From 856b783bb4edbdb86eadcf74d962888f61a7d167 Mon Sep 17 00:00:00 2001
From: Niels Klomp <nklomp@sphereon.com>
Date: Thu, 29 Feb 2024 23:49:15 +0100
Subject: [PATCH 1/2] chore: new dev cycle

---
 package.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/package.json b/package.json
index d8a15f7..936510a 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@sphereon/did-auth-siop",
-  "version": "0.6.0",
+  "version": "0.6.1-unstable.0",
   "source": "src/index.ts",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",

From 3e3bcd76553c7915a866eec132dbafc305d618da Mon Sep 17 00:00:00 2001
From: Niels Klomp <nklomp@sphereon.com>
Date: Mon, 4 Mar 2024 21:14:43 +0100
Subject: [PATCH 2/2] fix: redirect_uri or response_uri were not updated for
 new requests, resulting in recreating stale request objects

---
 src/request-object/Payload.ts | 3 ++-
 src/rp/RP.ts                  | 4 ++--
 2 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/src/request-object/Payload.ts b/src/request-object/Payload.ts
index 94d8c10..caa8912 100644
--- a/src/request-object/Payload.ts
+++ b/src/request-object/Payload.ts
@@ -42,7 +42,8 @@ export const createRequestObjectPayload = async (opts: CreateAuthorizationReques
     scope: payload.scope ?? Scope.OPENID,
     //TODO implement /.well-known/openid-federation support in the OP side to resolve the client_id (URL) and retrieve the metadata
     client_id: clientId ?? opts.requestObject.signature.did,
-    redirect_uri: payload.redirect_uri,
+    ...(payload.redirect_uri && { redirect_uri: payload.redirect_uri }),
+    ...(payload.response_uri && { response_uri: payload.response_uri }),
     response_mode: payload.response_mode ?? ResponseMode.DIRECT_POST,
     ...(payload.id_token_hint && { id_token_hint: payload.id_token_hint }),
     registration_uri: registration.clientMetadataOpts.reference_uri,
diff --git a/src/rp/RP.ts b/src/rp/RP.ts
index 1e58ce6..5a19620 100644
--- a/src/rp/RP.ts
+++ b/src/rp/RP.ts
@@ -237,14 +237,14 @@ export class RP {
       throw Error(`A response or redirect URI is required at this point`);
     } else {
       if (responseURIType === 'redirect_uri') {
-        if (this._createRequestOptions?.requestObject?.payload && !this._createRequestOptions.requestObject?.payload?.redirect_uri) {
+        if (this._createRequestOptions?.requestObject?.payload) {
           this._createRequestOptions.requestObject.payload.redirect_uri = responseURI;
         }
         if (!referenceURI && !this._createRequestOptions.payload?.redirect_uri) {
           this._createRequestOptions.payload.redirect_uri = responseURI;
         }
       } else if (responseURIType === 'response_uri') {
-        if (this._createRequestOptions?.requestObject?.payload && !this._createRequestOptions.requestObject?.payload?.response_uri) {
+        if (this._createRequestOptions?.requestObject?.payload) {
           this._createRequestOptions.requestObject.payload.response_uri = responseURI;
         }
         if (!referenceURI && !this._createRequestOptions.payload?.response_uri) {