small stuff based on self review

auth/api/auth/v1/client/types.go

@@ -34,6 +34,3 @@ type VerifiablePresentation = vc.VerifiablePresentation
 
 // AccessTokenResponse is an alias to use from within the API
 type AccessTokenResponse = oauth.TokenResponse
-
-// AccessTokenRequestFailedResponse is an alias to use from within the API
-type AccessTokenRequestFailedResponse = oauth.ErrorResponse

auth/api/iam/s2s_vptoken.go

@@ -24,6 +24,7 @@ import (
 	"encoding/base64"
 	"errors"
 	"fmt"
+	"github.com/nuts-foundation/nuts-node/auth/oauth"
 	"net/http"
 	"strings"
 	"time"
@@ -118,7 +119,7 @@ func (r Wrapper) RequestAccessToken(ctx context.Context, request RequestAccessTo
 	return RequestAccessToken200JSONResponse(*tokenResult), nil
 }
 
-func (r Wrapper) createAccessToken(issuer did.DID, issueTime time.Time, presentation vc.VerifiablePresentation, scope string) (*TokenResponse, error) {
+func (r Wrapper) createAccessToken(issuer did.DID, issueTime time.Time, presentation vc.VerifiablePresentation, scope string) (*oauth.TokenResponse, error) {
 	accessToken := AccessToken{
 		Token:        generateCode(),
 		Issuer:       issuer.String(),
@@ -130,9 +131,10 @@ func (r Wrapper) createAccessToken(issuer did.DID, issueTime time.Time, presenta
 		return nil, fmt.Errorf("unable to store access token: %w", err)
 	}
 	expiresIn := int(accessTokenValidity.Seconds())
-	return &TokenResponse{
+	return &oauth.TokenResponse{
 		AccessToken: accessToken.Token,
 		ExpiresIn:   &expiresIn,
+		Scope:       &scope,
 		TokenType:   "bearer",
 	}, nil
 }

auth/api/iam/s2s_vptoken_test.go

@@ -120,6 +120,7 @@ func TestWrapper_createAccessToken(t *testing.T) {
 		assert.NotEmpty(t, accessToken.AccessToken)
 		assert.Equal(t, "bearer", accessToken.TokenType)
 		assert.Equal(t, 900, *accessToken.ExpiresIn)
+		assert.Equal(t, "everything", *accessToken.Scope)
 
 		var storedToken AccessToken
 		err = ctx.client.accessTokenStore(issuerDID).Get(accessToken.AccessToken, &storedToken)

auth/api/iam/types.go

@@ -20,7 +20,6 @@ package iam
 
 import (
 	"github.com/nuts-foundation/go-did/did"
-	"github.com/nuts-foundation/nuts-node/auth/oauth"
 	"github.com/nuts-foundation/nuts-node/vcr/pe"
 	"github.com/nuts-foundation/nuts-node/vdr/resolver"
 )
@@ -34,9 +33,6 @@ type DIDDocumentMetadata = resolver.DocumentMetadata
 // PresentationDefinition is an alias
 type PresentationDefinition = pe.PresentationDefinition
 
-// TokenResponse is an alias
-type TokenResponse = oauth.TokenResponse
-
 const (
 	// responseTypeParam is the name of the response_type parameter.
 	// Specified by https://datatracker.ietf.org/doc/html/rfc6749#section-3.1.1

auth/auth.go

@@ -104,12 +104,12 @@ func NewAuthInstance(config Config, vdrInstance vdr.VDR, vcr vcr.VCR, keyStore c
 	}
 }
 
-// AuthzServer returns the oauth.OAuthAuthorizationServer
+// AuthzServer returns the oauth.AuthorizationServer
 func (auth *Auth) AuthzServer() oauth.AuthorizationServer {
 	return auth.authzServer
 }
 
-// RelyingParty returns the oauth.OAuthRelyingParty
+// RelyingParty returns the oauth.RelyingParty
 func (auth *Auth) RelyingParty() oauth.RelyingParty {
 	return auth.relyingParty
 }

auth/oauth/types.go

@@ -32,6 +32,7 @@ type TokenResponse struct {
 	ExpiresIn   *int    `json:"expires_in,omitempty"`
 	TokenType   string  `json:"token_type"`
 	CNonce      *string `json:"c_nonce,omitempty"`
+	Scope       *string `json:"scope,omitempty"`
 }
 
 const (

codegen/configs/auth_iam.yaml

@@ -9,7 +9,5 @@ output-options:
     - DIDDocument
     - OAuthAuthorizationServerMetadata
     - OAuthClientMetadata
-    - ErrorResponse
     - PresentationDefinition
-    - ErrorResponse
     - TokenResponse