v0.12.0

0.12.0 (2024-06-19)

This release introduces support for OID4VCI Draft 13, also known as Implementors Draft 1.
The current libraries support version 8,9, 11 and 13. Please be aware that that in an upcoming 1.x.x release we will drop everything below version 13!. This parties that rely on the version discovery for the client side, should stick to the 0.x.x releases

Bug Fixes

• (WIP) refactored and fixed parts of the logic for v1_0_13. (06117c0)
• (WIP) skipped failing tests and made comment to fix them (16f1673)
• added generic union types for frequently used types (72474d6)
• added generic union types for frequently used types (f10d0b2)
• allow to set client_id (d51bf25)
• changed the accepting type in VcIssuer (125cb81)
• changed the if param in the assertAlphanumericPin (5655859)
• changed the logic for pin validation (b8bb359)
• Comparison of request subject signing with response was not normalized for a comparison (cd72dc6)
• Ensure we have a single client that handles both v13 and v11 and lower (eadbba0)
• fixed ClientIssuerIT.spec (c5be065)
• fixed createCredentialOfferURI signature (2856644)
• fixed failing test cases (690b02b)
• fixed sd jwt test with version 13 (dcf7439)
• fixed some issue in the IssuerMetadataUtils (8a6c16f)
• fixed some issue in the IssuerMetadataUtils plus added some unittests for it (d348641)
• fixed some test cases (ccac046)
• fixed test type mismatch (215227e)
• fixed test type mismatch (ca32202)
• fixed tests plus prettier (fc8cdf0)
• fixed the failing test for the credentialOfferUri (a8ac2e3)
• fixed the logic in creating credentialOffer uri (53bce06)
• fixed the regex for pin (d3b2f0c)
• fixed type mismatch in some files (a2b3c22)
• fixes after merge with CWALL-199 (af967a9)
• fixes for PAR. Several things were missing, wrong. Higly likely this is a problem for non PAR flows as well (9ed5064)
• for pin in IssuerTokenServer (354e8ad)
• MetadataClient for version 13 and added better type distinction. added credential_definition to credential metadata of v13 (e39bf71)
• No response type set on authz code after using PAR (5da243e)
• set client_id on authorization url (599ca9e)
• set client_id on authorization url (04e7cb8)

Features

• Add wallet signing support to VCI and notification support (c4d3483)
• added setDefaultTokenEndpoint to VcIssuer constructor (f16affc)
• added setDefaultTokenEndpoint to VcIssuerBuilder (96608ec)
• added token_endpoint to the metadata (72f2988)
• created special type for CredentialRequest v1_0_13 and fixed the tests for it (25a6051)
• expose functions for experimental subject issuer support (c4adecc)
• Unify how we get types from different spec versions (449364b)

v0.10.3

0.10.3 (2024-04-25)

Bug Fixes

• Fix iat expiration check (1260291)
• issuance and expiration sometimes used milliseconds instead of seconds (afc2a8a)
• seconds to ms (cbd60a6)

v0.10.2

0.10.2 (2024-03-13)

Bug Fixes

• token expiry (fb641b5)
• use seconds for all expires in values (39bde8f)

v0.10.1

0.10.1 (2024-03-12)

Bug Fixes

• await session state updates (963fb88)
• type for cred request ldp (dbbe447)

v0.10.0

0.10.0 (2024-02-29)

Bug Fixes

• enum type (c39d8e1)
• Extend Alg enum to allow for more algorithms. refs #88 (6e76f57)

Features

• Open the signing algorithm list in the credential issuance process, refs #88 (d9b17af)

v0.9.0

0.9.0 (2024-02-16)

Bug Fixes

• Add back jwt_vc format support for older versions (9f06ab1)
• add sd-jwt to issuer callback (93b1242)
• disable awesome-qr in rn (3daf0d3)
• Do not set a default redirect_uri, unless no authorization request options are set at all (6c96089)
• Do not set default client_id (7a1afbc)
• Do not sort credential types, as issuers might rely on their order (59fba74)
• Fix uri to json conversion when no required params are provided (36a70ca)
• opts passed to getCredentialOfferEndpoint() (923b8b4)
• sd-jwt: cnf instead of kid (510a4e8)
• the client_id used in the auth request was not taken into account when requesting access token (2bc039c)

Features

• Add deferred support (99dc87d)
• Add EBSI support (7577e3d)
• Add initial support for creating a client without credential offer (13659a7)
• add sd-jwt issuer support and e2e test (951bf2c)
• add sd-jwt support (a37ef06)
• Add support to get a client id from an offer, and from state JWTs. EBSI for instance is using this (f089116)
• added state recovery (8ee6584)
• Allow to create an authorization request URL when initiating the OID4VCI client (84ea215)
• Allow to set the clientId at a later point on the VCI client (042b183)
• EBSI compatibility (c44107f)
• ldp issuance (bf8865a)
• Make sure redirect_uri is the same for authorization and token endpoint when used and made redirect_uri optional. The redirect_uri is automatically passed to the token request in case one was used for authorization (394fcb7)
• PAR improvements (99f55c2)
• PKCE support improvements. (5d5cb06)
• Support sd-jwt 0.2.0 library (77c9c24)

v0.8.1

0.8.1 (2023-10-14)

Features

• Allow for authorized code flows. Removes the param to determine the flow, as that is determined from the credential offer itself (a78e1fc)
• Allow for authorized code flows. Removes the param to determine the flow, as that is determined from the credential offer itself. Thanks to https://github.com/linasi for the PR (861ee87)

v0.7.3

0.7.3 (2023-09-30)

Bug Fixes

• allow token endpoint to be defined in metadata without triggering logic for external AS (d99304c)

v0.7.2

0.7.2 (2023-09-28)

Bug Fixes

• id lookup against server metadata not working (592ec4b)

v0.7.1

0.7.1 (2023-09-28)

Bug Fixes

• Better match credential offer types and formats onto issuer metadata (4044c21)
• clearinterval (214e3c6)
• Fix credential offer matching against metadata (3c23bab)
• Fix credential offer matching against metadata (b79027f)
• relax auth_endpoint handling. Doesn't have to be available when doing pre-auth flow. Client handles errors anyway in case of auth/par flow (ce39958)
• relax auth_endpoint handling. Doesn't have to be available when doing pre-auth flow. Client handles errors anyway in case of auth/par flow (cb5f9c1)