fix: added a couple of todos for handling v11, plus changed the getIs…

…suer method to throw exception if nothing is found, and some other pr notes
Sphereon-Opensource · Apr 5, 2023 · 091786e · 091786e
1 parent c478788
commit 091786e
Show file tree

Hide file tree

Showing 6 changed files with 24 additions and 14 deletions.
diff --git a/packages/client/lib/AccessTokenClient.ts b/packages/client/lib/AccessTokenClient.ts
@@ -37,7 +37,7 @@ export class AccessTokenClient {
     const { request } = credentialOffer;
 
     const isPinRequired = this.isPinRequiredValue(request);
-    const issuerOpts = { issuer: 'issuer' in request ? request.issuer : 'credential_issuer' in request ? request.credential_issuer : '' };
+    const issuerOpts = { issuer: getIssuerFromCredentialOfferPayload(request) };
 
     return await this.acquireAccessTokenUsingRequest({
       accessTokenRequest: await this.createAccessTokenRequest({
@@ -103,6 +103,7 @@ export class AccessTokenClient {
         throw new Error('Cannot pass a code_verifier when flow type is pre-authorized');
       }
       request.grant_type = GrantTypes.PRE_AUTHORIZED_CODE;
+      //todo: handle this for v11
       request[PRE_AUTH_CODE_LITERAL] = (credentialOfferRequest as CredentialOfferV1_0_09)[PRE_AUTH_CODE_LITERAL];
     }
     if ('op_state' in credentialOfferRequest || 'issuer_state' in credentialOfferRequest) {
@@ -115,6 +116,7 @@ export class AccessTokenClient {
       request.redirect_uri = redirectUri;
       request.grant_type = GrantTypes.AUTHORIZATION_CODE;
     }
+    //todo: handle this for v11
     if (request.grant_type === GrantTypes.AUTHORIZATION_CODE && (credentialOfferRequest as CredentialOfferV1_0_09)[PRE_AUTH_CODE_LITERAL]) {
       throw Error('A pre_authorized_code flow cannot have an op_state in the initiation request');
     }

diff --git a/packages/client/lib/AuthorizationDetailsBuilder.ts b/packages/client/lib/AuthorizationDetailsBuilder.ts
@@ -36,7 +36,8 @@ export class AuthorizationDetailsBuilder {
     return this;
   }
 
-  build(): AuthorizationDetailsJwtVcJson {
+  //todo: we have to consider one thing, if this is a general purpose builder, we want to support ldp types here as well. and for that we need a few checks.
+  buildJwtVcJson(): AuthorizationDetailsJwtVcJson {
     if (this.authorizationDetails.format && this.authorizationDetails.type) {
       return this.authorizationDetails as AuthorizationDetailsJwtVcJson;
     }

diff --git a/packages/client/lib/CredentialOffer.ts b/packages/client/lib/CredentialOffer.ts
@@ -7,7 +7,7 @@ import {
 } from '@sphereon/openid4vci-common';
 import Debug from 'debug';
 
-import { convertJsonToURI, convertURIToJsonObject, determineSpecVersionFromURI } from './functions';
+import {convertJsonToURI, convertURIToJsonObject, determineSpecVersionFromURI} from './functions';
 
 const debug = Debug('sphereon:openid4vci:initiation');
 
@@ -20,15 +20,18 @@ export class CredentialOffer {
     }
     const baseUrl = uri.split('?')[0];
     const version = determineSpecVersionFromURI(uri);
-    const issuanceInitiationRequest: CredentialOfferPayload = convertURIToJsonObject(uri, {
+    const issuanceInitiationRequest: CredentialOfferPayload = (version < OpenId4VCIVersion.VER_1_0_11)? convertURIToJsonObject(uri, {
       arrayTypeProperties: ['credential_type'],
       requiredProperties: ['issuer', 'credential_type'],
-    }) as CredentialOfferV1_0_09;
+    }) as CredentialOfferV1_0_09: convertURIToJsonObject(uri, {
+      arrayTypeProperties: ['credentials'],
+      requiredProperties: ['credentials', 'credential_issuer']
+    }) as CredentialOfferPayloadV1_0_11
 
     const request =
       version < OpenId4VCIVersion.VER_1_0_11.valueOf()
         ? (issuanceInitiationRequest as CredentialOfferV1_0_09)
-        : (issuanceInitiationRequest as unknown as CredentialOfferPayloadV1_0_11);
+        : (issuanceInitiationRequest as CredentialOfferPayloadV1_0_11);
 
     return {
       baseUrl,

diff --git a/packages/client/lib/OpenID4VCIClient.ts b/packages/client/lib/OpenID4VCIClient.ts
@@ -119,6 +119,7 @@ export class OpenID4VCIClient {
       scope = `openid ${scope}`;
     }
 
