All notable changes to this project will be documented in this file. See Conventional Commits for commit guidelines.
0.16.0 (2024-08-02)
- add some dpop unit tests (c24a898)
- ensure correct token_type in response (668c53f)
- header casing (b696dba)
- headers for error response (4c8319e)
- incorrect usage of errorBody (f25b7d6)
- jwk thumprint using crypto.subtle (56a291c)
- nits (1a54e69)
- prettier + eslint (57c7592)
- redirect uri should not be set with direct_post (42c8ddd)
- remove bug for txCode (57ca020)
- rename common to oid4vc-common (d89ac4f)
- scope and par fixes (71e72aa)
- some imports (5034468)
- some last nits (3c71599)
- v11 metadata type (0a8470b)
- varname (f92b2b9)
- add additional dpop retry mechanisms (a102854)
- address feedback part 2 (01f6d4d)
- create common package (d5b4b75)
- dpop support (9202667)
- incorporate feedback and fix tests (c7c6af4)
- incorporate feedback part1 (f30475a)
- rename common to oid4vci-common (9efbf32)
0.15.1 (2024-07-23)
0.15.0 (2024-07-15)
- add openid federation jwtVerifier (a5755ff)
- build (2da9205)
- build (84aba5e)
- remove outdated docs (31731e7)
- siop-oid4vp build order (dacf629)
0.14.0 (2024-07-06)
- hasher dependency and token request assert vci11/13 (81bf769)
- undo tx_code changes (7888a14)
- update tx_code check (3b0971d)
- Enable tx_code support for the issuer, and properly handle both the old userPin and tx_code on the client side. fixes #117 (e54071c)
0.13.0 (2024-07-03)
- Make sure we use 'JWT' as typ instead of the lower case version as suggested in the JWT RFC. (1ff4e40)
- test added (f655bf0)
- test added (19b0704)
- add get types from offer function to get the types from multiple versions of credential offers (b966d8c)
- Add support for jwt-bearer client assertions in access token (ab4905c)
- added a facade for CredentialRequestClientBuilder and adjusted the tests (30cddd3)
- added mock data for metadata draft 13 and added some tests for it (5439a02)
- added x5c support and made sure that we support request-responses without dids (27bc1d9)
- Allow to pass in custom access token request params (1a469f9)
0.12.0 (2024-06-19)
- (WIP) fixed all the build errors (e522a3d)
- (WIP) refactored and fixed build. still have to fix 33 test cases that are failing (ff88a64)
- (WIP) refactored and fixed build. still have to fix 8 test cases that are failing (d8c2c4f)
- (WIP) refactored and fixed parts of the logic for v1_0_13. (06117c0)
- (WIP) skipped failing tests and made comment to fix them (16f1673)
- add back missing authz url getter (6870fce)
- added back optional vct to CredentialConfigurationSupportedV1_0_13 for sd-jwt (88341ef)
- added back the isEbsi function to the new version's OpenID4VCIClient (479bea7)
- added generic union types for frequently used types (72474d6)
- added generic union types for frequently used types (f10d0b2)
- allow to set client_id (d51bf25)
- changed the accepting type in VcIssuer (125cb81)
- changed the if param in the assertAlphanumericPin (5655859)
- changed the logic for pin validation (b8bb359)
- Comparison of request subject signing with response was not normalized for a comparison (cd72dc6)
- Ensure we have a single client that handles both v13 and v11 and lower (eadbba0)
- fixed ClientIssuerIT.spec (c5be065)
- fixed createCredentialOfferURI signature (2856644)
- fixed failing test cases (690b02b)
- fixed sd jwt test with version 13 (dcf7439)
- fixed some issue in the IssuerMetadataUtils (8a6c16f)
- fixed some issue in the IssuerMetadataUtils plus added some unittests for it (d348641)
- fixed some test cases (ccac046)
- fixed test type mismatch (215227e)
- fixed test type mismatch (ca32202)
- fixed tests plus prettier (fc8cdf0)
- fixed the failing test for the credentialOfferUri (a8ac2e3)
- fixed the logic in creating credentialOffer uri (53bce06)
- fixed the regex for pin (d3b2f0c)
- fixed type mismatch in some files (a2b3c22)
- fixes after merge with CWALL-199 (af967a9)
- fixes for PAR. Several things were missing, wrong. Higly likely this is a problem for non PAR flows as well (9ed5064)
- for pin in IssuerTokenServer (354e8ad)
- MetadataClient for version 13 and added better type distinction. added credential_definition to credential metadata of v13 (e39bf71)
- No response type set on authz code after using PAR (5da243e)
- set client_id on authorization url (599ca9e)
- set client_id on authorization url (04e7cb8)
- Add wallet signing support to VCI and notification support (c4d3483)
- added setDefaultTokenEndpoint to VcIssuer constructor (f16affc)
- added setDefaultTokenEndpoint to VcIssuerBuilder (96608ec)
- added token_endpoint to the metadata (72f2988)
- created special type for CredentialRequest v1_0_13 and fixed the tests for it (25a6051)
- expose functions for experimental subject issuer support (c4adecc)
- Unify how we get types from different spec versions (449364b)
0.10.3 (2024-04-25)
- Fix iat expiration check (1260291)
- issuance and expiration sometimes used milliseconds instead of seconds (afc2a8a)
- seconds to ms (cbd60a6)
0.10.2 (2024-03-13)
0.10.1 (2024-03-12)
0.10.0 (2024-02-29)
0.9.0 (2024-02-16)
- Add back jwt_vc format support for older versions (9f06ab1)
- add sd-jwt to issuer callback (93b1242)
- disable awesome-qr in rn (3daf0d3)
- Do not set a default redirect_uri, unless no authorization request options are set at all (6c96089)
- Do not set default client_id (7a1afbc)
- Do not sort credential types, as issuers might rely on their order (59fba74)
