feat: add more info for credential selection

Signed-off-by: Martin Auer <martin.auer97@gmail.com>

packages/openid4vc-holder/src/OpenId4VcHolderService.ts

@@ -1,4 +1,5 @@
 import type {
+  CredentialToRequest,
   GenerateAuthorizationUrlOptions,
   ProofOfPossessionRequirements,
   ProofOfPossessionVerificationMethodResolver,
@@ -210,9 +211,26 @@ export class OpenId4VcHolderService {
       version
     )
 
-    const credentialsToRequest = offeredCredentialsWithMetadata.map((offeredCredential) =>
-      this.getFormatAndTypesFromOfferedCredential(offeredCredential, version)
-    )
+    const credentialsToRequest: CredentialToRequest[] = offeredCredentialsWithMetadata.map((offeredCredential) => {
+      const { format, types } = this.getFormatAndTypesFromOfferedCredential(offeredCredential, version)
+      const offerType = offeredCredential.type
+
+      if (offerType === OfferedCredentialType.InlineCredentialOffer) {
+        return { offerType, types, format }
+      } else {
+        const { id, cryptographic_binding_methods_supported, cryptographic_suites_supported } =
+          offeredCredential.credentialSupported
+
+        return {
+          id,
+          offerType,
+          cryptographic_binding_methods_supported,
+          cryptographic_suites_supported,
+          types,
+          format,
+        }
+      }
+    })
 
     return {
       metadata,
@@ -248,7 +266,6 @@ export class OpenId4VcHolderService {
 
     const allowedCredentialFormats = supportedCredentialFormats
 
-    // TODO: how to request specific credentials with the pre-auth flow?
     // acquire the access token
     // NOTE: only scope based flow is supported for authorized flow. However there's not clear mapping between
     // the scope property and which credential to request (this is out of scope of the spec), so it will still

packages/openid4vc-holder/src/OpenId4VcHolderServiceOptions.ts

@@ -1,3 +1,4 @@
+import type { OfferedCredentialType } from './OpenId4VcHolderService'
 import type { JwaSignatureAlgorithm, KeyType, VerificationMethod } from '@aries-framework/core'
 import type { CredentialOfferPayloadV1_0_11, EndpointMetadataResult, OpenId4VCIVersion } from '@sphereon/oid4vci-common'
 
@@ -13,10 +14,17 @@ export const supportedCredentialFormats = [
   OpenIdCredentialFormatProfile.LdpVc,
 ] satisfies OpenIdCredentialFormatProfile[]
 
-export interface CredentialToRequest {
-  format: string
-  types: string[]
-}
+export type CredentialToRequest = { format: string; types: string[] } & (
+  | {
+      offerType: OfferedCredentialType.InlineCredentialOffer
+    }
+  | {
+      offerType: OfferedCredentialType.CredentialSupported
+      id: string | undefined
+      cryptographic_binding_methods_supported: string[] | undefined
+      cryptographic_suites_supported: string[] | undefined
+    }
+)
 
 export interface ResolvedCredentialOffer {
   metadata: EndpointMetadataResult

packages/openid4vc-holder/tests/openid4vc-holder.e2e.test.ts

@@ -179,7 +179,6 @@ describe('OpenId4VcHolder', () => {
       const w3cCredentialRecords = await agent.modules.openId4VcHolder.acceptCredentialOfferUsingPreAuthorizedCode(
         resolvedCredentialOffer,
         {
-          allowedCredentialFormats: [OpenIdCredentialFormatProfile.JwtVcJson],
           allowedProofOfPossessionSignatureAlgorithms: [JwaSignatureAlgorithm.ES256],
           proofOfPossessionVerificationMethodResolver: () => verificationMethod,
           verifyCredentialStatus: false,