Skip to content

Commit

Permalink
chore: addressing PR comments
Browse files Browse the repository at this point in the history
  • Loading branch information
@Brummos
Brummos committed Jan 22, 2025
1 parent bfb52ee commit 5c4b66e
Show file tree
Hide file tree
Showing 8 changed files with 17 additions and 20 deletions.
5 changes: 2 additions & 3 deletions packages/client/lib/MetadataClient.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -85,6 +85,7 @@ export class MetadataClient {
if (credentialIssuerMetadata.token_endpoint) {
token_endpoint = credentialIssuerMetadata.token_endpoint;
}
authorization_challenge_endpoint = credentialIssuerMetadata.authorization_challenge_endpoint
if (credentialIssuerMetadata.authorization_servers) {
authorization_servers = credentialIssuerMetadata.authorization_servers as string[];
} else if (credentialIssuerMetadata.authorization_server) {
Expand Down Expand Up @@ -131,9 +132,7 @@ export class MetadataClient {
);
}
authorization_endpoint = authMetadata.authorization_endpoint;
if (!authMetadata.authorization_challenge_endpoint) {
debug(`Authorization Server ${authorization_servers} did not provide a authorization_challenge_endpoint`);
} else if (authorization_challenge_endpoint && authMetadata.authorization_challenge_endpoint !== authorization_challenge_endpoint) {
if (authorization_challenge_endpoint && authMetadata.authorization_challenge_endpoint !== authorization_challenge_endpoint) {
throw Error(
`Credential issuer has a different authorization_challenge_endpoint (${authorization_challenge_endpoint}) from the Authorization Server (${authMetadata.authorization_challenge_endpoint})`,
);
Expand Down
5 changes: 2 additions & 3 deletions packages/client/lib/MetadataClientV1_0_11.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -62,6 +62,7 @@ export class MetadataClientV1_0_11 {
if (credentialIssuerMetadata.token_endpoint) {
token_endpoint = credentialIssuerMetadata.token_endpoint;
}
authorization_challenge_endpoint = credentialIssuerMetadata.authorization_challenge_endpoint
if (credentialIssuerMetadata.authorization_server) {
authorization_server = credentialIssuerMetadata.authorization_server;
}
Expand Down Expand Up @@ -106,9 +107,7 @@ export class MetadataClientV1_0_11 {
);
}
authorization_endpoint = authMetadata.authorization_endpoint;
if (!authMetadata.authorization_challenge_endpoint) {
debug(`Authorization Server ${authorization_server} did not provide a authorization_challenge_endpoint`);
} else if (authorization_challenge_endpoint && authMetadata.authorization_challenge_endpoint !== authorization_challenge_endpoint) {
if (authorization_challenge_endpoint && authMetadata.authorization_challenge_endpoint !== authorization_challenge_endpoint) {
throw Error(
`Credential issuer has a different authorization_challenge_endpoint (${authorization_challenge_endpoint}) from the Authorization Server (${authMetadata.authorization_challenge_endpoint})`,
);
Expand Down
5 changes: 2 additions & 3 deletions packages/client/lib/MetadataClientV1_0_13.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -62,6 +62,7 @@ export class MetadataClientV1_0_13 {
if (credentialIssuerMetadata.token_endpoint) {
token_endpoint = credentialIssuerMetadata.token_endpoint;
}
authorization_challenge_endpoint = credentialIssuerMetadata.authorization_challenge_endpoint
if (credentialIssuerMetadata.authorization_servers) {
authorization_servers = credentialIssuerMetadata.authorization_servers;
}
Expand Down Expand Up @@ -105,9 +106,7 @@ export class MetadataClientV1_0_13 {
);
}
authorization_endpoint = authMetadata.authorization_endpoint;
if (!authMetadata.authorization_challenge_endpoint) {
debug(`Authorization Server ${authorization_servers} did not provide a authorization_challenge_endpoint`);
} else if (authorization_challenge_endpoint && authMetadata.authorization_challenge_endpoint !== authorization_challenge_endpoint) {
if (authorization_challenge_endpoint && authMetadata.authorization_challenge_endpoint !== authorization_challenge_endpoint) {
throw Error(
`Credential issuer has a different authorization_challenge_endpoint (${authorization_challenge_endpoint}) from the Authorization Server (${authMetadata.authorization_challenge_endpoint})`,
);
Expand Down
4 changes: 2 additions & 2 deletions packages/client/lib/__tests__/OpenID4VCIClient.spec.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -213,7 +213,7 @@ describe('OpenID4VCIClient should', () => {
it('it should successfully respond with a authorization code when authorization challenge is used', async () => {
const url = new URL(`${MOCK_URL}/authorize-challenge`)
const responseBody = {
authorization_code: 'test_value',
authorization_code: 'test_authorization_code',
};
(await client.retrieveServerMetadata()).authorization_challenge_endpoint = url.toString()