- Fix uri to json conversion when no required params are provided (36a70ca)
- opts passed to getCredentialOfferEndpoint() (923b8b4)
- sd-jwt: cnf instead of kid (510a4e8)
- the client_id used in the auth request was not taken into account when requesting access token (2bc039c)
- Add deferred support (99dc87d)
- Add EBSI support (7577e3d)
- Add initial support for creating a client without credential offer (13659a7)
- add sd-jwt issuer support and e2e test (951bf2c)
- add sd-jwt support (a37ef06)
- Add support to get a client id from an offer, and from state JWTs. EBSI for instance is using this (f089116)
- added state recovery (8ee6584)
- Allow to create an authorization request URL when initiating the OID4VCI client (84ea215)
- Allow to set the clientId at a later point on the VCI client (042b183)
- EBSI compatibility (c44107f)
- ldp issuance (bf8865a)
- Make sure redirect_uri is the same for authorization and token endpoint when used and made redirect_uri optional. The redirect_uri is automatically passed to the token request in case one was used for authorization (394fcb7)
- PAR improvements (99f55c2)
- PKCE support improvements. (5d5cb06)
- Support sd-jwt 0.2.0 library (77c9c24)
0.8.1 (2023-10-14)
- Allow for authorized code flows. Removes the param to determine the flow, as that is determined from the credential offer itself (a78e1fc)
- Allow for authorized code flows. Removes the param to determine the flow, as that is determined from the credential offer itself. Thanks to https://github.com/linasi for the PR (861ee87)
0.7.3 (2023-09-30)
- allow token endpoint to be defined in metadata without triggering logic for external AS (d99304c)
0.7.2 (2023-09-28)
- id lookup against server metadata not working (592ec4b)
0.7.1 (2023-09-28)
- Better match credential offer types and formats onto issuer metadata (4044c21)
- clearinterval (214e3c6)
- Fix credential offer matching against metadata (3c23bab)
- Fix credential offer matching against metadata (b79027f)
- relax auth_endpoint handling. Doesn't have to be available when doing pre-auth flow. Client handles errors anyway in case of auth/par flow (ce39958)
- relax auth_endpoint handling. Doesn't have to be available when doing pre-auth flow. Client handles errors anyway in case of auth/par flow (cb5f9c1)
0.7.0 (2023-08-19)
- fix credential request properties (0037025)
- Revise well-known metadata retrieval for OID4VCI, OAuth 2.0 and OIDC. fixes #62 (a750cc7)
- Integrate ssi-express-support to allow for future authn/authz. Also moved endpoints to functions, so solutions can include their own set of endpoints (c749aba)
0.6.0 (2023-06-24)
- added a couple of todos for handling v11, plus changed the getIssuer method to throw exception if nothing is found, and some other pr notes (091786e)
- added CredentialOffer to exports of client (5cc5ab1)
- added disable eslint comments in three places (0e3ffdb)
- deleted wrong import and fixed the usage (fc17946)
- Fix issue with deleting session when imported in other projects (4656c29)
- made v1_0.09 types strict and added a few utility methods to it for ease of access (9391f31)
- Many v11 fixes on server and client side (08be1ed)
- PAR objects where in the wrong locations and one had a wrong name (24f98e7)
- prettier, plus some type casting in test/mock files for v9 (162af38)
- removed type support for mso_mdoc (867073c)
- rename jwt_vc_json_ld to jwt_vc_json-ld (a366bef)
- Add status support to sessions (a1fa6a4)
- Add status support to sessions (02c7eaf)
- Add support for alg, kid, did, did document to Jwt Verification callback so we can ensure to set proper values in the resulting VC. (62dd947)
- Add support for background_image for credentials (a3c2561)
- Add supported flow type detection (100f9e6)
- Add VCI Issuer (5cab075)
- added (issuer) state to options for createCredentialOfferDeeplink (bd1569c)
- added api.ts for all the rest apis of the issuer (907c05e)
- added better support (and distinction) for types v1.0.09 and v1.0.11 (f311258)
- added callback function for issuing credentials (c478788)
- added error code invalid_scope (e7864d9)
- added issuer callback to arguments of the issuer builder (ed4fe7c)
- Added new mock data from actual issuers, fixed a small bug with v1_0_08 types, updated v1_0_08 types to support data from jff issuers (a6b1eea)
- Added new tests for CredentialRequestClient plus fixed a problem with CredentialOfferUtil. a CredentialRequest can have no issuer field (50f2292)
- added optional issuer callback to parameters of issueCredentialFromIssueRequest (a7a9e4a)
- added support for creating credentialOffer deeplink based on a uri (6822dfe)
- added support for creating offer deeplink from object and test it. plus some refactors (a87dcb1)
- added support for v8 in our types (partially) to make old logics work (4b5abf1)
- added utility method for recognizing v1.0.11 objects (ed6436e)
- added VcIssuer and builders related to that (c2592a8)
- Ass support to provide credential input data to the issuer whilst creating the offer to be used with a credential data supplier (03d3e46)
- beside the 'with' methods in the builder which will replace existing configuration for that field, I've added 'add' methods to add to existing configuration (9d42152)
- created another module for rest api and moved the dependencies from issuer module to issuer-rest (38849af)
- Issuer credential offer and more fixes/features (0bbe17c)
- Support data supplier callback (1c49cc8)
- Translate v8 credentials_supported to v11 (b06fa22)