Skip to content

Commit

Permalink
address client_id
Browse files Browse the repository at this point in the history
  • Loading branch information
@reinkrul
reinkrul committed Dec 8, 2023
1 parent 21f943f commit 379ff01
Show file tree
Hide file tree
Showing 2 changed files with 18 additions and 8 deletions.
15 changes: 10 additions & 5 deletions auth/api/iam/s2s_vptoken.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -148,19 +148,24 @@ func (r *Wrapper) RequestAccessToken(ctx context.Context, request RequestAccessT

func (r *Wrapper) createS2SAccessToken(issuer did.DID, issueTime time.Time, presentations []vc.VerifiablePresentation,
submission pe.PresentationSubmission, definition PresentationDefinition, scope string) (*oauth.TokenResponse, error) {
// TODO: RFC021 isn't clear on this, so take credential subject from first VP for now.
// See https://github.com/nuts-foundation/nuts-specification/issues/269
clientDID, err := credential.PresentationSigner(presentations[0])
if err != nil {
return nil, fmt.Errorf("unable to extract client DID from presentation: %w", err)
}
accessToken := AccessToken{
Token: crypto.GenerateNonce(),
Issuer: issuer.String(),
// TODO: set ClientId
ClientId: "",
Token: crypto.GenerateNonce(),
Issuer: issuer.String(),
ClientId: clientDID.String(),
IssuedAt: issueTime,
Expiration: issueTime.Add(accessTokenValidity),
Scope: scope,
VPToken: presentations,
PresentationDefinition: &definition,
PresentationSubmission: &submission,
}
err := r.s2sAccessTokenStore().Put(accessToken.Token, accessToken)
err = r.s2sAccessTokenStore().Put(accessToken.Token, accessToken)
if err != nil {
return nil, fmt.Errorf("unable to store access token: %w", err)
}
Expand Down
11 changes: 8 additions & 3 deletions auth/api/iam/s2s_vptoken_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -392,9 +392,14 @@ func TestWrapper_handleS2SAccessTokenRequest(t *testing.T) {
func TestWrapper_createAccessToken(t *testing.T) {
credential, err := vc.ParseVerifiableCredential(jsonld.TestOrganizationCredential)
require.NoError(t, err)
presentation := vc.VerifiablePresentation{
presentation := test.ParsePresentation(t, vc.VerifiablePresentation{
VerifiableCredential: []vc.VerifiableCredential{*credential},
}
Proof: []interface{}{
proof.LDProof{
VerificationMethod: ssi.MustParseURI("did:nuts:B8PUHs2AUHbFF1xLLK4eZjgErEcMXHxs68FteY7NDtCY#1"),
},
},
})
submission := pe.PresentationSubmission{
Id: "submissive",
}
Expand All @@ -404,7 +409,7 @@ func TestWrapper_createAccessToken(t *testing.T) {
t.Run("ok", func(t *testing.T) {
ctx := newTestClient(t)

accessToken, err := ctx.client.createS2SAccessToken(issuerDID, time.Now(), []VerifiablePresentation{presentation}, submission, definition, "everything")
accessToken, err := ctx.client.createS2SAccessToken(issuerDID, time.Now(), []VerifiablePresentation{test.ParsePresentation(t, presentation)}, submission, definition, "everything")

require.NoError(t, err)
assert.NotEmpty(t, accessToken.AccessToken)
Expand Down

0 comments on commit 379ff01

Please sign in to comment.