OID4VP

CHANGELOG.md

@@ -1,5 +1,17 @@
 # @digitalbazaar/oid4-client Changelog
 
+## 3.1.0 - 2023-10-dd
+
+### Added
+- Add basic OID4VP support. There are many differences in OID4VP
+  implementations in the ecosystem today and OID4VP is still in
+  draft form. This implementation supports a profile of draft 20
+  that uses LDP / Data Integrity secured VCs and provides utility
+  functions for converting a subset of VPRs to authorization
+  requests and vice versa. This OID4VP implementation should be
+  considered experimental as the ecosystem matures and changes
+  are made.
+
 ## 3.0.1 - 2023-08-09
 
 ### Fixed
@@ -22,4 +34,4 @@
 ### Added
 - Initial release, see individual commits for history. Notably,
   no version 1.x was released under this name, instead it was
-  released as `@digitalbazaar/oidc4vci-client`.
+  released as `@digitalbazaar/oidc4vci-client`.

lib/OID4Client.js

@@ -128,9 +128,8 @@ export class OID4Client {
           // if `didProofSigner` is not provided, throw error
           if(!(did && didProofSigner)) {
             const {data: details} = cause;
-            const error = new Error('DID authentication is required.');
+            const error = new Error('DID authentication is required.', {cause});
             error.name = 'NotAllowedError';
-            error.cause = cause;
             error.details = details;
             throw error;
           }
@@ -188,9 +187,8 @@ export class OID4Client {
       */
       return result;
     } catch(cause) {
-      const error = new Error('Could not receive credentials.');
+      const error = new Error('Could not receive credentials.', {cause});
       error.name = 'OperationError';
-      error.cause = cause;
       throw error;
     }
   }
@@ -205,10 +203,8 @@ export class OID4Client {
       if(parsedIssuer.protocol !== 'https:') {
         throw new Error('Only "https" credential issuer URLs are supported.');
       }
-    } catch(e) {
-      const err = new Error('"offer.credential_issuer" is not valid.');
-      err.cause = e;
-      throw err;
+    } catch(cause) {
+      throw new Error('"offer.credential_issuer" is not valid.', {cause});
     }
     if(!(Array.isArray(credentials) && credentials.length > 0 &&
       credentials.every(c => c && typeof c === 'object'))) {
@@ -303,9 +299,8 @@ export class OID4Client {
       return new OID4Client(
         {accessToken, agent, issuerConfig, metadata, offer});
     } catch(cause) {
-      const error = new Error('Could not create OID4 client.');
+      const error = new Error('Could not create OID4 client.', {cause});
       error.name = 'OperationError';
-      error.cause = cause;
       throw error;
     }
   }
@@ -342,15 +337,18 @@ function _isMissingProofError(error) {
     Cache-Control: no-store
 
   {
-    "error": "invalid_or_missing_proof"
+    "error": "invalid_or_missing_proof" // or "invalid_proof"
     "error_description":
         "Credential issuer requires proof element in Credential Request"
     "c_nonce": "8YE9hCnyV2",
     "c_nonce_expires_in": 86400
   }
   */
+  // `invalid_proof` OID4VCI draft 13+, `invalid_or_missing_proof` earlier
+  const errorType = error.data?.error;
   return error.status === 400 &&
-    error?.data?.error === 'invalid_or_missing_proof';
+    (errorType === 'invalid_proof' ||
+    errorType === 'invalid_or_missing_proof');
 }
 
 function _createCredentialRequestFromId({id, issuerConfig}) {

lib/index.js

@@ -1,5 +1,11 @@
 /*!
  * Copyright (c) 2022-2023 Digital Bazaar, Inc. All rights reserved.
  */
-export * from './util.js';
+export * as oid4vp from './oid4vp.js';
+export {
+  discoverIssuer,
+  generateDIDProofJWT,
+  parseCredentialOfferUrl,
+  signJWT
+} from './util.js';
 export {OID4Client} from './OID4Client.js';