Expand All @@ -228,7 +228,7 @@ describe('OpenID4VCIClient should', () => {
const response = await client.acquireAuthorizationChallengeCode({ clientId: client.clientId, authSession, presentationDuringIssuanceSession });

expect(response).toBeDefined();
expect(response.authorization_code).toBeDefined();
expect(response.authorization_code).toEqual(responseBody.authorization_code);
})

});
Expand Down
4 changes: 2 additions & 2 deletions packages/client/lib/__tests__/OpenID4VCIClientV1_0_11.spec.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -224,7 +224,7 @@ describe('OpenID4VCIClientV1_0_11 should', () => {
it('it should successfully respond with a authorization code when authorization challenge is used', async () => {
const url = new URL(`${MOCK_URL}/authorize-challenge`)
const responseBody = {
authorization_code: 'test_value',
authorization_code: 'test_authorization_code',
};
(await client.retrieveServerMetadata()).authorization_challenge_endpoint = url.toString()

Expand All @@ -239,7 +239,7 @@ describe('OpenID4VCIClientV1_0_11 should', () => {
const response = await client.acquireAuthorizationChallengeCode({ clientId: client.clientId, authSession, presentationDuringIssuanceSession });

expect(response).toBeDefined();
expect(response.authorization_code).toBeDefined();
expect(response.authorization_code).toEqual(responseBody.authorization_code);
})
});

Expand Down
4 changes: 2 additions & 2 deletions packages/client/lib/__tests__/OpenID4VCIClientV1_0_13.spec.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -205,7 +205,7 @@ describe('OpenID4VCIClientV1_0_13 should', () => {
it('it should successfully respond with a authorization code when authorization challenge is used', async () => {
const url = new URL(`${MOCK_URL}/authorize-challenge`)
const responseBody = {
authorization_code: 'test_value',
authorization_code: 'test_authorization_code',
};
(await client.retrieveServerMetadata()).authorization_challenge_endpoint = url.toString()

Expand All @@ -220,6 +220,6 @@ describe('OpenID4VCIClientV1_0_13 should', () => {
const response = await client.acquireAuthorizationChallengeCode({ clientId: client.clientId, authSession, presentationDuringIssuanceSession });

expect(response).toBeDefined();
expect(response.authorization_code).toBeDefined();
expect(response.authorization_code).toEqual(responseBody.authorization_code);
})
});
4 changes: 2 additions & 2 deletions packages/issuer-rest/lib/OID4VCIServer.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -101,7 +101,7 @@ export interface IAuthorizationChallengeEndpointOpts extends ISingleEndpointOpts
verifyAuthResponseCallback: (correlationId: string) => Promise<boolean>
}

export interface IEndpointOpts {
export interface IOID4VCIEndpointOpts {
tokenEndpointOpts?: ITokenEndpointOpts
notificationOpts?: ISingleEndpointOpts
createCredentialOfferOpts?: ICreateCredentialOfferEndpointOpts
Expand All @@ -112,7 +112,7 @@ export interface IEndpointOpts {
}

export interface IOID4VCIServerOpts extends HasEndpointOpts {
endpointOpts?: IEndpointOpts
endpointOpts?: IOID4VCIEndpointOpts
baseUrl?: string
}

Expand Down
6 changes: 3 additions & 3 deletions packages/issuer-rest/lib/oid4vci-api-functions.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -105,7 +105,7 @@ export function authorizationChallengeEndpoint<DIDDoc extends object>(
const endpoint = issuer.authorizationServerMetadata.authorization_challenge_endpoint ?? issuer.issuerMetadata.authorization_challenge_endpoint
const baseUrl = getBaseUrl(opts.baseUrl)
if (!endpoint) {
LOG.warning('authorization challenge endpoint disabled as no "authorization_challenge_endpoint" has been configured in issuer metadata')
LOG.info('authorization challenge endpoint disabled as no "authorization_challenge_endpoint" has been configured in issuer metadata')
return
}
const path = determinePath(baseUrl, endpoint, { stripBasePath: true })
Expand Down Expand Up @@ -138,7 +138,7 @@ export function authorizationChallengeEndpoint<DIDDoc extends object>(
throw authorizationChallengeErrorResponse
}

const authRequestURI = await opts.createAuthRequestUriCallback(issuer_state)
const authRequestURI = await opts.createAuthRequestUriCallback(issuer_state) // TODO generate some error
const authorizationChallengeErrorResponse: AuthorizationChallengeErrorResponse = {
error: AuthorizationChallengeError.insufficient_authorization,
auth_session: issuer_state,
Expand All @@ -157,7 +157,7 @@ export function authorizationChallengeEndpoint<DIDDoc extends object>(
throw authorizationChallengeErrorResponse
}

const verifiedResponse = await opts.verifyAuthResponseCallback(presentation_during_issuance_session)
const verifiedResponse = await opts.verifyAuthResponseCallback(presentation_during_issuance_session) // TODO generate some error
if (verifiedResponse) {
const authorizationCode = generateRandomString(16, 'base64url')
session.authorizationCode = authorizationCode
Expand Down

0 comments on commit 5c4b66e

Please sign in to comment.