NewIssuerAPIClient resolves the Credential Issuer Metadata from the well-known endpoint and returns a client that can be used to communicate with the issuer.

NewMockIdentifierResolver creates a new mock instance.

NewMockIssuerAPIClient creates a new mock instance.

NewMockOAuth2Client creates a new mock instance.

NewMockWalletAPIClient creates a new mock instance.

NewTLSIdentifierResolver creates a IdentifierResolver that tries to derive the identifier from the TLS certificate if it can't be resolved using the DID document.

NewWalletAPIClient resolves the OAuth2 credential client metadata from the given URL.

SetTLSIdentifierResolverPort sets the port used by the TLS identifier resolver to the given port, and restores the original port when the test is done.

ValidateDefinitionWithCredential confirms that the vc.VerifiableCredential is defined by the CredentialDefinition.

CredentialIssuerMetadataWellKnownPath defines the well-known path for retrieving OpenID4VCI CredentialIssuerMetadata Specified by https://openid.net/specs/openid-4-verifiable-credential-issuance-1_0.html#name-credential-issuer-metadata-.

CredentialOfferStatusReceived indicates that the wallet has received the credential.

InvalidClient is returned when: - the client tried to send a Token Request with a Pre-Authorized Code without Client ID but the Authorization Server does not support anonymous access.

InvalidGrant is returned when (in addition to cases defined by OAuth2): - the Authorization Server expects a PIN in the pre-authorized flow but the client provides the wrong PIN - the End-User provides the wrong Pre-Authorized Code or the Pre-Authorized Code has expired.

InvalidProof is returned when the Credential Request did not contain a proof, or proof was invalid, i.e.

InvalidRequest is returned when: - the Authorization Server does not expect a PIN in the pre-authorized flow but the client provides a PIN - the Authorization Server expects a PIN in the pre-authorized flow but the client does not provide a PIN - Credential Request was malformed.

InvalidToken is returned when (in addition to cases defined by OAuth2): - Credential Request contains the wrong Access Token or the Access Token is missing.

JWTTypeOpenID4VCIProof defines the OpenID4VCI JWT-subtype (used as typ claim in the JWT).

PreAuthorizedCodeGrant is the grant type used for pre-authorized code grant from the OpenID4VCI specification.

ProofTypeJWT defines the Credential Request proof type for JWTs.

ProviderMetadataWellKnownPath defines the well-known path for retrieving OpenID ProviderMetadata Specified by https://www.rfc-editor.org/rfc/rfc8414.html#section-3.

ServerError is returned when the Authorization Server encounters an unexpected condition that prevents it from fulfilling the request.

UnsupportedCredentialFormat is returned when the credential issuer does not support the requested credential format.

UnsupportedCredentialType is returned when the credential issuer does not support the requested credential type.

UnsupportedGrantType is returned when the Authorization Server does not support the requested grant type.

WalletMetadataWellKnownPath defines the well-known path for OpenID4VCI Wallet Metadata.

Config holds the config for the OpenID4VCI credential issuer and wallet.

CredentialDefinition defines the 'credential_definition' for Format VerifiableCredentialJSONLDFormat Specified by https://openid.net/specs/openid-4-verifiable-credential-issuance-1_0.html#name-vc-secured-using-data-integ.

CredentialIssuerMetadata defines the OpenID4VCI Credential Issuer Metadata.

CredentialOffer defines credentials offered by the issuer to the wallet.

CredentialOfferResponse defines the response for credential offer requests.

CredentialRequest defines the credential request sent by the wallet to the issuer.

CredentialRequestProof defines the proof of possession of key material when requesting a Credential.

CredentialResponse defines the response for credential requests.

DIDIdentifierResolver is a IdentifierResolver that resolves identifiers from DID documents.

Error is an error that signals the error was (probably) caused by the client (e.g.

MockIdentifierResolver is a mock of IdentifierResolver interface.

MockIdentifierResolverMockRecorder is the mock recorder for MockIdentifierResolver.

MockIssuerAPIClient is a mock of IssuerAPIClient interface.

MockIssuerAPIClientMockRecorder is the mock recorder for MockIssuerAPIClient.

MockOAuth2Client is a mock of OAuth2Client interface.

MockOAuth2ClientMockRecorder is the mock recorder for MockOAuth2Client.

MockWalletAPIClient is a mock of WalletAPIClient interface.

MockWalletAPIClientMockRecorder is the mock recorder for MockWalletAPIClient.

OAuth2ClientMetadata defines the OAuth2 Client Metadata, extended with OpenID4VCI parameters.

OfferedCredential defines a single entry in the credentials array of a CredentialOffer.

ProviderMetadata defines the OpenID Connect Provider metadata.

IdentifierResolver defines the interface for resolving OpenID4VCI identifiers (of wallet and issuer).

IssuerAPIClient defines the API client used by the wallet to communicate with the credential issuer.

OAuth2Client defines a generic OAuth2 client.

WalletAPIClient defines a client interface for communicating with a remote wallet over OpenID4VCI.

CredentialOfferStatus defines the status of a credential offer flow.

ErrorCode specifies error codes as defined by the OpenID4VCI spec.