fix: qr code value

pyeudiw/satosa/default/openid4vp_backend.py

@@ -205,20 +205,18 @@ def pre_request_endpoint(self, context: Context, internal_request, **kwargs) ->
             'client_id': self.client_id,
             'request_uri': f"{self.absolute_request_url}?id={state}",
         }
-        url_params = urlencode(payload, quote_via=quote_plus)
+
+        respose_url = self._build_authz_request_url(payload)
 
         if is_smartphone(context.http_headers.get('HTTP_USER_AGENT')):
             # Same Device flow
-            res_url = f'{self.config["authorization"]["url_scheme"]}://authorize?{url_params}'
-            return Redirect(res_url)
+            return Redirect(respose_url)
 
         # Cross Device flow
-        res_url = f'{self.client_id}?{url_params}'
-
         result = self.template.qrcode_page.render(
             {
                 "qrcode_color": self.config["qrcode"]["color"],
-                "qrcode_text": res_url,
+                "qrcode_text": respose_url,
                 "qrcode_size": self.config["qrcode"]["size"],
                 "qrcode_logo_path": self.config["qrcode"]["logo_path"],
                 "qrcode_expiration_time": self.config["qrcode"]["expiration_time"],
@@ -342,6 +340,15 @@ def db_engine(self) -> DBEngine:
 
         return self._db_engine
 
+    def _build_authz_request_url(self, payload: dict) -> str:
+        scheme = self.config["authorization"]["url_scheme"]
+        # NOTE: path component is currently unused by the protocol, but currently
+        # we leave it there as 'authorize' to stress the fact that this is an
+        # OAuth 2.0 request modified by JAR (RFC9101)
+        path = "authorize"
+        query_params = urlencode(payload, quote_via=quote_plus)
+        return f"{scheme}://{path}?{query_params}"
+
     @property
     def default_metadata_private_jwk(self) -> tuple:
         """Returns the default metadata private JWK"""