Skip to content

Commit

Permalink
fix: forward properties
Browse files Browse the repository at this point in the history
Signed-off-by: Timo Glastra <[email protected]>
  • Loading branch information
TimoGlastra committed Nov 20, 2024
1 parent a06bbdb commit 54670d0
Show file tree
Hide file tree
Showing 2 changed files with 25 additions and 4 deletions.
8 changes: 8 additions & 0 deletions packages/oauth2/src/Oauth2Client.ts
Original file line number Diff line number Diff line change
Expand Up @@ -26,6 +26,7 @@ import { fetchAuthorizationServerMetadata } from './metadata/authorization-serve
import type { AuthorizationServerMetadata } from './metadata/authorization-server/v-authorization-server-metadata'
import { createPkce } from './pkce'
import { type ResourceRequestOptions, resourceRequest } from './resource-request/make-resource-request'
import { extractDpopNonceFromHeaders } from './dpop/dpop'

export interface Oauth2ClientOptions {
/**
Expand Down Expand Up @@ -108,7 +109,14 @@ export class Oauth2Client {
}
).toString()}`

const dpopNonce = extractDpopNonceFromHeaders(error.response.headers)
return {
dpop: options.dpop
? {
...options.dpop,
nonce: dpopNonce,
}
: undefined,
authorizationRequestUrl,
pkce,
}
Expand Down
21 changes: 17 additions & 4 deletions packages/oid4vci/src/Oid4vciClient.ts
Original file line number Diff line number Diff line change
@@ -1,18 +1,19 @@
import {
type CallbackContext,
type CreateAuthorizationRequestUrlOptions,
type CreatePkceReturn,
Oauth2Client,
Oauth2ClientAuthorizationChallengeError,
Oauth2Error,
Oauth2ErrorCodes,
type RequestDpopOptions,
type RetrieveAuthorizationCodeAccessTokenOptions,
type RetrievePreAuthorizedCodeAccessTokenOptions,
authorizationCodeGrantIdentifier,
getAuthorizationServerMetadataFromList,
preAuthorizedCodeGrantIdentifier,
} from '@animo-id/oauth2'

import type { CreatePkceReturn } from '../../oauth2/src/pkce'
import {
determineAuthorizationServerForCredentialOffer,
resolveCredentialOffer,
Expand Down Expand Up @@ -100,6 +101,8 @@ export class Oid4vciClient {

credentialOffer: CredentialOfferObject
issuerMetadata: IssuerMetadataResult

dpop?: RequestDpopOptions
}) {
if (!options.credentialOffer.grants?.[authorizationCodeGrantIdentifier]) {
throw new Oauth2Error(`Provided credential offer does not include the 'authorization_code' grant.`)
Expand All @@ -117,13 +120,14 @@ export class Oid4vciClient {
)

const oauth2Client = new Oauth2Client({ callbacks: this.options.callbacks })
const { authorizationChallengeResponse } = await oauth2Client.sendAuthorizationChallengeRequest({
const { authorizationChallengeResponse, dpop } = await oauth2Client.sendAuthorizationChallengeRequest({
authorizationServerMetadata,
authSession: options.authSession,
presentationDuringIssuanceSession: options.presentationDuringIssuanceSession,
dpop: options.dpop,
})

return { authorizationChallengeResponse }
return { authorizationChallengeResponse, dpop }
}

/**
Expand Down Expand Up @@ -187,6 +191,8 @@ export class Oid4vciClient {
...options.additionalRequestPayload,
issuer_state: options.credentialOffer?.grants?.authorization_code?.issuer_state,
},
dpop: options.dpop,
clientAttestation: options.clientAttestation,
resource: options.issuerMetadata.credentialIssuer.credential_issuer,
authorizationServerMetadata,
})
Expand Down Expand Up @@ -245,7 +251,7 @@ export class Oid4vciClient {
authorizationServer
)

const { authorizationRequestUrl, pkce } = await this.oauth2Client.createAuthorizationRequestUrl({
const { authorizationRequestUrl, pkce, dpop } = await this.oauth2Client.createAuthorizationRequestUrl({
authorizationServerMetadata,
clientId: options.clientId,
additionalRequestPayload: {
Expand All @@ -256,11 +262,14 @@ export class Oid4vciClient {
redirectUri: options.redirectUri,
scope: options.scope,
pkceCodeVerifier: options.pkceCodeVerifier,
clientAttestation: options.clientAttestation,
dpop: options.dpop,
})

return {
authorizationRequestUrl,
pkce,
dpop,
authorizationServer: authorizationServerMetadata.issuer,
}
}
Expand All @@ -275,6 +284,7 @@ export class Oid4vciClient {
additionalRequestPayload,
txCode,
dpop,
clientAttestation,
}: Omit<
RetrievePreAuthorizedCodeAccessTokenOptions,
'callbacks' | 'authorizationServerMetadata' | 'preAuthorizedCode' | 'resource'
Expand Down Expand Up @@ -312,6 +322,7 @@ export class Oid4vciClient {
resource: issuerMetadata.credentialIssuer.credential_issuer,
additionalRequestPayload,
dpop,
clientAttestation,
})

return {
Expand All @@ -332,6 +343,7 @@ export class Oid4vciClient {
pkceCodeVerifier,
redirectUri,
dpop,
clientAttestation,
}: Omit<RetrieveAuthorizationCodeAccessTokenOptions, 'authorizationServerMetadata' | 'callbacks'> & {
credentialOffer: CredentialOfferObject
issuerMetadata: IssuerMetadataResult
Expand All @@ -356,6 +368,7 @@ export class Oid4vciClient {
pkceCodeVerifier,
additionalRequestPayload,
dpop,
clientAttestation,
redirectUri,
resource: issuerMetadata.credentialIssuer.credential_issuer,
})
Expand Down

0 comments on commit 54670d0

Please sign in to comment.