Skip to content

Commit

Permalink
Merge pull request #132 from cre8/fix/txCode
Browse files Browse the repository at this point in the history
fix: remove bug for txCode
  • Loading branch information
nklomp authored Jul 30, 2024
2 parents 105fc37 + 5ca1eda commit 858a8ea
Show file tree
Hide file tree
Showing 4 changed files with 9 additions and 4 deletions.
1 change: 1 addition & 0 deletions packages/client/lib/AccessTokenClient.ts
Original file line number Diff line number Diff line change
Expand Up @@ -105,6 +105,7 @@ export class AccessTokenClient {
if (credentialOfferRequest?.supportedFlows.includes(AuthzFlowType.PRE_AUTHORIZED_CODE_FLOW)) {
this.assertAlphanumericPin(opts.pinMetadata, pin);
request.user_pin = pin;
request.tx_code = pin;

request.grant_type = GrantTypes.PRE_AUTHORIZED_CODE;
// we actually know it is there because of the isPreAuthCode call
Expand Down
2 changes: 1 addition & 1 deletion packages/common/lib/types/Authorization.types.ts
Original file line number Diff line number Diff line change
Expand Up @@ -312,7 +312,7 @@ export interface AccessTokenRequest {
'pre-authorized_code': string;
redirect_uri?: string;
scope?: string;
user_pin?: string; //pre draft 13
user_pin?: string; //this is for v11, not required in v13 anymore
tx_code?: string; //draft 13
[s: string]: unknown;
}
Expand Down
1 change: 0 additions & 1 deletion packages/issuer/lib/VcIssuer.ts
Original file line number Diff line number Diff line change
Expand Up @@ -192,7 +192,6 @@ export class VcIssuer<DIDDoc extends object> {
status,
notification_id: v4(),
...(userPin && { txCode: userPin }), // We used to use userPin according to older specs. We map these onto txCode now. If both are used, txCode in the end wins, even if they are different
...(txCode && { txCode }),
...(opts.credentialDataSupplierInput && { credentialDataSupplierInput: opts.credentialDataSupplierInput }),
credentialOffer,
}
Expand Down
9 changes: 7 additions & 2 deletions packages/issuer/lib/tokens/index.ts
Original file line number Diff line number Diff line change
Expand Up @@ -102,12 +102,17 @@ export const assertValidAccessTokenRequest = async (
invalid_request:
the Authorization Server does not expect a PIN in the pre-authorized flow but the client provides a PIN
*/
if (!credentialOfferSession.credentialOffer.credential_offer?.grants?.[GrantTypes.PRE_AUTHORIZED_CODE]?.tx_code && request.tx_code) {
if (
!credentialOfferSession.credentialOffer.credential_offer?.grants?.[GrantTypes.PRE_AUTHORIZED_CODE]?.tx_code &&
request.tx_code &&
!request.user_pin
) {
// >= v13
throw new TokenError(400, TokenErrorResponse.invalid_request, USER_PIN_NOT_REQUIRED_ERROR)
} else if (
!credentialOfferSession.credentialOffer.credential_offer?.grants?.[GrantTypes.PRE_AUTHORIZED_CODE]?.user_pin_required &&
request.user_pin
request.user_pin &&
!request.tx_code
) {
// <= v12
throw new TokenError(400, TokenErrorResponse.invalid_request, USER_PIN_NOT_REQUIRED_ERROR)
Expand Down

0 comments on commit 858a8ea

Please sign in to comment.