v0.9.0

0.9.0 (2024-02-16)

Bug Fixes

• Add back jwt_vc format support for older versions (9f06ab1)
• add sd-jwt to issuer callback (93b1242)
• disable awesome-qr in rn (3daf0d3)
• Do not set a default redirect_uri, unless no authorization request options are set at all (6c96089)
• Do not set default client_id (7a1afbc)
• Do not sort credential types, as issuers might rely on their order (59fba74)
• Fix uri to json conversion when no required params are provided (36a70ca)
• opts passed to getCredentialOfferEndpoint() (923b8b4)
• sd-jwt: cnf instead of kid (510a4e8)
• the client_id used in the auth request was not taken into account when requesting access token (2bc039c)

Features

• Add deferred support (99dc87d)
• Add EBSI support (7577e3d)
• Add initial support for creating a client without credential offer (13659a7)
• add sd-jwt issuer support and e2e test (951bf2c)
• add sd-jwt support (a37ef06)
• Add support to get a client id from an offer, and from state JWTs. EBSI for instance is using this (f089116)
• added state recovery (8ee6584)
• Allow to create an authorization request URL when initiating the OID4VCI client (84ea215)
• Allow to set the clientId at a later point on the VCI client (042b183)
• EBSI compatibility (c44107f)
• ldp issuance (bf8865a)
• Make sure redirect_uri is the same for authorization and token endpoint when used and made redirect_uri optional. The redirect_uri is automatically passed to the token request in case one was used for authorization (394fcb7)
• PAR improvements (99f55c2)
• PKCE support improvements. (5d5cb06)
• Support sd-jwt 0.2.0 library (77c9c24)

v0.8.1

0.8.1 (2023-10-14)

Features

• Allow for authorized code flows. Removes the param to determine the flow, as that is determined from the credential offer itself (a78e1fc)
• Allow for authorized code flows. Removes the param to determine the flow, as that is determined from the credential offer itself. Thanks to https://github.com/linasi for the PR (861ee87)

v0.7.3

0.7.3 (2023-09-30)

Bug Fixes

• allow token endpoint to be defined in metadata without triggering logic for external AS (d99304c)

v0.7.2

0.7.2 (2023-09-28)

Bug Fixes

• id lookup against server metadata not working (592ec4b)

v0.7.1

0.7.1 (2023-09-28)

Bug Fixes

• Better match credential offer types and formats onto issuer metadata (4044c21)
• clearinterval (214e3c6)
• Fix credential offer matching against metadata (3c23bab)
• Fix credential offer matching against metadata (b79027f)
• relax auth_endpoint handling. Doesn't have to be available when doing pre-auth flow. Client handles errors anyway in case of auth/par flow (ce39958)
• relax auth_endpoint handling. Doesn't have to be available when doing pre-auth flow. Client handles errors anyway in case of auth/par flow (cb5f9c1)

v0.7.0

0.7.0 (2023-08-19)

Bug Fixes

• fix credential request properties (0037025)
• Revise well-known metadata retrieval for OID4VCI, OAuth 2.0 and OIDC. fixes #62 (a750cc7)

Features

• Integrate ssi-express-support to allow for future authn/authz. Also moved endpoints to functions, so solutions can include their own set of endpoints (c749aba)

v0.6.0

0.6.0 (2023-06-24)

Bug Fixes

• added a couple of todos for handling v11, plus changed the getIssuer method to throw exception if nothing is found, and some other pr notes (091786e)
• added CredentialOffer to exports of client (5cc5ab1)
• added disable eslint comments in three places (0e3ffdb)
• deleted wrong import and fixed the usage (fc17946)
• Fix issue with deleting session when imported in other projects (4656c29)
• made v1_0.09 types strict and added a few utility methods to it for ease of access (9391f31)
• Many v11 fixes on server and client side (08be1ed)
• PAR objects where in the wrong locations and one had a wrong name (24f98e7)
• prettier, plus some type casting in test/mock files for v9 (162af38)
• removed type support for mso_mdoc (867073c)
• rename jwt_vc_json_ld to jwt_vc_json-ld (a366bef)

Features

• Add status support to sessions (a1fa6a4)
• Add status support to sessions (02c7eaf)
• Add support for alg, kid, did, did document to Jwt Verification callback so we can ensure to set proper values in the resulting VC. (62dd947)
• Add support for background_image for credentials (a3c2561)
• Add supported flow type detection (100f9e6)
• Add VCI Issuer (5cab075)
• added (issuer) state to options for createCredentialOfferDeeplink (bd1569c)
• added api.ts for all the rest apis of the issuer (907c05e)
• added better support (and distinction) for types v1.0.09 and v1.0.11 (f311258)
• added callback function for issuing credentials (c478788)
• added error code invalid_scope (e7864d9)
• added issuer callback to arguments of the issuer builder (ed4fe7c)
• Added new mock data from actual issuers, fixed a small bug with v1_0_08 types, updated v1_0_08 types to support data from jff issuers (a6b1eea)
• Added new tests for CredentialRequestClient plus fixed a problem with CredentialOfferUtil. a CredentialRequest can have no issuer field (50f2292)
• added optional issuer callback to parameters of issueCredentialFromIssueRequest (a7a9e4a)
• added support for creating credentialOffer deeplink based on a uri (6822dfe)
• added support for creating offer deeplink from object and test it. plus some refactors (a87dcb1)
• added support for v8 in our types (partially) to make old logics work (4b5abf1)
• added utility method for recognizing v1.0.11 objects (ed6436e)
• added VcIssuer and builders related to that (c2592a8)
• Ass support to provide credential input data to the issuer whilst creating the offer to be used with a credential data supplier (03d3e46)
• beside the 'with' methods in the builder which will replace existing configuration for that field, I've added 'add' methods to add to existing configuration (9d42152)
• created another module for rest api and moved the dependencies from issuer module to issuer-rest (38849af)
• Issuer credential offer and more fixes/features (0bbe17c)
• Support data supplier callback (1c49cc8)
• Translate v8 credentials_supported to v11 (b06fa22)

Iinitial support for the Authorized Code flow

Adds initial support for the Authorized Code flow (auth request, server metadata, scopes, thanks to @karimStekelenburg. Be aware that not everything in the Authorized code flow is supported yet.

Added:

• Add initial support for Authorized Code flow, thanks to @karimStekelenburg.
• Add method to encode the initiation url

Content-type fixes and allow localhost urls

Content-type fixes and allow localhost urls

• Fixes:

  • Re-add the content-type headers, inadvertently removed in the previous version. Added logic for corner-cases
  • Re-add sss-types ad dependency as it seems it is needed at runtime.
  • Allow localhost as a valid URL

• Changed:

  • Require http(s) schemes for URLs
  • Update to ssi-types from current develop branch, instead of a unstable/feature branch

HTTP mediatype fix and HTTP response NodeJS16+ fix

HTTP mediatype fix and HTTP response NodeJS16+ fix

• Fixes:

  • The central HTTP client method incorrectly used an array instead of an object/record when no custom headers where supplied, resulting in incorrect headers. Fixed thanks to @karimStekelenburg from our friends at @animo
  • Fix HTTP response handling for newer NodeJS >=16 not cloning the response, used for debug/log purposes.

• Changed:

  • Moved SSI-types to a dev dependency