fix: Make sure we use 'JWT' as typ instead of the lower case version as suggested in the JWT RFC.

Author: nklomp

packages/callback-example/lib/__tests__/issuerCallback.spec.ts

@@ -264,7 +264,7 @@ describe('issuerCallback', () => {
       // format: 'jwt_vc_json',
       proof: {
         jwt: expect.stringContaining('eyJhbGciOiJFUzI1NiIsImtpZCI6ImRpZDpleGFtcGxlOmViZmViMWY3MTJlYmM2ZjFj'),
-        proof_type: 'jwt',
+        proof_type: 'JWT',
       },
       credential_identifier: 'VerifiableCredential',
     })

packages/client/lib/AccessTokenClient.ts

@@ -50,6 +50,7 @@ export class AccessTokenClient {
         redirectUri,
         pin,
         pinMetadata,
+        credentialIssuer: issuer,
       }),
       pinMetadata,
       metadata,
@@ -95,7 +96,8 @@ export class AccessTokenClient {
     if (asOpts?.clientOpts?.clientId) {
       request.client_id = asOpts.clientOpts.clientId;
     }
-    await createJwtBearerClientAssertion(request, opts);
+    const credentialIssuer = opts.credentialIssuer ?? credentialOfferRequest?.credential_offer?.credential_issuer;
+    await createJwtBearerClientAssertion(request, { ...opts, credentialIssuer });
 
     if (credentialOfferRequest?.supportedFlows.includes(AuthzFlowType.PRE_AUTHORIZED_CODE_FLOW)) {
       this.assertAlphanumericPin(opts.pinMetadata, pin);

packages/client/lib/AccessTokenClientV1_0_11.ts

@@ -95,11 +95,12 @@ export class AccessTokenClientV1_0_11 {
       ? await toUniformCredentialOfferRequest(opts.credentialOffer as CredentialOfferV1_0_11 | CredentialOfferV1_0_13)
       : undefined;
     const request: Partial<AccessTokenRequest> = { ...opts.additionalParams };
+    const credentialIssuer = opts.credentialIssuer ?? credentialOfferRequest?.credential_offer?.credential_issuer;
 
     if (asOpts?.clientOpts?.clientId) {
       request.client_id = asOpts.clientOpts.clientId;
     }
-    await createJwtBearerClientAssertion(request, { ...opts, version: OpenId4VCIVersion.VER_1_0_11 });
+    await createJwtBearerClientAssertion(request, { ...opts, version: OpenId4VCIVersion.VER_1_0_11, credentialIssuer });
 
     if (credentialOfferRequest?.supportedFlows.includes(AuthzFlowType.PRE_AUTHORIZED_CODE_FLOW)) {
       this.assertNumericPin(this.isPinRequiredValue(credentialOfferRequest.credential_offer), pin);

packages/client/lib/AuthorizationCodeClient.ts

@@ -52,14 +52,14 @@ export async function createSignedAuthRequestWhenNeeded(requestObject: Record<st
     const iss = requestObject.iss ?? opts.iss ?? requestObject.client_id;
 
     const jwt: Jwt = {
-      header: { alg: 'ES256', kid: opts.kid, typ: 'jwt' },
+      header: { alg: 'ES256', kid: opts.kid, typ: 'JWT' },
       payload: { ...requestObject, iss, authorization_details, ...(client_metadata && { client_metadata }) },
     };
     const pop = await ProofOfPossessionBuilder.fromJwt({
       jwt,
       callbacks: opts.signCallbacks,
       version: OpenId4VCIVersion.VER_1_0_11,
-      mode: 'jwt',
+      mode: 'JWT',
     }).build();
     requestObject['request'] = pop.jwt;
   }

