added authorize endpoint as specified by rfc6549 authorization code (#…

…2626) wip added bunch of tests added missing API tests fix failing test add tests for failing directpost responses refactor ami client and reuse response parsing/code checking happy flow tests for holder service error tests for holder service comment touchup on some comments fix didkey pattern remove url decode from middleware, now handled by codegen bind add callback, fix request logger fix logger test add e2e test added handling of error direct_post
nuts-foundation · Jan 16, 2024 · 2f9e393 · 2f9e393
1 parent 3e904f2
commit 2f9e393
Show file tree

Hide file tree

Showing 34 changed files with 1,604 additions and 260 deletions.
diff --git a/auth/api/iam/api.go b/auth/api/iam/api.go
@@ -139,11 +139,8 @@ func (r Wrapper) HandleTokenRequest(ctx context.Context, request HandleTokenRequ
 	case "authorization_code":
 		// Options:
 		// - OpenID4VCI
-		// - OpenID4VP, vp_token is sent in Token Response
-		return nil, oauth.OAuth2Error{
-			Code:        oauth.UnsupportedGrantType,
-			Description: "not implemented yet",
-		}
+		// - OpenID4VP
+		return r.handleAccessTokenRequest(ctx, *ownDID, request.Body.Code, request.Body.RedirectUri, request.Body.ClientId)
 	case "urn:ietf:params:oauth:grant-type:pre-authorized_code":
 		// Options:
 		// - OpenID4VCI
@@ -399,7 +396,7 @@ func (r Wrapper) RequestAccessToken(ctx context.Context, request RequestAccessTo
 		return nil, err
 	}
 	if !isWallet {
-		return nil, core.InvalidInputError("did not owned by this node: %w", err)
+		return nil, core.InvalidInputError("did not owned by this node")
 	}
 	if request.Body.UserID != nil && len(*request.Body.UserID) > 0 {
 		// forward to user flow

diff --git a/auth/api/iam/api_test.go b/auth/api/iam/api_test.go
@@ -273,7 +273,7 @@ func TestWrapper_HandleAuthorizeRequest(t *testing.T) {
 		ctx.vdr.EXPECT().IsOwner(gomock.Any(), holderDID).Return(true, nil)
 		ctx.holderRole.EXPECT().ClientMetadata(gomock.Any(), "https://example.com/.well-known/authorization-server/iam/verifier").Return(&clientMetadata, nil)
 		ctx.holderRole.EXPECT().PresentationDefinition(gomock.Any(), "https://example.com/iam/verifier/presentation_definition?scope=test").Return(&pe.PresentationDefinition{}, nil)
-		ctx.holderRole.EXPECT().BuildPresentation(gomock.Any(), holderDID, pe.PresentationDefinition{}, clientMetadata.VPFormats, "nonce").Return(&vc.VerifiablePresentation{}, &pe.PresentationSubmission{}, nil)
+		ctx.holderRole.EXPECT().BuildPresentation(gomock.Any(), holderDID, pe.PresentationDefinition{}, clientMetadata.VPFormats, "nonce", verifierDID).Return(&vc.VerifiablePresentation{}, &pe.PresentationSubmission{}, nil)
 		ctx.holderRole.EXPECT().PostAuthorizationResponse(gomock.Any(), vc.VerifiablePresentation{}, pe.PresentationSubmission{}, "https://example.com/iam/verifier/response", "state").Return("https://example.com/iam/holder/redirect", nil)
 
 		res, err := ctx.client.HandleAuthorizeRequest(requestContext(map[string]string{

diff --git a/auth/api/iam/generated.go b/auth/api/iam/generated.go