReceivedSuccess", ON_AUTH_RESPONSE_RECEIVED_FAILED = "onAuthResponseReceivedFailed", ON_AUTH_RESPONSE_VERIFIED_SUCCESS = "onAuthResponseVerifiedSuccess", ON_AUTH_RESPONSE_VERIFIED_FAILED = "onAuthResponseVerifiedFailed" } declare class AuthorizationEvent { private readonly _subject; private readonly _error?; private readonly _timestamp; private readonly _correlationId; constructor(args: { correlationId: string; subject?: T; error?: Error; }); get subject(): T | undefined; get timestamp(): number; get error(): Error | undefined; hasError(): boolean; get correlationId(): string; } interface RegisterEventListener { event: AuthorizationEvents | AuthorizationEvents[]; listener: (...args: any[]) => void; } interface AuthorizationRequestState { correlationId?: string; request: AuthorizationRequest; status: AuthorizationRequestStateStatus; timestamp: number; lastUpdated: number; error?: Error; } interface AuthorizationResponseState { correlationId?: string; response: AuthorizationResponse; status: AuthorizationResponseStateStatus; timestamp: number; lastUpdated: number; error?: Error; } declare enum AuthorizationRequestStateStatus { CREATED = "created", SENT = "sent", RECEIVED = "received", VERIFIED = "verified", ERROR = "error" } declare enum AuthorizationResponseStateStatus { CREATED = "created", SENT = "sent", RECEIVED = "received", VERIFIED = "verified", ERROR = "error" } declare const LOG: ISimpleLogger; declare const assertValidRequestRegistrationOpts: (opts: ClientMetadataOpts) => void; declare const createRequestRegistration: (clientMetadataOpts: ClientMetadataOpts, createRequestOpts: CreateAuthorizationRequestOpts) => Promise<{ payload: RequestRegistrationPayloadProperties | RequestClientMetadataPayloadProperties; metadata: RPRegistrationMetadataPayload; createRequestOpts: CreateAuthorizationRequestOpts; clientMetadataOpts: ClientMetadataOpts; }>; declare const RequestRegistration_assertValidRequestRegistrationOpts: typeof assertValidRequestRegistrationOpts; declare const RequestRegistration_createRequestRegistration: typeof createRequestRegistration; declare namespace RequestRegistration { export { RequestRegistration_assertValidRequestRegistrationOpts as assertValidRequestRegistrationOpts, RequestRegistration_createRequestRegistration as createRequestRegistration }; } declare class PresentationExchange { readonly pex: PEX; readonly allVerifiableCredentials: OriginalVerifiableCredential[]; readonly allDIDs: any; constructor(opts: { allDIDs?: string[]; allVerifiableCredentials: OriginalVerifiableCredential[]; hasher?: Hasher; }); /** * Construct presentation submission from selected credentials * @param presentationDefinition payload object received by the OP from the RP * @param selectedCredentials * @param presentationSignCallback * @param options */ createVerifiablePresentation(presentationDefinition: IPresentationDefinition, selectedCredentials: OriginalVerifiableCredential[], presentationSignCallback: PresentationSignCallback, options?: VerifiablePresentationFromOpts): Promise; private removeMDocCredentials; /** * This method will be called from the OP when we are certain that we have a * PresentationDefinition object inside our requestPayload * Finds a set of `VerifiableCredential`s from a list supplied to this class during construction, * matching presentationDefinition object found in the requestPayload * if requestPayload doesn't contain any valid presentationDefinition throws an error * if PEX library returns any error in the process, throws the error * returns the SelectResults object if successful * @param presentationDefinition object received by the OP from the RP * @param opts */ selectVerifiableCredentialsForSubmission(presentationDefinition: IPresentationDefinition, opts?: { holderDIDs?: string[]; restrictToFormats?: Format; restrictToDIDMethods?: string[]; }): Promise; /** * validatePresentationAgainstDefinition function is called mainly by the RP * after receiving the VP from the OP * @param presentationDefinition object containing PD * @param verifiablePresentation * @param opts */ static validatePresentationAgainstDefinition(presentationDefinition: IPresentationDefinition, verifiablePresentation: OriginalVerifiablePresentation | WrappedVerifiablePresentation, opts?: { limitDisclosureSignatureSuites?: string[]; restrictToFormats?: Format; restrictToDIDMethods?: string[]; presentationSubmission?: PresentationSubmission$1; hasher?: Hasher; }): Promise; static assertValidPresentationSubmission(presentationSubmission: PresentationSubmission$1): void; /** * Finds a valid PresentationDefinition inside the given AuthenticationRequestPayload * throws exception if the PresentationDefinition is not valid * returns null if no property named "presentation_definition" is found * returns a PresentationDefinition if a valid instance found * @param authorizationRequestPayload object that can have a presentation_definition inside * @param version */ static findValidPresentationDefinitions(authorizationRequestPayload: AuthorizationRequestPayload, version?: SupportedVersion): Promise; static assertValidPresentationDefinitionWithLocations(definitionsWithLocations: PresentationDefinitionWithLocation[]): void; private static assertValidPresentationDefinition; static validatePresentationsAgainstDefinitions(definitions: PresentationDefinitionWithLocation[], vpPayloads: Array | WrappedVerifiablePresentation, verifyPresentationCallback?: PresentationVerificationCallback | undefined, opts?: { limitDisclosureSignatureSuites?: string[]; restrictToFormats?: Format; restrictToDIDMethods?: string[]; presentationSubmission?: PresentationSubmission$1; hasher?: Hasher; }): Promise; static validatePresentationsAgainstDefinition(definition: IPresentationDefinition, vpPayloads: Array | WrappedVerifiablePresentation, verifyPresentationCallback?: PresentationVerificationCallback, opts?: { limitDisclosureSignatureSuites?: string[]; restrictToFormats?: Format; restrictToDIDMethods?: string[]; presentationSubmission?: PresentationSubmission$1; hasher?: Hasher; }): Promise; } declare class OPBuilder { expiresIn?: number; issuer?: IIssuerId | ResponseIss; responseMode?: ResponseMode; responseRegistration?: Partial; createJwtCallback?: CreateJwtCallback; verifyJwtCallback?: VerifyJwtCallback; presentationSignCallback?: PresentationSignCallback; supportedVersions?: SupportedVersion[]; eventEmitter?: EventEmitter; hasher?: HasherSync; withHasher(hasher: HasherSync): OPBuilder; withIssuer(issuer: ResponseIss | string): OPBuilder; withExpiresIn(expiresIn: number): OPBuilder; withResponseMode(responseMode: ResponseMode): OPBuilder; withRegistration(responseRegistration: ResponseRegistrationOpts, targets?: PropertyTargets): OPBuilder; withCreateJwtCallback(createJwtCallback: CreateJwtCallback): OPBuilder; withVerifyJwtCallback(verifyJwtCallback: VerifyJwtCallback): OPBuilder; withSupportedVersions(supportedVersions: SupportedVersion[] | SupportedVersion | string[] | string): OPBuilder; addSupportedVersion(supportedVersion: string | SupportedVersion): OPBuilder; withPresentationSignCallback(presentationSignCallback: PresentationSignCallback): OPBuilder; withEventEmitter(eventEmitter?: EventEmitter): OPBuilder; build(): OP; } declare class OP { private readonly _createResponseOptions; private readonly _verifyRequestOptions; private readonly _eventEmitter?; private constructor(); /** * This method tries to infer the SIOP specs version based on the request payload. * If the version cannot be inferred or is not supported it throws an exception. * This method needs to be called to ensure the OP can handle the request * @param requestJwtOrUri * @param requestOpts */ verifyAuthorizationRequest(requestJwtOrUri: string | URI, requestOpts?: { correlationId?: string; verification?: Verification; }): Promise; createAuthorizationResponse(verifiedAuthorizationRequest: VerifiedAuthorizationRequest, responseOpts: { jwtIssuer?: JwtIssuer; version?: SupportedVersion; correlationId?: string; audience?: string; issuer?: ResponseIss | string; verification?: Verification; presentationExchange?: PresentationExchangeResponseOpts; dcqlResponse?: DcqlResponseOpts; isFirstParty?: boolean; }): Promise; static extractEncJwksFromClientMetadata(clientMetadata: JwksMetadataParams): Promise; submitAuthorizationResponse(authorizationResponse: AuthorizationResponseWithCorrelationId, createJarmResponse?: (opts: { authorizationResponsePayload: AuthorizationResponsePayload; requestObjectPayload: RequestObjectPayload; clientMetadata: JwksMetadataParams; }) => Promise<{ response: string; }>): Promise; /** * Create an Authentication Request Payload from a URI string * * @param encodedUri * @param rpRegistrationMetadata */ parseAuthorizationRequestURI(encodedUri: string, rpRegistrationMetadata?: RPRegistrationMetadataPayload): Promise; private newAuthorizationResponseOpts; private newVerifyAuthorizationRequestOpts; private emitEvent; addEventListener(register: RegisterEventListener): void; static fromOpts(responseOpts: AuthorizationResponseOpts, verifyOpts: VerifyAuthorizationRequestOpts): OP; static builder(): OPBuilder; get createResponseOptions(): AuthorizationResponseOpts; get verifyRequestOptions(): Partial; static validateJarmMetadata(input: { client_metadata: JarmClientMetadata; server_metadata: Partial; }): { type: "signed"; client_metadata: { authorization_encrypted_response_alg: never; authorization_encrypted_response_enc: never; authorization_signed_response_alg?: string; }; } | { type: "encrypted"; client_metadata: { authorization_signed_response_alg: never; authorization_encrypted_response_alg: string; authorization_encrypted_response_enc: string; }; } | { type: "signed encrypted"; client_metadata: { authorization_encrypted_response_alg: string; authorization_encrypted_response_enc: string; authorization_signed_response_alg?: string; }; }; } export { AuthenticationContextReferences, AuthorizationEvent, AuthorizationEvents, AuthorizationRequest, type AuthorizationRequestCommonPayload, type AuthorizationRequestOptsVD11, type AuthorizationRequestOptsVID1, type AuthorizationRequestPayload, type AuthorizationRequestPayloadOpts, type AuthorizationRequestPayloadVD11, type AuthorizationRequestPayloadVD12OID4VPD18, type AuthorizationRequestPayloadVD12OID4VPD20, type AuthorizationRequestPayloadVID1, type AuthorizationRequestState, AuthorizationRequestStateStatus, type AuthorizationRequestURI, AuthorizationResponse, type AuthorizationResponseOpts, type AuthorizationResponsePayload, type AuthorizationResponseState, AuthorizationResponseStateStatus, type AuthorizationResponseWithCorrelationId, type ClaimPayloadCommon, type ClaimPayloadCommonOpts, type ClaimPayloadOptsVID1, type ClaimPayloadVID1, ClaimType, type ClientIdScheme, type ClientIdSchemeOID4VPD18, type ClientIdSchemeOID4VPD20, type ClientMetadataOpts, type ClientMetadataProperties, type CommonSupportedMetadata, ContentType, type CreateAuthorizationRequestOpts, type CreateJwtCallback, CredentialFormat, DEFAULT_EXPIRATION_TIME, Dcql, type