Skip to content

Commit

Permalink
chore: responseRedirectUri fixes
Browse files Browse the repository at this point in the history
  • Loading branch information
sanderPostma committed Oct 3, 2024
1 parent fba3f6b commit 04dc758
Show file tree
Hide file tree
Showing 5 changed files with 22 additions and 19 deletions.
10 changes: 7 additions & 3 deletions packages/siop-oid4vp/lib/__tests__/RP.request.spec.ts
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,7 @@ import {

const EXAMPLE_REDIRECT_URL = 'https://acme.com/hello'
const EXAMPLE_REFERENCE_URL = 'https://rp.acme.com/siop/jwts'
const EXAMPLE_RESPONSE_REDIRECT_URL = 'https://acme.com/:correlation_id?state=:state'
const HEX_KEY = 'f857544a9d1097e242ff0b287a7e6e90f19cf973efe2317f2a4678739664420f'
const DID = 'did:ethr:0x0106a2e985b1E1De9B5ddb4aF6dC9e928F4e99D0'
const KID = 'did:ethr:0x0106a2e985b1E1De9B5ddb4aF6dC9e928F4e99D0#keys-1'
Expand Down Expand Up @@ -257,12 +258,13 @@ describe('RP should', () => {
const expectedJwtRegex =
/^eyJhbGciOiJFUzI1NksiLCJraWQiOiJkaWQ6ZXRocjoweDAxMDZhMmU5ODViMUUxRGU5QjVkZGI0YUY2ZEM5ZTkyOEY0ZTk5RDAja2V5cy0xIiwidHlwIjoiSldUIn0\.eyJpYXQiO.*$/

const request = await RP.builder({ requestVersion: SupportedVersion.SIOPv2_ID1 })
const rp = RP.builder({ requestVersion: SupportedVersion.SIOPv2_ID1 })
.withClientId(WELL_KNOWN_OPENID_FEDERATION, alltargets)
.withScope('test', alltargets)
.withResponseType(ResponseType.ID_TOKEN, alltargets)
.withVerifyJwtCallback(getVerifyJwtCallback(getResolver('ethr')))
.withRedirectUri(EXAMPLE_REDIRECT_URL, alltargets)
.withResponseRedirectUri(EXAMPLE_RESPONSE_REDIRECT_URL)
.withRequestBy(PassBy.REFERENCE, EXAMPLE_REFERENCE_URL)
.withCreateJwtCallback(internalSignature(HEX_KEY, DID, KID, SigningAlgo.ES256K))
.withClientMetadata(
Expand Down Expand Up @@ -296,8 +298,7 @@ describe('RP should', () => {
)
.withSupportedVersions([SupportedVersion.SIOPv2_D11])
.build()

.createAuthorizationRequestURI({
const request = await rp.createAuthorizationRequestURI({
correlationId: '1234',
state: 'b32f0087fc9816eb813fd11f',
nonce: 'qBrR7mqnY3Qr49dAZycPF8FzgE83m6H0c2l0bzP4xSg',
Expand All @@ -306,5 +307,8 @@ describe('RP should', () => {
expect(request.authorizationRequestPayload).toMatchObject(expectedPayloadWithoutRequest)
expect(request.encodedUri).toMatch(expectedUri)
expect(request.requestObjectJwt).toMatch(expectedJwtRegex)

const responseRedirectUri = rp.getResponseRedirectUri({correlation_id: '1234', state: 'b32f0087fc9816eb813fd11f'})
expect(responseRedirectUri).toBe('https://acme.com/1234?state=b32f0087fc9816eb813fd11f')
})
})
2 changes: 0 additions & 2 deletions packages/siop-oid4vp/lib/authorization-request/types.ts
Original file line number Diff line number Diff line change
Expand Up @@ -56,13 +56,11 @@ export interface RequestObjectPayloadOpts<CT extends ClaimPayloadCommonOpts> {

interface AuthorizationRequestCommonOpts<CT extends ClaimPayloadCommonOpts> {
// Yes, this includes common payload properties both at the payload level as well as in the requestObject.payload property. That is to support OAuth2 with or without a signed OpenID requestObject

