Require mDL session transcript option when submitting an mDL.

Author: dlongley

lib/authorizationResponse.js

@@ -42,6 +42,15 @@ export async function send({
 
     // if `authorizationRequest.response_mode` is `direct.jwt` generate a JWT
     if(authorizationRequest.response_mode === 'direct_post.jwt') {
+      if(submitsFormat({presentationSubmission, format: 'mso_mdoc'}) &&
+        !encryptionOptions?.mdl?.sessionTranscript) {
+        throw createNamedError({
+          message: '"encryptionOptions.mdl.sessionTranscript" is required ' +
+            'when submitting an mDL presentation.',
+          name: 'DataError'
+        });
+      }
+
       const jwt = await _encrypt({
         vpToken, presentationSubmission, authorizationRequest,
         encryptionOptions
@@ -135,6 +144,22 @@ export function createPresentationSubmission({
   return {presentationSubmission};
 }
 
+export function submitsFormat({presentationSubmission, format} = {}) {
+  /* e.g. presentation submission submitting an mdoc:
+  {
+    "definition_id": "mDL-sample-req",
+    "id": "mDL-sample-res",
+    "descriptor_map": [{
+      "id": "org.iso.18013.5.1.mDL",
+      "format": "mso_mdoc",
+      "path": "$"
+    }]
+  }
+  */
+  return presentationSubmission?.descriptor_map?.some(
+    e => e?.format === format);
+}
+
 async function _encrypt({
   vpToken, presentationSubmission, authorizationRequest, encryptionOptions
 }) {
@@ -153,13 +178,13 @@ async function _encrypt({
 
   // configure `keyManagementParameters` for `EncryptJWT` API
   const keyManagementParameters = {};
-  if(encryptionOptions?.mdoc?.sessionTranscript) {
+  if(encryptionOptions?.mdl?.sessionTranscript) {
     // ISO 18013-7: include specific session transcript params as apu + apv
     const {
       mdocGeneratedNonce,
       // default to using `authorizationRequest.nonce` for verifier nonce
       verifierGeneratedNonce = authorizationRequest.nonce
-    } = encryptionOptions.mdoc.sessionTranscript;
+    } = encryptionOptions.mdl.sessionTranscript;
     // note: `EncryptJWT` API requires `apu/apv` (`partyInfoU`/`partyInfoV`)
     // to be passed as Uint8Arrays; they will be encoded using `base64url` by
     // that API