DcqlQueryPayloadOpts, type DcqlResponseOpts, type DecryptCompact, type DiscoveryMetadataOpts, type DiscoveryMetadataPayload, type EcdsaSignature, EncKeyAlgorithm, EncSymmetricAlgorithmCode, type EncodedDcqlQueryVpToken, type ErrorResponse, GrantType, IDToken, type IDTokenJwt, type IDTokenPayload, type IRPSessionManager, type IRevocationVerificationStatus, type IdTokenClaimPayload, IdTokenType, InMemoryRPSessionManager, type JWK, type JWTPayload, type JWTVcPresentationProfileAuthenticationRequestPayload, type Jwks, type JwksMetadataParams, type JwtIssuanceContext, type JwtIssuerWithContext, type JwtVerifier, KeyCurve, KeyType, LOG, LanguageTagUtils, OP, OPBuilder, type ObjectBy, type ParsedAuthorizationRequestURI, PassBy, PresentationDefinitionLocation, type PresentationDefinitionPayloadOpts, type PresentationDefinitionWithLocation, PresentationExchange, type PresentationExchangeResponseOpts, type PresentationSignCallback, type PresentationVerificationCallback, type PresentationVerificationResult, PropertyTarget, type PropertyTargets, ProtocolFlow, RP, RPBuilder, RequestRegistration as RPRegistrationMetadata, type RPRegistrationMetadataOpts, type RPRegistrationMetadataPayload, type RegisterEventListener, RequestAud, type RequestClientMetadataPayloadProperties, type RequestCommonPayload, type RequestIdTokenPayloadProperties, RequestObject, type RequestObjectJwt, type RequestObjectOpts, type RequestObjectPayload, type RequestObjectPayloadOpts, type RequestPropertyWithTargets, type RequestRegistrationPayloadProperties, type RequestStateInfo, type ResponseClaims, ResponseContext, ResponseIss, ResponseMode, type ResponseRegistrationOpts, ResponseType, type ResponseURIType, type RevocationOpts, RevocationStatus, RevocationVerification, type RevocationVerificationCallback, SIOPErrors, type SIOPResonse, type SIOPURI, Schema, Scope, type SignatureResponse, SubjectIdentifierType, SubjectSyntaxTypesSupportedValues, SubjectType, SupportedVersion, TokenEndpointAuthMethod, URI, type UriResponse, UrlEncodingFormat, VPTokenLocation, VerifiableCredentialTypeFormat, VerifiablePresentationTypeFormat, type VerifiablePresentationWithFormat, type VerifiablePresentationWithSubmissionData, type Verification, type VerifiedAuthorizationRequest, type VerifiedAuthorizationResponse, type VerifiedIDToken, type VerifiedJWT, type VerifiedOpenID4VPSubmission, type VerifiedOpenID4VPSubmissionDcql, type VerifyAuthorizationRequestOpts, type VerifyAuthorizationResponseOpts, type VerifyJwtCallback, type VpTokenClaimPayload, assertValidMetadata, assertValidRPRegistrationMedataPayload, assertValidRequestObjectPayload, assertValidVerifiablePresentations, base64ToHexString, base64urlEncodeBuffer, base64urlToString, createAuthorizationRequestPayload, createDiscoveryMetadataPayload, createIDTokenPayload, createPresentationDefinitionClaimsProperties, createPresentationSubmission, createRequestObjectPayload, createResponsePayload, createState, decodeUriAsJson, encodeJsonAsURI, extractDataFromPath, extractDcqlPresentationFromDcqlVpToken, extractJwksFromJwksMetadata, extractNonceFromWrappedVerifiablePresentation, extractPresentationsFromDcqlVpToken, extractPresentationsFromVpToken, fetchByReferenceOrUseByValue, fetchJwks, formPost, fromBase64, getJson, getJwkVerifier, getJwtVerifierWithContext, getNonce, getRequestObjectJwtVerifier, getState, getWithUrl, isPresentation, isRequestOpts, isRequestPayload, isResponseOpts, isResponsePayload, isStringNullOrEmpty, isVP, mergeOAuth2AndOpenIdInRequestPayload, post, putPresentationSubmissionInLocation, removeNullUndefined, supportedCredentialsFormats, toNonce, verifyPresentations, verifyRevocation };