packages/client/lib/ProofOfPossessionBuilder.ts

@@ -53,7 +53,7 @@ export class ProofOfPossessionBuilder<DIDDoc> {
     if (jwt) {
       this.withJwt(jwt);
     } else {
-      this.withTyp(version < OpenId4VCIVersion.VER_1_0_11 || mode === 'jwt' ? 'jwt' : 'openid4vci-proof+jwt');
+      this.withTyp(version < OpenId4VCIVersion.VER_1_0_11 || mode === 'JWT' ? 'JWT' : 'openid4vci-proof+jwt');
     }
     if (accessTokenResponse) {
       this.withAccessTokenResponse(accessTokenResponse);
@@ -64,7 +64,7 @@ export class ProofOfPossessionBuilder<DIDDoc> {
     jwt,
     callbacks,
     version,
-    mode = 'jwt',
+    mode = 'JWT',
   }: {
     jwt?: Jwt;
     callbacks: ProofOfPossessionCallbacks<DIDDoc>;
@@ -144,11 +144,11 @@ export class ProofOfPossessionBuilder<DIDDoc> {
   withTyp(typ: Typ): this {
     if (this.mode === 'pop' && this.version >= OpenId4VCIVersion.VER_1_0_11) {
       if (!!typ && typ !== 'openid4vci-proof+jwt') {
-        throw Error('typ must be openid4vci-proof+jwt for version 1.0.11 and up');
+        throw Error(`typ must be openid4vci-proof+jwt for version 1.0.11 and up. Provided: ${typ}`);
       }
     } else {
-      if (!!typ && typ !== 'jwt') {
-        throw Error('typ must be jwt for version 1.0.10 and below');
+      if (!!typ && typ !== 'JWT') {
+        throw Error(`typ must be jwt for version 1.0.10 and below. Provided: ${typ}`);
       }
     }
     this.typ = typ;
@@ -216,7 +216,7 @@ export class ProofOfPossessionBuilder<DIDDoc> {
         this.mode,
         this.callbacks,
         {
-          typ: this.typ ?? (this.version < OpenId4VCIVersion.VER_1_0_11 || this.mode === 'jwt' ? 'jwt' : 'openid4vci-proof+jwt'),
+          typ: this.typ ?? (this.version < OpenId4VCIVersion.VER_1_0_11 || this.mode === 'JWT' ? 'JWT' : 'openid4vci-proof+jwt'),
           kid: this.kid,
           jwk: this.jwk,
           jti: this.jti,

packages/client/lib/__tests__/CredentialRequestClient.spec.ts

@@ -29,7 +29,7 @@ import { getMockData } from './data/VciDataFixtures';
 const partialJWT = 'eyJhbGciOiJFUzI1NiJ9.eyJpc3MiOiJkaWQ6ZXhhbXBsZTplYmZlYjFmN';
 
 const jwt1_0_08: Jwt = {
-  header: { alg: Alg.ES256, kid: 'did:example:ebfeb1f712ebc6f1c276e12ec21/keys/1', typ: 'jwt' },
+  header: { alg: Alg.ES256, kid: 'did:example:ebfeb1f712ebc6f1c276e12ec21/keys/1', typ: 'JWT' },
   payload: { iss: 'sphereon:wallet', nonce: 'tZignsnFbp', jti: 'tZignsnFbp223', aud: IDENTIPROOF_ISSUER_URL },
 };
 
