chore: NP fixes

Sphereon-Opensource · Aug 30, 2024 · 23483b6 · 23483b6
1 parent c69a72c
commit 23483b6
Show file tree

Hide file tree

Showing 3 changed files with 22 additions and 1 deletion.
diff --git a/packages/did-auth-siop-adapter/lib/DidJwtAdapter.ts b/packages/did-auth-siop-adapter/lib/DidJwtAdapter.ts
@@ -22,8 +22,14 @@ export const verfiyDidJwtAdapter = async (
     if (jwtVerifier.type === 'request-object' && (jwt.payload as JwtPayload & { client_id?: string }).client_id?.startsWith('did:')) {
       const authorizationRequestPayload = jwt.payload as AuthorizationRequestPayload
       if (options.verification?.checkLinkedDomain && options.verification.checkLinkedDomain != CheckLinkedDomain.NEVER) {
+        if(!authorizationRequestPayload.client_id) {
+          return Promise.reject(Error('missing client_id from AuthorizationRequestPayload'))
+        }
         await validateLinkedDomainWithDid(authorizationRequestPayload.client_id, options.verification)
       } else if (!options.verification?.checkLinkedDomain && options.verification.wellknownDIDVerifyCallback) {
+        if(!authorizationRequestPayload.client_id) {
+          return Promise.reject(Error('missing client_id from AuthorizationRequestPayload'))
+        }
         await validateLinkedDomainWithDid(authorizationRequestPayload.client_id, options.verification)
       }
     }

diff --git a/packages/did-auth-siop-adapter/lib/did/DidJWT.ts b/packages/did-auth-siop-adapter/lib/did/DidJWT.ts
@@ -81,10 +81,16 @@ export async function createDidJWT(
 
 export async function signIDTokenPayload(payload: IDTokenPayload, signature: InternalSignature | ExternalSignature | SuppliedSignature) {
   if (isInternalSignature(signature)) {
+    if(!signature.kid) {
+      return Promise.reject(Error('missing kid from signature'))
+    }
     return signDidJwtInternal(payload, payload.issuer, signature.hexPrivateKey, signature.alg, signature.kid, signature.customJwtSigner)
   } else if (isExternalSignature(signature)) {
     return signDidJwtExternal(payload, signature.signatureUri, signature.authZToken, signature.alg, signature.kid)
   } else if (isSuppliedSignature(signature)) {
+    if(!signature.kid) {
+      return Promise.reject(Error('missing kid from signature'))
+    }
     return signDidJwtSupplied(payload, payload.issuer, signature.signature, signature.alg, signature.kid)
   } else {
     throw new Error(
@@ -108,10 +114,16 @@ export async function signRequestObjectPayload(payload: RequestObjectPayload, si
     payload.sub = signature.did
   }
   if (isInternalSignature(signature)) {
+    if(!signature.kid) {
+      return Promise.reject(Error('missing kid from signature'))
+    }
     return signDidJwtInternal(payload, issuer, signature.hexPrivateKey, signature.alg, signature.kid, signature.customJwtSigner)
   } else if (isExternalSignature(signature)) {
     return signDidJwtExternal(payload, signature.signatureUri, signature.authZToken, signature.alg, signature.kid)
   } else if (isSuppliedSignature(signature)) {
+    if(!signature.kid) {
+      return Promise.reject(Error('missing kid from signature'))
+    }
     return signDidJwtSupplied(payload, issuer, signature.signature, signature.alg, signature.kid)
   } else {
     throw new Error(
@@ -154,7 +166,7 @@ async function signDidJwtExternal(
     payload,
     expiresIn: DEFAULT_EXPIRATION_TIME,
     alg,
-    selfIssued: payload.iss.includes(ResponseIss.SELF_ISSUED_V2) ? payload.iss : undefined,
+    selfIssued: payload.iss && payload.iss.includes(ResponseIss.SELF_ISSUED_V2) ? payload.iss : undefined,
     kid,
   }
 

diff --git a/packages/did-auth-siop-adapter/tsconfig.json b/packages/did-auth-siop-adapter/tsconfig.json
@@ -12,6 +12,9 @@
   "references": [
     {
       "path": "../common"
+    },
+    {
+      "path": "../siop-oid4vp"
     }
   ]
 }