version: SupportedVersion
clientMetadata?: ClientMetadataOpts // this maps to 'registration' for older SIOPv2 specs! OPTIONAL. This parameter is used by the RP to provide information about itself to a Self-Issued OP that would normally be provided to an OP during Dynamic RP Registration, as specified in {#rp-registration-parameter}.
payload?: AuthorizationRequestPayloadOpts<CT>
requestObject: RequestObjectOpts<CT>
uriScheme?: Schema | string // Use a custom scheme for the URI. By default openid:// will be used
responseRedirectUri?: string;
}

export type AuthorizationRequestOptsVID1 = AuthorizationRequestCommonOpts<ClaimPayloadOptsVID1>
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -166,7 +166,7 @@ export class PresentationExchange {
wvp.original,
opts,
)
if (evaluationResults.errors.length) {
if (evaluationResults.errors?.length) {
throw new Error(`message: ${SIOPErrors.COULD_NOT_FIND_VCS_MATCHING_PD}, details: ${JSON.stringify(evaluationResults.errors)}`)
}
return evaluationResults
Expand Down Expand Up @@ -379,7 +379,7 @@ export class PresentationExchange {
throw new Error(SIOPErrors.NO_PRESENTATION_SUBMISSION)
}

if (!evaluationResults.areRequiredCredentialsPresent || evaluationResults.errors.length > 0 || !evaluationResults.value) {
if (!evaluationResults.areRequiredCredentialsPresent || (evaluationResults.errors && evaluationResults.errors.length > 0) || !evaluationResults.value) {
throw new Error(`message: ${SIOPErrors.COULD_NOT_FIND_VCS_MATCHING_PD}, details: ${JSON.stringify(evaluationResults.errors)}`)
}

Expand Down
21 changes: 11 additions & 10 deletions packages/siop-oid4vp/lib/rp/RP.ts
Original file line number Diff line number Diff line change
Expand Up @@ -105,14 +105,6 @@ export class RP {
responseURIType?: ResponseURIType
}): Promise<URI> {
const authorizationRequestOpts = this.newAuthorizationRequestOpts(opts)
if(authorizationRequestOpts.responseRedirectUri !== undefined) {
authorizationRequestOpts.responseRedirectUri = authorizationRequestOpts.responseRedirectUri
.replace(':correlation_id', opts.correlationId)
.replace(':correlationId', opts.correlationId)
if(typeof(opts.state) === 'string') {
authorizationRequestOpts.responseRedirectUri = authorizationRequestOpts.responseRedirectUri.replace(':state', opts.state)
}
}

return await URI.fromOpts(authorizationRequestOpts)
.then(async (uri: URI) => {
Expand Down Expand Up @@ -205,6 +197,17 @@ export class RP {
return this._verifyResponseOptions
}

public getResponseRedirectUri(mappings: Record<string, string>): string | undefined {
if (this._responseRedirectUri === undefined) {
return undefined
}

return Object.entries(mappings).reduce(
(uri, [key, value]) => uri.replace(`:${key}`, value),
this._responseRedirectUri
)
}

private newAuthorizationRequestOpts(opts: {
correlationId: string
nonce: string | RequestPropertyWithTargets<string>
Expand Down Expand Up @@ -304,8 +307,6 @@ export class RP {
newOpts.requestObject.payload.claims = { ...newOpts.requestObject.payload.claims, ...claimsWithTarget.propertyValue }
}
}

newOpts.responseRedirectUri = this._responseRedirectUri
return newOpts
}

Expand Down
4 changes: 2 additions & 2 deletions packages/siop-oid4vp/lib/rp/RPBuilder.ts
Original file line number Diff line number Diff line change
Expand Up @@ -134,8 +134,8 @@ export class RPBuilder {
return this
}

withResponseRedirectUri(redirectUri: string, targets?: PropertyTargets): RPBuilder {
this._responseRedirectUri = assignIfAuth({ propertyValue: redirectUri, targets }, false)
withResponseRedirectUri(responseRedirectUri: string): RPBuilder {
this._responseRedirectUri = responseRedirectUri
return this
}

Expand Down

0 comments on commit 04dc758

Please sign in to comment.