@@ -184,7 +184,7 @@ describe('Credential Request Client with different issuers ', () => {
       .build()
       .createCredentialRequest({
         proofInput: {
-          proof_type: 'jwt',
+          proof_type: 'JWT',
           jwt: getMockData('spruce')?.credential.request.proof.jwt as string,
         },
         credentialTypes: 'OpenBadgeCredential',
@@ -208,7 +208,7 @@ describe('Credential Request Client with different issuers ', () => {
       .build()
       .createCredentialRequest({
         proofInput: {
-          proof_type: 'jwt',
+          proof_type: 'JWT',
           jwt: getMockData('walt')?.credential.request.proof.jwt as string,
         },
         credentialTypes: ['OpenBadgeCredential'],
@@ -231,7 +231,7 @@ describe('Credential Request Client with different issuers ', () => {
       .build()
       .createCredentialRequest({
         proofInput: {
-          proof_type: 'jwt',
+          proof_type: 'JWT',
           jwt: getMockData('uniissuer')?.credential.request.proof.jwt as string,
         },
         credentialIdentifier: 'OpenBadgeCredential',
@@ -253,7 +253,7 @@ describe('Credential Request Client with different issuers ', () => {
       .build()
       .createCredentialRequest({
         proofInput: {
-          proof_type: 'jwt',
+          proof_type: 'JWT',
           jwt: getMockData('mattr')?.credential.request.proof.jwt as string,
         },
         credentialTypes: ['OpenBadgeCredential'],
@@ -276,7 +276,7 @@ describe('Credential Request Client with different issuers ', () => {
       .build()
       .createCredentialRequest({
         proofInput: {
-          proof_type: 'jwt',
+          proof_type: 'JWT',
           jwt: getMockData('diwala')?.credential.request.proof.jwt as string,
         },
         credentialTypes: ['OpenBadgeCredential'],
@@ -318,7 +318,7 @@ describe('Credential Request Client with different issuers ', () => {
       .build()
       .createCredentialRequest({
         proofInput: {
-          proof_type: 'jwt',
+          proof_type: 'JWT',
           jwt: getMockData('diwala')?.credential.request.proof.jwt as string,
         },
         credentialIdentifier: 'BevoegdheidUittreksel_jwt_vc_json',
@@ -337,7 +337,7 @@ describe('Credential Request Client with different issuers ', () => {
     expect(credentialRequest.credential_identifier).toEqual('BevoegdheidUittreksel_jwt_vc_json');
     expect(credentialRequest.proof).toEqual({
       jwt: 'eyJ0eXAiOiJKV1QiLCJhbGciOiJFZERTQSIsImtpZCI6ImRpZDprZXk6ejZNa3AxM3N6QUFMVFN0cDV1OGtMcnl5YW5vYWtrVWtFUGZXazdvOHY3dms0RW1KI3o2TWtwMTNzekFBTFRTdHA1dThrTHJ5eWFub2Fra1VrRVBmV2s3bzh2N3ZrNEVtSiJ9.eyJhdWQiOiJodHRwczovL29pZGM0dmMuZGl3YWxhLmlvIiwiaWF0IjoxNjgxOTE1MDk1LjIwMiwiZXhwIjoxNjgxOTE1NzU1LjIwMiwiaXNzIjoic3BoZXJlb246c3NpLXdhbGxldCIsImp0aSI6IjYxN2MwM2EzLTM3MTUtNGJlMy1hYjkxNzM4MTlmYzYxNTYzIn0.KA-cHjecaYp9FSaWHkz5cqtNyhBIVT_0I7cJnpHn03T4UWFvdhjhn8Hpe-BU247enFyWOWJ6v3NQZyZgle7xBA',
-      proof_type: 'jwt',
+      proof_type: 'JWT',
     });
   });
 });

packages/client/lib/__tests__/CredentialRequestClientBuilder.spec.ts

@@ -20,7 +20,7 @@ const partialJWT = 'eyJhbGciOiJFUzI1NiJ9.eyJpc3MiOiJkaWQ6ZXhhbXBsZTplYmZlYjFmN';
 const partialJWT_withoutDid = 'eyJhbGciOiJFUzI1NiJ9.eyJpc3MiOiJlYmZlYjFmNzEyZWJjNmYxYzI3N';
 
 /*const jwtv1_0_08: Jwt = {
-  header: { alg: Alg.ES256, kid: 'did:example:ebfeb1f712ebc6f1c276e12ec21/keys/1', typ: 'jwt' },
+  header: { alg: Alg.ES256, kid: 'did:example:ebfeb1f712ebc6f1c276e12ec21/keys/1', typ: 'JWT' },
   payload: { iss: 'sphereon:wallet', nonce: 'tZignsnFbp', jti: 'tZignsnFbp223', aud: IDENTIPROOF_ISSUER_URL },
 };*/
 

packages/client/lib/__tests__/CredentialRequestClientV1_0_11.spec.ts

@@ -31,12 +31,12 @@ const partialJWT = 'eyJhbGciOiJFUzI1NiJ9.eyJpc3MiOiJkaWQ6ZXhhbXBsZTplYmZlYjFmN';
 const partialJWT_withoutDid = 'eyJhbGciOiJFUzI1NiJ9.eyJpc3MiOiJlYmZlYjFmNzEyZWJjNmYxYzI3N';
 
 const jwt: Jwt = {
-  header: { alg: Alg.ES256, kid: 'did:example:ebfeb1f712ebc6f1c276e12ec21/keys/1', typ: 'jwt' },
+  header: { alg: Alg.ES256, kid: 'did:example:ebfeb1f712ebc6f1c276e12ec21/keys/1', typ: 'JWT' },
   payload: { iss: 'sphereon:wallet', nonce: 'tZignsnFbp', jti: 'tZignsnFbp223', aud: IDENTIPROOF_ISSUER_URL },
 };
 