+    //fixme: handle this for v11
     const queryObj = {
       response_type: ResponseType.AUTH_CODE,
       client_id: clientId,

diff --git a/packages/client/lib/__tests__/AuthorizationDetailsBuilder.spec.ts b/packages/client/lib/__tests__/AuthorizationDetailsBuilder.spec.ts
@@ -8,7 +8,7 @@ describe('AuthorizationDetailsBuilder test', () => {
       .withFormats('jwt_vc' as CredentialFormatEnum)
       .withLocations(['test1', 'test2'])
       .withType('openid_credential')
-      .build();
+      .buildJwtVcJson();
     expect(actual).toEqual({
       type: 'openid_credential',
       format: 'jwt_vc',
@@ -20,7 +20,7 @@ describe('AuthorizationDetailsBuilder test', () => {
       .withFormats('jwt_vc' as CredentialFormatEnum)
       .withLocations(['test1'])
       .withType('openid_credential')
-      .build();
+      .buildJwtVcJson();
     expect(actual).toEqual({
       type: 'openid_credential',
       format: 'jwt_vc',
@@ -31,7 +31,7 @@ describe('AuthorizationDetailsBuilder test', () => {
     const actual = new AuthorizationDetailsBuilder()
       .withFormats('jwt_vc' as CredentialFormatEnum)
       .withType('openid_credential')
-      .build();
+      .buildJwtVcJson();
     expect(actual).toEqual({
       type: 'openid_credential',
       format: 'jwt_vc',
@@ -42,19 +42,19 @@ describe('AuthorizationDetailsBuilder test', () => {
       new AuthorizationDetailsBuilder()
         .withFormats('jwt_vc' as CredentialFormatEnum)
         .withLocations(['test1'])
-        .build();
+        .buildJwtVcJson();
     }).toThrow(Error('Type and format are required properties'));
   });
   it('should fail if format is missing', () => {
     expect(() => {
-      new AuthorizationDetailsBuilder().withType('openid_credential').withLocations(['test1']).build();
+      new AuthorizationDetailsBuilder().withType('openid_credential').withLocations(['test1']).buildJwtVcJson();
     }).toThrow(Error('Type and format are required properties'));
   });
   it('should be able to add random field to the object', () => {
     const actual = new AuthorizationDetailsBuilder()
       .withFormats('jwt_vc' as CredentialFormatEnum)
       .withType('openid_credential')
-      .build();
+      .buildJwtVcJson();
     actual['random'] = 'test';
     expect(actual).toEqual({
       type: 'openid_credential',

diff --git a/packages/common/lib/functions/CredentialOfferUtil.ts b/packages/common/lib/functions/CredentialOfferUtil.ts
@@ -1,4 +1,4 @@
-import { CredentialOfferPayload, DefaultURISchemes, OpenId4VCIVersion } from '../types';
+import {CredentialOfferPayload, DefaultURISchemes, OpenId4VCIVersion, TokenErrorResponse} from '../types';
 
 export function determineSpecVersionFromURI(uri: string): OpenId4VCIVersion {
   let version: OpenId4VCIVersion = OpenId4VCIVersion.VER_UNKNOWN;
@@ -51,5 +51,8 @@ function recordVersion(determinedVersion: OpenId4VCIVersion, potentialVersion: O
 }
 
 export function getIssuerFromCredentialOfferPayload(request: CredentialOfferPayload): string {
-  return 'issuer' in request ? request.issuer : 'credential_issuer' in request ? request.credential_issuer : '';
+  if (!request || !('issuer' in request) || ('credential_issuer' in request)) {
+    throw new Error(TokenErrorResponse.invalid_request)
+  }
+  return 'issuer' in request ? request.issuer : request['credential_issuer'];
 }