feat: make a nonce in a token response optional

hyperledger · Jul 3, 2024 · 6f480cd · 6f480cd
1 parent 46765d8
commit 6f480cd
Show file tree

Hide file tree

Showing 2 changed files with 12 additions and 7 deletions.
diff --git a/src/main/java/org/hyperledger/identus/keycloak/IdentusClient.java b/src/main/java/org/hyperledger/identus/keycloak/IdentusClient.java
@@ -17,17 +17,20 @@ public class IdentusClient {
 
     private static final Logger logger = Logger.getLogger(IdentusClient.class);
 
-    private final String identusUrl;
+    private final String identusUrl = System.getenv("IDENTUS_URL");
 
     private final Supplier<CloseableHttpClient> httpClient = IdentusClient::newCloseableHttpClient;
 
     public IdentusClient() {
-        this.identusUrl = System.getenv("IDENTUS_URL");
         if (this.identusUrl == null) {
-            throw new NullPointerException("The URL of identus client is null. The IDENTUS_URL environment variable is not set.");
+            logger.warn("The URL of the Identus Cloud Agent client is null. The IDENTUS_URL environment variable is not set. The token response will not contain a nonce.");
         }
     }
 
+    public Boolean isIdentusUrlSet() {
+        return this.identusUrl != null;
+    }
+
     public static CloseableHttpClient newCloseableHttpClient() {
         return HttpClientBuilder.create().build();
     }

diff --git a/src/main/java/org/hyperledger/identus/keycloak/OID4VCITokenEndpoint.java b/src/main/java/org/hyperledger/identus/keycloak/OID4VCITokenEndpoint.java
@@ -36,10 +36,12 @@ public Response createTokenResponse(UserModel user, UserSessionModel userSession
             Response originalResponse = super.createTokenResponse(user, userSession, clientSessionCtx, scopeParam, true, clientPolicyContextGenerator);
             AccessTokenResponse responseEntity = (AccessTokenResponse) originalResponse.getEntity();
 
-            String token = responseEntity.getToken();
-            NonceResponse nonceResponse = identusClient.getNonce(token, issuerState);
-            responseEntity.setOtherClaims(OID4VCIConstants.C_NONCE, nonceResponse.getNonce());
-            responseEntity.setOtherClaims(OID4VCIConstants.C_NONCE_EXPIRE, nonceResponse.getNonceExpiresIn());
+            if (identusClient.isIdentusUrlSet()) {
+                String token = responseEntity.getToken();
+                NonceResponse nonceResponse = identusClient.getNonce(token, issuerState);
+                responseEntity.setOtherClaims(OID4VCIConstants.C_NONCE, nonceResponse.getNonce());
+                responseEntity.setOtherClaims(OID4VCIConstants.C_NONCE_EXPIRE, nonceResponse.getNonceExpiresIn());
+            }
             return Response.fromResponse(originalResponse)
                     .entity(responseEntity)
                     .build();