Handle direct_post return from wallet to verifier (#2702)

* added authorize endpoint as specified by rfc6549 authorization code (#2626) * add e2e test
nuts-foundation · Jan 22, 2024 · f642fec · f642fec
1 parent 04c5eb7
commit f642fec
Show file tree

Hide file tree

Showing 32 changed files with 1,535 additions and 265 deletions.
diff --git a/auth/api/iam/api.go b/auth/api/iam/api.go
@@ -139,11 +139,8 @@ func (r Wrapper) HandleTokenRequest(ctx context.Context, request HandleTokenRequ
 	case "authorization_code":
 		// Options:
 		// - OpenID4VCI
-		// - OpenID4VP, vp_token is sent in Token Response
-		return nil, oauth.OAuth2Error{
-			Code:        oauth.UnsupportedGrantType,
-			Description: "not implemented yet",
-		}
+		// - OpenID4VP
+		return r.handleAccessTokenRequest(ctx, *ownDID, request.Body.Code, request.Body.RedirectUri, request.Body.ClientId)
 	case "urn:ietf:params:oauth:grant-type:pre-authorized_code":
 		// Options:
 		// - OpenID4VCI
@@ -399,7 +396,7 @@ func (r Wrapper) RequestAccessToken(ctx context.Context, request RequestAccessTo
 		return nil, err
 	}
 	if !isWallet {
-		return nil, core.InvalidInputError("did not owned by this node: %w", err)
+		return nil, core.InvalidInputError("did not owned by this node")
 	}
 	if request.Body.UserID != nil && len(*request.Body.UserID) > 0 {
 		// forward to user flow

diff --git a/auth/api/iam/api_test.go b/auth/api/iam/api_test.go
@@ -273,7 +273,7 @@ func TestWrapper_HandleAuthorizeRequest(t *testing.T) {
 		ctx.vdr.EXPECT().IsOwner(gomock.Any(), holderDID).Return(true, nil)
 		ctx.holderRole.EXPECT().ClientMetadata(gomock.Any(), "https://example.com/.well-known/authorization-server/iam/verifier").Return(&clientMetadata, nil)
 		ctx.holderRole.EXPECT().PresentationDefinition(gomock.Any(), "https://example.com/iam/verifier/presentation_definition?scope=test").Return(&pe.PresentationDefinition{}, nil)
-		ctx.holderRole.EXPECT().BuildPresentation(gomock.Any(), holderDID, pe.PresentationDefinition{}, clientMetadata.VPFormats, "nonce").Return(&vc.VerifiablePresentation{}, &pe.PresentationSubmission{}, nil)
+		ctx.holderRole.EXPECT().BuildPresentation(gomock.Any(), holderDID, pe.PresentationDefinition{}, clientMetadata.VPFormats, "nonce", verifierDID.URI()).Return(&vc.VerifiablePresentation{}, &pe.PresentationSubmission{}, nil)
 		ctx.holderRole.EXPECT().PostAuthorizationResponse(gomock.Any(), vc.VerifiablePresentation{}, pe.PresentationSubmission{}, "https://example.com/iam/verifier/response", "state").Return("https://example.com/iam/holder/redirect", nil)
 
 		res, err := ctx.client.HandleAuthorizeRequest(requestContext(map[string]string{

diff --git a/auth/api/iam/generated.go b/auth/api/iam/generated.go