 const jwt_withoutDid: Jwt = {
-  header: { alg: Alg.ES256, kid: 'ebfeb1f712ebc6f1c276e12ec21/keys/1', typ: 'jwt' },
+  header: { alg: Alg.ES256, kid: 'ebfeb1f712ebc6f1c276e12ec21/keys/1', typ: 'JWT' },
   payload: { iss: 'sphereon:wallet', nonce: 'tZignsnFbp', jti: 'tZignsnFbp223', aud: IDENTIPROOF_ISSUER_URL },
 };
 
@@ -305,7 +305,7 @@ describe('Credential Request Client with different issuers ', () => {
       .build()
       .createCredentialRequest({
         proofInput: {
-          proof_type: 'jwt',
+          proof_type: 'JWT',
           jwt: getMockData('spruce')?.credential.request.proof.jwt as string,
         },
         credentialTypes: ['OpenBadgeCredential'],
@@ -329,7 +329,7 @@ describe('Credential Request Client with different issuers ', () => {
       .build()
       .createCredentialRequest({
         proofInput: {
-          proof_type: 'jwt',
+          proof_type: 'JWT',
           jwt: getMockData('walt')?.credential.request.proof.jwt as string,
         },
         credentialTypes: ['OpenBadgeCredential'],
@@ -352,7 +352,7 @@ describe('Credential Request Client with different issuers ', () => {
       .build()
       .createCredentialRequest({
         proofInput: {
-          proof_type: 'jwt',
+          proof_type: 'JWT',
           jwt: getMockData('uniissuer')?.credential.request.proof.jwt as string,
         },
         credentialTypes: ['OpenBadgeCredential'],
@@ -374,7 +374,7 @@ describe('Credential Request Client with different issuers ', () => {
       .build()
       .createCredentialRequest({
         proofInput: {
-          proof_type: 'jwt',
+          proof_type: 'JWT',
           jwt: getMockData('mattr')?.credential.request.proof.jwt as string,
         },
         credentialTypes: ['OpenBadgeCredential'],
@@ -397,7 +397,7 @@ describe('Credential Request Client with different issuers ', () => {
       .build()
       .createCredentialRequest({
         proofInput: {
-          proof_type: 'jwt',
+          proof_type: 'JWT',
           jwt: getMockData('diwala')?.credential.request.proof.jwt as string,
         },
         credentialTypes: ['OpenBadgeCredential'],

packages/client/lib/__tests__/ProofOfPossessionBuilder.spec.ts

@@ -8,12 +8,12 @@ import { ProofOfPossessionBuilder } from '..';
 import { IDENTIPROOF_ISSUER_URL } from './MetadataMocks';
 
 const jwt: Jwt = {
-  header: { alg: Alg.ES256, kid: 'did:example:ebfeb1f712ebc6f1c276e12ec21/keys/1', typ: 'jwt' },
+  header: { alg: Alg.ES256, kid: 'did:example:ebfeb1f712ebc6f1c276e12ec21/keys/1', typ: 'JWT' },
   payload: { iss: 'sphereon:wallet', nonce: 'tZignsnFbp', jti: 'tZignsnFbp223', aud: IDENTIPROOF_ISSUER_URL, iat: Date.now() / 1000 },
 };
 
 const jwt_withoutDid: Jwt = {
-  header: { alg: Alg.ES256, kid: 'ebfeb1f712ebc6f1c276e12ec21/keys/1', typ: 'jwt' },
+  header: { alg: Alg.ES256, kid: 'ebfeb1f712ebc6f1c276e12ec21/keys/1', typ: 'JWT' },
   payload: { iss: 'sphereon:wallet', nonce: 'tZignsnFbp', jti: 'tZignsnFbp223', aud: IDENTIPROOF_ISSUER_URL, iat: Date.now() / 1000 },
 };
 

