Sphereon
OpenID for Verifiable Credential Issuance - Issuer

[![CI](https://github.com/Sphereon-Opensource/openid4vci-client/actions/workflows/main.yml/badge.svg)](https://github.com/Sphereon-Opensource/openid4vci-client/actions/workflows/main.yml) [![codecov](https://codecov.io/gh/Sphereon-Opensource/openid4vci-client/branch/develop/graph/badge.svg)](https://codecov.io/gh/Sphereon-Opensource/openid4vci-client) [![NPM Version](https://img.shields.io/npm/v/@sphereon/oid4vci-client.svg)](https://npm.im/@sphereon/oid4vci-client) _IMPORTANT the packages are in an early development stage and currently only supports the pre-authorized code flow of OpenID4VCI! Work is underway for the Authorized Flows as well, but not fully supported yet_ # Background The OpenID4VCI issuer is used in issuer type applications, where an organization is issuing the credential(s) ## Credential Offer State Manager The CredentialOfferState is used to track of the creation date of the credential offer: ```typescript export interface CredentialOfferState { credentialOffer: CredentialOfferPayloadV1_0_11 createdOn: number } ``` The ICredentialOfferStateManager allows to have a custom implementation of the state manager: ```typescript export interface ICredentialOfferStateManager { setState(state: string, payload: CredentialOfferState): Promise> getState(state: string): Promise hasState(state: string): Promise deleteState(state: string): Promise clearExpiredStates(timestamp?: number): Promise // clears all expired states compared against timestamp if provided, otherwise current timestamp clearAllStates(): Promise // clears all states } ``` Here is an example, an in-memory implementation of the ICredentialOfferStateManager ```typescript export class MemoryCredentialOfferStateManager implements ICredentialOfferStateManager { private readonly credentialOfferStateManager: Map constructor() { this.credentialOfferStateManager = new Map() } async clearAllStates(): Promise { this.credentialOfferStateManager.clear() } async clearExpiredStates(timestamp?: number): Promise { const states = Array.from(this.credentialOfferStateManager.entries()) timestamp = timestamp ?? +new Date() for (const [issuerState, state] of states) { if (state.createdOn < timestamp) { this.credentialOfferStateManager.delete(issuerState) } } } async deleteState(state: string): Promise { return this.credentialOfferStateManager.delete(state) } async getState(state: string): Promise { return this.credentialOfferStateManager.get(state) } async hasState(state: string): Promise { return this.credentialOfferStateManager.has(state) } async setState(state: string, payload: CredentialOfferState): Promise> { return this.credentialOfferStateManager.set(state, payload) } } ``` ### Usage Pass an instance of the state manager to the VC Issuer Builder ```typescript const vcIssuer = new VcIssuerBuilder() .withAuthorizationServer('https://authorization-server') .withCredentialEndpoint('https://credential-endpoint') .withCredentialIssuer('https://credential-issuer') .withIssuerDisplay({ name: 'example issuer', locale: 'en-US', }) .withCredentialsSupported(credentialsSupported) .withInMemoryCredentialOfferStates(new MemoryCredentialOfferStateManager()) .build() ```