fix: fixed the logic in creating credentialOffer uri

Sphereon-Opensource · May 17, 2024 · 53bce06 · 53bce06
1 parent 978a92b
commit 53bce06
Show file tree

Hide file tree

Showing 4 changed files with 11 additions and 5 deletions.
diff --git a/packages/client/lib/AccessTokenClient.ts b/packages/client/lib/AccessTokenClient.ts
@@ -149,7 +149,7 @@ export class AccessTokenClient {
     const issuer = getIssuerFromCredentialOfferPayload(requestPayload);
 
     const grantDetails = requestPayload.grants?.['urn:ietf:params:oauth:grant-type:pre-authorized_code'];
-    const isPinRequired = !!grantDetails?.tx_code || !!grantDetails?.['pre-authorized_code'];
+    const isPinRequired = !!grantDetails?.tx_code ?? false;
 
     debug(`Pin required for issuer ${issuer}: ${isPinRequired}`);
     return {

diff --git a/packages/client/lib/__tests__/SdJwt.spec.ts b/packages/client/lib/__tests__/SdJwt.spec.ts
@@ -94,7 +94,7 @@ describe('sd-jwt vc', () => {
       nock(vcIssuer.issuerMetadata.credential_issuer).get('/.well-known/oauth-authorization-server').reply(404);
 
       expect(offerUri.uri).toEqual(
-        'openid-credential-offer://?credential_offer=%7B%22grants%22%3A%7B%22urn%3Aietf%3Aparams%3Aoauth%3Agrant-type%3Apre-authorized_code%22%3A%7B%22pre-authorized_code%22%3A%22123%22%7D%7D%2C%22credential_configuration_ids%22%3A%5B%22SdJwtCredentialId%22%5D%2C%22credential_issuer%22%3A%22https%3A%2F%2Fexample.com%22%7D',
+        'openid-credential-offer://?credential_offer=%7B%22grants%22%3A%7B%22urn%3Aietf%3Aparams%3Aoauth%3Agrant-type%3Apre-authorized_code%22%3A%7B%22pre-authorized_code%22%3A%22123%22%2C%22tx_code%22%3A%7B%22input_mode%22%3A%22text%22%2C%22length%22%3A3%7D%7D%7D%2C%22credential_configuration_ids%22%3A%5B%22SdJwtCredentialId%22%5D%2C%22credential_issuer%22%3A%22https%3A%2F%2Fexample.com%22%7D',
       );
 
       const client = await OpenID4VCIClient.fromURI({
@@ -107,6 +107,10 @@ describe('sd-jwt vc', () => {
         grants: {
           'urn:ietf:params:oauth:grant-type:pre-authorized_code': {
             'pre-authorized_code': '123',
+            tx_code: {
+              input_mode: "text",
+              length: 3,
+      },
           },
         },
       });

diff --git a/packages/issuer/lib/VcIssuer.ts b/packages/issuer/lib/VcIssuer.ts
@@ -135,6 +135,7 @@ export class VcIssuer<DIDDoc extends object> {
 
     const credentialOfferObject = createCredentialOfferObject(this._issuerMetadata, {
       ...opts,
+      txCode,
       credentialOffer: credentialOfferPayload,
       baseUri,
       preAuthorizedCode,

diff --git a/packages/issuer/lib/functions/CredentialOfferUtils.ts b/packages/issuer/lib/functions/CredentialOfferUtils.ts
@@ -3,11 +3,11 @@ import {
   CredentialOfferPayloadV1_0_13,
   CredentialOfferSession,
   CredentialOfferV1_0_13,
-  Grant,
+  Grant, GrantUrnIetf,
   IssuerMetadataV1_0_13,
   PIN_VALIDATION_ERROR,
   TxCode,
-  UniformCredentialOffer,
+  UniformCredentialOffer
 } from '@sphereon/oid4vci-common'
 import { v4 as uuidv4 } from 'uuid'
 
@@ -20,6 +20,7 @@ export function createCredentialOfferObject(
     scheme?: string
     baseUri?: string
     issuerState?: string
+    grants?: Grant
     txCode?: TxCode
     preAuthorizedCode?: string
   },
@@ -67,7 +68,7 @@ export function createCredentialOfferObject(
   if (opts?.preAuthorizedCode) {
     credential_offer.grants['urn:ietf:params:oauth:grant-type:pre-authorized_code'] = {
       'pre-authorized_code': opts.preAuthorizedCode,
-      tx_code: opts.txCode,
+      tx_code: ((opts.grants as Grant)?.['urn:ietf:params:oauth:grant-type:pre-authorized_code'] as GrantUrnIetf).tx_code ?? undefined,
     }
   } else if (!credential_offer.grants?.authorization_code?.issuer_state) {
     credential_offer.grants = {