packages/client/lib/__tests__/data/VciDataFixtures.ts

@@ -51,7 +51,7 @@ export interface IssuerMockData {
       type?: string;
       format: 'jwt_vc' | 'ldp_vc' | 'jwt_vc_json-ld' | string;
       proof: {
-        proof_type: 'jwt' | string;
+        proof_type: 'JWT' | string;
         jwt: string;
       };
     };
@@ -119,7 +119,7 @@ const mockData: VciMockDataStructure = {
         type: 'OpenBadgeCredential',
         format: 'jwt_vc',
         proof: {
-          proof_type: 'jwt',
+          proof_type: 'JWT',
           jwt: 'eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NksiLCJraWQiOiJkaWQ6andrOmV5SmhiR2NpT2lKRlV6STFOa3NpTENKMWMyVWlPaUp6YVdjaUxDSnJkSGtpT2lKRlF5SXNJbU55ZGlJNkluTmxZM0F5TlRack1TSXNJbmdpT2lKclpuVmpTa0V0VEhKck9VWjBPRmx5TFVkMlQzSmpia3N3YjNkc2RqUlhNblUwU3pJeFNHZHZTVlIzSWl3aWVTSTZJalozY0ZCUE1rOUNRVXBTU0ZFMVRXdEtXVlJaV0dsQlJFUXdOMU5OTlV0amVXcDNYMkUzVUUxWmVGa2lmUSMwIn0.eyJhdWQiOiJodHRwczovL25naS1vaWRjNHZjaS10ZXN0LnNwcnVjZWlkLnh5eiIsImlhdCI6MTY4MTkxMTA2MC45NDIsImV4cCI6MTY4MTkxMTcyMC45NDIsImlzcyI6InNwaGVyZW9uOnNzaS13YWxsZXQiLCJqdGkiOiJhNjA4MzMxZi02ZmE0LTQ0ZjAtYWNkZWY5NmFjMjdmNmQ3MCJ9.NwF3_41gwnlIdd_6Uk9CczeQHzIQt6UcvTT5Cxv72j9S1vNwiY9annA2kLsjsTiR5-WMBdUhJCO7wYCtZ15mxw',
         },
       },
@@ -365,7 +365,7 @@ const mockData: VciMockDataStructure = {
         types: ['OpenBadgeCredential'],
         format: 'jwt_vc',
         proof: {
-          proof_type: 'jwt',
+          proof_type: 'JWT',
           jwt: 'eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NksiLCJraWQiOiJkaWQ6andrOmV5SmhiR2NpT2lKRlV6STFOa3NpTENKMWMyVWlPaUp6YVdjaUxDSnJkSGtpT2lKRlF5SXNJbU55ZGlJNkluTmxZM0F5TlRack1TSXNJbmdpT2lKclpuVmpTa0V0VEhKck9VWjBPRmx5TFVkMlQzSmpia3N3YjNkc2RqUlhNblUwU3pJeFNHZHZTVlIzSWl3aWVTSTZJalozY0ZCUE1rOUNRVXBTU0ZFMVRXdEtXVlJaV0dsQlJFUXdOMU5OTlV0amVXcDNYMkUzVUUxWmVGa2lmUSMwIn0.eyJhdWQiOiJodHRwczovL2pmZi53YWx0LmlkL2lzc3Vlci1hcGkvZGVmYXVsdC9vaWRjLyIsImlhdCI6MTY4MTkxMTk0Mi4yMzgsImV4cCI6MTY4MTkxMjYwMi4yMzgsIm5vbmNlIjoiZjA2YTMxMDUtYTJlZC00NGZjLTk1NGItNGEyNTk3MDM0OTNiIiwiaXNzIjoic3BoZXJlb246c3NpLXdhbGxldCIsImp0aSI6IjA1OWM3ODA5LTlmOGYtNGE3ZS1hZDI4YTNhMTNhMGIzNmViIn0.RfiWyybxpe3nkx3b0yIsqDHQtvB1WwhDW4t0X-kijy2dsSfv2cYhSEmAzs1shg7OV4EW8fSzt_Te79xiVl6jCw',
         },
       },
@@ -483,7 +483,7 @@ const mockData: VciMockDataStructure = {
         types: ['OpenBadgeCredential'],
