chore: for first party flow use presentation id from issuer options

packages/client/lib/AuthorizationCodeClient.ts

@@ -332,7 +332,6 @@ export const createAuthorizationChallengeRequest = async (opts: AuthorizationCha
     issuerState,
     authSession,
     scope,
-    definitionId,
     codeChallenge,
     codeChallengeMethod,
     presentationDuringIssuanceSession
@@ -345,7 +344,6 @@ export const createAuthorizationChallengeRequest = async (opts: AuthorizationCha
     scope,
     code_challenge: codeChallenge,
     code_challenge_method: codeChallengeMethod,
-    definition_id: definitionId,
     presentation_during_issuance_session: presentationDuringIssuanceSession
   }
 

packages/client/lib/MetadataClient.ts

@@ -132,7 +132,7 @@ export class MetadataClient {
       }
       authorization_endpoint = authMetadata.authorization_endpoint;
       if (!authMetadata.authorization_challenge_endpoint) {
-        console.warn(`Authorization Server ${authorization_challenge_endpoint} did not provide a authorization_challenge_endpoint`);
+        debug(`Authorization Server ${authorization_servers} did not provide a authorization_challenge_endpoint`);
       } else if (authorization_challenge_endpoint && authMetadata.authorization_challenge_endpoint !== authorization_challenge_endpoint) {
         throw Error(
           `Credential issuer has a different authorization_challenge_endpoint (${authorization_challenge_endpoint}) from the Authorization Server (${authMetadata.authorization_challenge_endpoint})`,

packages/client/lib/MetadataClientV1_0_11.ts

@@ -107,7 +107,7 @@ export class MetadataClientV1_0_11 {
       }
       authorization_endpoint = authMetadata.authorization_endpoint;
       if (!authMetadata.authorization_challenge_endpoint) {
-        console.warn(`Authorization Server ${authorization_challenge_endpoint} did not provide a authorization_challenge_endpoint`);
+        debug(`Authorization Server ${authorization_server} did not provide a authorization_challenge_endpoint`);
       } else if (authorization_challenge_endpoint && authMetadata.authorization_challenge_endpoint !== authorization_challenge_endpoint) {
         throw Error(
           `Credential issuer has a different authorization_challenge_endpoint (${authorization_challenge_endpoint}) from the Authorization Server (${authMetadata.authorization_challenge_endpoint})`,

packages/client/lib/MetadataClientV1_0_13.ts

@@ -106,7 +106,7 @@ export class MetadataClientV1_0_13 {
       }
       authorization_endpoint = authMetadata.authorization_endpoint;
       if (!authMetadata.authorization_challenge_endpoint) {
-        console.warn(`Authorization Server ${authorization_challenge_endpoint} did not provide a authorization_challenge_endpoint`);
+        debug(`Authorization Server ${authorization_servers} did not provide a authorization_challenge_endpoint`);
       } else if (authorization_challenge_endpoint && authMetadata.authorization_challenge_endpoint !== authorization_challenge_endpoint) {
         throw Error(
           `Credential issuer has a different authorization_challenge_endpoint (${authorization_challenge_endpoint}) from the Authorization Server (${authMetadata.authorization_challenge_endpoint})`,

packages/issuer-rest/lib/OID4VCIServer.ts

@@ -93,12 +93,12 @@ export interface IAuthorizationChallengeEndpointOpts extends ISingleEndpointOpts
    * Added an optional state parameter so that when direct calls are used,
    * one could set the state value of the RP session to match the state value of the VCI session.
    */
-  createAuthRequestUriCallback: (presentationDefinitionId: string, state?: string) => Promise<string>
+  createAuthRequestUriCallback: (state?: string) => Promise<string>
   /**
    * Callback used for verifying the status of the authorization response.
    * This is checked by the issuer before issuing an authorization code.
    */
-  verifyAuthResponseCallback: (presentationDefinitionId: string, correlationId: string) => Promise<boolean>
+  verifyAuthResponseCallback: (correlationId: string) => Promise<boolean>
 }
 
 export interface IOID4VCIServerOpts extends HasEndpointOpts {

packages/issuer-rest/lib/__tests__/authorizationChallengeCodeServer.spec.ts

@@ -131,22 +131,10 @@ describe('OID4VCIServer', () => {
     })
   })
 
