Hi,
recently I was trying out using the authorisation code flow to issue the wallet, I realise how the wallet behave on the token endpoint respond, if have c_nounce, it will mark it as proofRequired use case and request credential with proof, but no c_nonce is provided in token endpoint it will do the the other way around.
but it seems like in the function it didn't handle the case for proofRequired use case, only the noProofRequired use case is being handle, but what if server return c_nonce in the token response?
` private func authorizeRequestWithAuthCodeUseCase(issuer: Issuer, offer: CredentialOffer) async throws -> AuthorizedRequest {
var pushedAuthorizationRequestEndpoint = ""
if case let .oidc(metaData) = offer.authorizationServerMetadata, let endpoint = metaData.pushedAuthorizationRequestEndpoint {
pushedAuthorizationRequestEndpoint = endpoint
} else if case let .oauth(metaData) = offer.authorizationServerMetadata, let endpoint = metaData.pushedAuthorizationRequestEndpoint {
pushedAuthorizationRequestEndpoint = endpoint
}
guard !pushedAuthorizationRequestEndpoint.isEmpty else { throw WalletError(description: "pushed Authorization Request Endpoint is nil") }
logger.info("--> [AUTHORIZATION] Placing PAR to AS server's endpoint (pushedAuthorizationRequestEndpoint)")
let parPlaced = await issuer.pushAuthorizationCodeRequest(credentialOffer: offer)
if case let .success(request) = parPlaced, case let .par(parRequested) = request {
logger.info("--> [AUTHORIZATION] Placed PAR. Get authorization code URL is: \(parRequested.getAuthorizationCodeURL)")
let authorizationCode = try await loginUserAndGetAuthCode(
getAuthorizationCodeUrl: parRequested.getAuthorizationCodeURL.url) ?? { throw WalletError(description: "Could not retrieve authorization code") }()
logger.info("--> [AUTHORIZATION] Authorization code retrieved")
let unAuthorized = await issuer.handleAuthorizationCode(parRequested: request, authorizationCode: .authorizationCode(authorizationCode: authorizationCode))
switch unAuthorized {
case .success(let request):
let authorizedRequest = await issuer.requestAccessToken(authorizationCode: request)
if case let .success(authorized) = authorizedRequest, case let .noProofRequired(token,_) = authorized {
logger.info("--> [AUTHORIZATION] Authorization code exchanged with access token \(token) ")
return authorized
}
case .failure(let error):
throw WalletError(description: error.localizedDescription)
}
} else if case let .failure(failure) = parPlaced {
throw WalletError(description: "Authorization error: \(failure.localizedDescription)")
}
throw WalletError(description: "Failed to get push authorization code request")
}`
Hi, recently I was trying out using the authorisation code flow to issue the wallet, I realise how the wallet behave on the token endpoint respond, if have c_nounce, it will mark it as proofRequired use case and request credential with proof, but no c_nonce is provided in token endpoint it will do the the other way around.
but it seems like in the function it didn't handle the case for proofRequired use case, only the noProofRequired use case is being handle, but what if server return c_nonce in the token response?
` private func authorizeRequestWithAuthCodeUseCase(issuer: Issuer, offer: CredentialOffer) async throws -> AuthorizedRequest { var pushedAuthorizationRequestEndpoint = "" if case let .oidc(metaData) = offer.authorizationServerMetadata, let endpoint = metaData.pushedAuthorizationRequestEndpoint { pushedAuthorizationRequestEndpoint = endpoint } else if case let .oauth(metaData) = offer.authorizationServerMetadata, let endpoint = metaData.pushedAuthorizationRequestEndpoint { pushedAuthorizationRequestEndpoint = endpoint } guard !pushedAuthorizationRequestEndpoint.isEmpty else { throw WalletError(description: "pushed Authorization Request Endpoint is nil") } logger.info("--> [AUTHORIZATION] Placing PAR to AS server's endpoint (pushedAuthorizationRequestEndpoint)") let parPlaced = await issuer.pushAuthorizationCodeRequest(credentialOffer: offer)
Thanks Thanks