diff --git a/.ci/runChecks.sh b/.ci/runChecks.sh index f94dfef62..5d37d564a 100755 --- a/.ci/runChecks.sh +++ b/.ci/runChecks.sh @@ -6,4 +6,4 @@ npm run lint:eslint npm run lint:prettier npm run --workspaces cdep npx --workspaces license-check -npx better-npm-audit audit --exclude 1112030 +npx better-npm-audit audit --exclude 1112030,1114592,1114594,1114638,1114640,1114642 diff --git a/package-lock.json b/package-lock.json index b0cc7c572..89ec678f8 100644 --- a/package-lock.json +++ b/package-lock.json @@ -12129,7 +12129,9 @@ } }, "node_modules/sjcl": { - "version": "1.0.8", + "version": "1.0.9", + "resolved": "https://registry.npmjs.org/sjcl/-/sjcl-1.0.9.tgz", + "integrity": "sha512-dWM71tkSHxe7zEZj0/COjtJdmErIxp7UMp8a6D4xx8dTTtJLc4lFL+HAX8s6lvASyQQ2iYMHwa7rhhQq7MT5MA==", "license": "(BSD-2-Clause OR GPL-2.0-only)", "engines": { "node": "*" diff --git a/packages/consumption/src/modules/openid4vc/OpenId4VcController.ts b/packages/consumption/src/modules/openid4vc/OpenId4VcController.ts index e1de7aa7c..9d59f4e36 100644 --- a/packages/consumption/src/modules/openid4vc/OpenId4VcController.ts +++ b/packages/consumption/src/modules/openid4vc/OpenId4VcController.ts @@ -130,7 +130,7 @@ export class OpenId4VcController extends ConsumptionBaseController { return { status: serverResponse.status, message: serverResponse.body }; } - public async createPresentationTokenContent(credential: VerifiableCredential): Promise { - return await this.holder.createPresentationTokenContent(credential); + public async createPresentationTokenContent(credential: VerifiableCredential, nonce: string): Promise { + return await this.holder.createPresentationTokenContent(credential, nonce); } } diff --git a/packages/consumption/src/modules/openid4vc/local/Holder.ts b/packages/consumption/src/modules/openid4vc/local/Holder.ts index aa0b6ecb3..f3b4ea48d 100644 --- a/packages/consumption/src/modules/openid4vc/local/Holder.ts +++ b/packages/consumption/src/modules/openid4vc/local/Holder.ts @@ -204,7 +204,7 @@ export class Holder extends BaseAgent> // hacky solution because credo doesn't support credentials without key binding // TODO: use credentials without key binding once supported - public async createPresentationTokenContent(credential: VerifiableCredential): Promise { + public async createPresentationTokenContent(credential: VerifiableCredential, nonce: string): Promise { if (credential.type !== ClaimFormat.SdJwtDc) throw new Error("Only SD-JWT credentials have been tested so far with token presentation"); const sdJwtVcApi = this.agent.dependencyManager.resolve(SdJwtVcApi); @@ -213,7 +213,7 @@ export class Holder extends BaseAgent> verifierMetadata: { audience: "defaultPresentationAudience", issuedAt: Date.now() / 1000, - nonce: "defaultPresentationNonce" + nonce } }); diff --git a/packages/runtime/src/useCases/consumption/openid4vc/CreatePresentationToken.ts b/packages/runtime/src/useCases/consumption/openid4vc/CreatePresentationToken.ts index cd19e022e..b203b4a5b 100644 --- a/packages/runtime/src/useCases/consumption/openid4vc/CreatePresentationToken.ts +++ b/packages/runtime/src/useCases/consumption/openid4vc/CreatePresentationToken.ts @@ -34,14 +34,17 @@ export class CreatePresentationTokenUseCase extends UseCase