-  it('should return http code 400 with message No definition id present', async () => {
-    const res = await requests(app)
-      .post('/authorize-challenge')
-      .send(`client_id=${uuidv4()}&issuer_state=${sessionId}`)
-    expect(res.statusCode).toEqual(400)
-    const actual = JSON.parse(res.text)
-    expect(actual).toEqual({
-      error: AuthorizationChallengeError.invalid_request,
-      error_description: 'No definition id present'
-    })
-  })
-
   it('should return http code 400 with error insufficient_authorization', async () => {
     const res = await requests(app)
       .post('/authorize-challenge')
-      .send(`client_id=${uuidv4()}&issuer_state=${sessionId}&definition_id=${'testValue'}`)
+      .send(`client_id=${uuidv4()}&issuer_state=${sessionId}`)
     expect(res.statusCode).toEqual(400)
     const actual = JSON.parse(res.text)
     expect(actual).toEqual({
@@ -159,7 +147,7 @@ describe('OID4VCIServer', () => {
   it('should return http code 400 with message Session is invalid with invalid auth_session', async () => {
     const res = await requests(app)
       .post('/authorize-challenge')
-      .send(`auth_session=${uuidv4()}&presentation_during_issuance_session=${uuidv4()}&definition_id=testDefinitionId`)
+      .send(`auth_session=${uuidv4()}&presentation_during_issuance_session=${uuidv4()}`)
     expect(res.statusCode).toEqual(400)
     const actual = JSON.parse(res.text)
     expect(actual).toEqual({
@@ -171,7 +159,7 @@ describe('OID4VCIServer', () => {
   it('should return http code 200 with authorization_code', async () => {
     const res = await requests(app)
       .post('/authorize-challenge')
-      .send(`auth_session=${sessionId}&presentation_during_issuance_session=${uuidv4()}&definition_id=testDefinitionId`)
+      .send(`auth_session=${sessionId}&presentation_during_issuance_session=${uuidv4()}`)
     expect(res.statusCode).toEqual(200)
     const actual = JSON.parse(res.text)
     expect(actual).toBeDefined()

packages/issuer-rest/lib/oid4vci-api-functions.ts

@@ -116,8 +116,7 @@ export function authorizationChallengeEndpoint<DIDDoc extends object>(
       client_id,
       issuer_state,
       auth_session,
-      presentation_during_issuance_session,
-      definition_id
+      presentation_during_issuance_session
     } = authorizationChallengeRequest
 
     try {
@@ -139,15 +138,7 @@ export function authorizationChallengeEndpoint<DIDDoc extends object>(
           throw authorizationChallengeErrorResponse
         }
 
-        if (!definition_id) {
-          const authorizationChallengeErrorResponse: AuthorizationChallengeErrorResponse = {
-            error: AuthorizationChallengeError.invalid_request,
-            error_description: 'No definition id present'
-          }
-          throw authorizationChallengeErrorResponse
-        }
-
-        const authRequestURI = await opts.createAuthRequestUriCallback(definition_id, issuer_state)
+        const authRequestURI = await opts.createAuthRequestUriCallback(issuer_state)
         const authorizationChallengeErrorResponse: AuthorizationChallengeErrorResponse = {
           error: AuthorizationChallengeError.insufficient_authorization,
           auth_session: issuer_state,
@@ -156,7 +147,7 @@ export function authorizationChallengeEndpoint<DIDDoc extends object>(
         throw authorizationChallengeErrorResponse
       }
 
-      if (auth_session && presentation_during_issuance_session && definition_id) {
+      if (auth_session && presentation_during_issuance_session) {
         const session = await issuer.credentialOfferSessions.get(auth_session)
         if (!session) {
           const authorizationChallengeErrorResponse: AuthorizationChallengeErrorResponse = {
@@ -166,7 +157,7 @@ export function authorizationChallengeEndpoint<DIDDoc extends object>(
           throw authorizationChallengeErrorResponse
         }
 
-        const verifiedResponse = await opts.verifyAuthResponseCallback(definition_id, presentation_during_issuance_session)
+        const verifiedResponse = await opts.verifyAuthResponseCallback(presentation_during_issuance_session)
         if (verifiedResponse) {
           const authorizationCode  = generateRandomString(16, 'base64url')
           session.authorizationCode = authorizationCode

packages/oid4vci-common/lib/types/Authorization.types.ts

@@ -108,10 +108,6 @@ export interface CommonAuthorizationChallengeRequest {
    * OPTIONAL. value must be set either to "S256" or a value defined by a cryptographically secure
    */
   code_challenge_method?: CodeChallengeMethod; // TODO what we do with this
-  /**
-   * OPTIONAL. A presentation definition id used to create the authorization request uri that will be used to authorize with the RP
-   */
-  definition_id?: string
   /**
    * OPTIONAL. String containing information about the session when credential presentation is happening during issuance of another
    * credential. The content of this parameter is opaque to the wallet. When this parameter is present the Wallet MUST use this parameter in
@@ -129,7 +125,6 @@ export interface AuthorizationChallengeRequestOpts {
   scope?: string
   codeChallenge?: string
   codeChallengeMethod?: CodeChallengeMethod
-  definitionId?: string
   presentationDuringIssuanceSession?: string;
   metadata?: EndpointMetadata;
   credentialIssuer?: string;