         format: 'jwt_vc',
         proof: {
-          proof_type: 'jwt',
+          proof_type: 'JWT',
           jwt: 'eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NksiLCJraWQiOiJkaWQ6andrOmV5SmhiR2NpT2lKRlV6STFOa3NpTENKMWMyVWlPaUp6YVdjaUxDSnJkSGtpT2lKRlF5SXNJbU55ZGlJNkluTmxZM0F5TlRack1TSXNJbmdpT2lKclpuVmpTa0V0VEhKck9VWjBPRmx5TFVkMlQzSmpia3N3YjNkc2RqUlhNblUwU3pJeFNHZHZTVlIzSWl3aWVTSTZJalozY0ZCUE1rOUNRVXBTU0ZFMVRXdEtXVlJaV0dsQlJFUXdOMU5OTlV0amVXcDNYMkUzVUUxWmVGa2lmUSMwIn0.eyJhdWQiOiJodHRwczovL29pZGM0dmMudW5paXNzdWVyLmlvLyIsImlhdCI6MTY4MTkxMjgzNy40MTQsImV4cCI6MTY4MTkxMzQ5Ny40MTQsIm5vbmNlIjoiMzhkMzZmM2ItNzJlMy00ODg2LWI2MGMtMzZiNzcwZDBlNGVhIiwiaXNzIjoic3BoZXJlb246c3NpLXdhbGxldCIsImp0aSI6ImIzYWEyMmFkLWExZTItNDJjOC1iMGI4ZTdjNDgzZDg4M2U4In0.awwIJ0422HSdOsCIe8k7zjxqY6RVaHK2ItUFqbmVjqLXxWt-Mp7cXF84n9HGgC8fgGOKmjlgXdNLr_Jiio_e3g',
         },
       },
@@ -582,7 +582,7 @@ const mockData: VciMockDataStructure = {
         type: 'OpenBadgeCredential',
         format: 'ldp_vc',
         proof: {
-          proof_type: 'jwt',
+          proof_type: 'JWT',
           jwt: 'eyJ0eXAiOiJKV1QiLCJhbGciOiJFZERTQSIsImtpZCI6ImRpZDprZXk6ejZNa3AxM3N6QUFMVFN0cDV1OGtMcnl5YW5vYWtrVWtFUGZXazdvOHY3dms0RW1KI3o2TWtwMTNzekFBTFRTdHA1dThrTHJ5eWFub2Fra1VrRVBmV2s3bzh2N3ZrNEVtSiJ9.eyJhdWQiOiJodHRwczovL2xhdW5jaHBhZC5tYXR0cmxhYnMuY29tIiwiaWF0IjoxNjgxOTE0NDgyLjUxOSwiZXhwIjoxNjgxOTE1MTQyLjUxOSwiaXNzIjoic3BoZXJlb246c3NpLXdhbGxldCIsImp0aSI6ImI5NDY1ZGE5LTY4OGYtNDdjNi04MjUwNDA0ZGNiOWI5Y2E5In0.uQ8ewOfIjy_1p_Gk6PjeEWccBJnjOca1pwbTWiCAFMQX9wlIsfeUdGtXUoHjH5_PQtpwytodx7WU456_CT9iBQ',
         },
       },
@@ -696,7 +696,7 @@ const mockData: VciMockDataStructure = {
         type: 'OpenBadgeCredential',
         format: 'ldp_vc',
         proof: {
-          proof_type: 'jwt',
+          proof_type: 'JWT',
           jwt: 'eyJ0eXAiOiJKV1QiLCJhbGciOiJFZERTQSIsImtpZCI6ImRpZDprZXk6ejZNa3AxM3N6QUFMVFN0cDV1OGtMcnl5YW5vYWtrVWtFUGZXazdvOHY3dms0RW1KI3o2TWtwMTNzekFBTFRTdHA1dThrTHJ5eWFub2Fra1VrRVBmV2s3bzh2N3ZrNEVtSiJ9.eyJhdWQiOiJodHRwczovL29pZGM0dmMuZGl3YWxhLmlvIiwiaWF0IjoxNjgxOTE1MDk1LjIwMiwiZXhwIjoxNjgxOTE1NzU1LjIwMiwiaXNzIjoic3BoZXJlb246c3NpLXdhbGxldCIsImp0aSI6IjYxN2MwM2EzLTM3MTUtNGJlMy1hYjkxNzM4MTlmYzYxNTYzIn0.KA-cHjecaYp9FSaWHkz5cqtNyhBIVT_0I7cJnpHn03T4UWFvdhjhn8Hpe-BU247enFyWOWJ6v3NQZyZgle7xBA',
         },
       },