Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix: remove scope check from response #1450

Conversation

karimStekelenburg
Copy link
Contributor

@karimStekelenburg karimStekelenburg commented May 9, 2023

Previously the requestCredential method would throw an error if the scope parameter was not present in the access_token response. This scope value was used to indicate the desired credential type when requesting the credential. However, this was incorrect, as this value is optional according to the specification.

This PR removes the requirement for the scope to be present on the access_token response. If the scope is present, it will be used to check if the server metadata indicates the requested credential format is supported for the requested credential type (indicated by the scope). If not, this validation is skipped.

When the access_token response does not contain a scope, the credentialType value that is passed to the underlying Sphereon library will be undefined. When this happens, the Sphereon library will use the credentialType value from the issuance initiation request instead (relevant code here), which should always be present according to the spec.

@TimoGlastra, @blu3beri, could one of you please verify these changes are in line with the specs?

Related to #1322

Signed-off-by: Karim Stekelenburg karim@animo.id

Signed-off-by: Karim Stekelenburg <karim@animo.id>
@karimStekelenburg karimStekelenburg requested a review from a team as a code owner May 9, 2023 17:51
@karimStekelenburg karimStekelenburg marked this pull request as draft May 9, 2023 18:16
Signed-off-by: Karim Stekelenburg <karim@animo.id>
Signed-off-by: Karim Stekelenburg <karim@animo.id>
@codecov-commenter
Copy link

Codecov Report

Merging #1450 (4ac5069) into main (61daf0c) will decrease coverage by 5.38%.
The diff coverage is 100.00%.

@@            Coverage Diff             @@
##             main    #1450      +/-   ##
==========================================
- Coverage   85.55%   80.17%   -5.38%     
==========================================
  Files         886      856      -30     
  Lines       21156    20570     -586     
  Branches     3635     3546      -89     
==========================================
- Hits        18099    16493    -1606     
- Misses       2882     3793     +911     
- Partials      175      284     +109     
Impacted Files Coverage Δ
...ges/openid4vc-client/src/OpenId4VcClientService.ts 83.49% <100.00%> (+0.97%) ⬆️

... and 135 files with indirect coverage changes

@TimoGlastra TimoGlastra enabled auto-merge (squash) May 10, 2023 09:22
@TimoGlastra TimoGlastra merged commit 7dd4061 into openwallet-foundation:main May 10, 2023
TimoGlastra added a commit that referenced this pull request May 16, 2023
Co-authored-by: Karim Stekelenburg <karim@animo.id>
Co-authored-by: Ariel Gentile <gentilester@gmail.com>
Co-authored-by: Timo Glastra <timo@animo.id>
Co-authored-by: Jim Ezesinachi <ezesinachijim@gmail.com>
Co-authored-by: Ry Jones <ry@linux.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Kim Ebert <kim@developmint.work>
Co-authored-by: Grammatopoulos Athanasios Vasileios <GramThanos@users.noreply.github.com>
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: Victor Anene <62852943+Vickysomtee@users.noreply.github.com>
Co-authored-by: Jim Ezesinachi <jim@animo.id>
Co-authored-by: KolbyRKunz <KolbyKunz@yahoo.com>
Co-authored-by: Berend Sliedrecht <61358536+blu3beri@users.noreply.github.com>
Co-authored-by: Jason C. Leach <jason.leach@fullboar.ca>
Co-authored-by: Martin Auer <martin.auer97@gmail.com>
Co-authored-by: Niall Shaw <100220424+niall-shaw@users.noreply.github.com>
Co-authored-by: Pritam Singh <43764373+Zzocker@users.noreply.github.com>
Co-authored-by: Mo <10432473+morrieinmaas@users.noreply.github.com>
Co-authored-by: NB-MikeRichardson <93971245+NB-MikeRichardson@users.noreply.github.com>
Co-authored-by: Amit-Padmani <106090107+Amit-Padmani@users.noreply.github.com>
Co-authored-by: DaevMithran <61043607+DaevMithran@users.noreply.github.com>
Co-authored-by: Alexander Shenshin <93187809+AlexanderShenshin@users.noreply.github.com>
fix(openid4vc-client): set package to private (#1210)
fix: fix typing issues with typescript 4.9 (#1214)
Fixes #1205
resolver (#1247)
fix: set updateAt on records when updating a record (#1272)
fix(transport)!: added docs moved connection to connectionId (#1222)
fix(indy-vdr): export relevant packages from root (#1291)
fix(askar): generate nonce suitable for anoncreds (#1295)
resolver and registrar for did:indy (#1253)
fix: imports from core (#1303)
fix: thread id improvements (#1311)
fix: loosen base64 validation (#1312)
fix(samples): dummy module response message type (#1321)
fix: seed and private key validation and return type in registrars (#1324)
fix!: don't emit legacy did:sov prefix for new protocols (#1245)
fix(askar): anoncrypt messages unpacking (#1332)
fix: expose indy pool configs and action menu messages (#1333)
fix: create new socket if socket state is 'closing' (#1337)
fix(anoncreds): include prover_did for legacy indy (#1342)
fix(indy-sdk): import from core (#1346)
fix(anoncreds-rs): save revocation registry index (#1351)
fix: isNewSocket logic (#1355)
fix(tenant): Correctly configure storage for multi tenant agents (#1359)
Fixes hyperledger#1353
fix(anoncreds): Buffer not imported from core (#1367)
fix(core): repository event when calling deleteById (#1356)
fix(askar): custom error handling (#1372)
fix: return HTTP 415 if unsupported content type (#1313)
fix: remove named capture groups (#1378)
fix example usage of indy-sdk-react-native package (#1382)
fix: connection id in sessions for new connections (#1383)
fix: did cache key not being set correctly (#1394)
fix: incorrect type for anoncreds registration (#1396)
fix: reference to indyLedgers in IndyXXXNotConfiguredError (#1397)
fix: add reflect-metadata (#1409)
fix: various anoncreds revocation fixes (#1416)
fix: jsonld credential format identifier version (#1412)
fix: remove `deleteOnFinish` and added documentation (#1418)
fix(askar): default key derivation method (#1420)
fix(anoncreds): make revocation status list inline with the spec (#1421)
fix(anoncreds-rs): revocation status list as JSON (#1422)
fix: issuance with unqualified identifiers (#1431)
fix(connections): store imageUrl when using DIDExchange (#1433)
fix(indy-vdr): do not force indy-vdr version (#1434)
fix: small issues with migration and WAL files (#1443)
fix: migration of link secret (#1444)
fix: Emit RoutingCreated event for mediator routing record (#1445)
fix: small updates to cheqd module and demo (#1439)
fix: remove scope check from response (#1450)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants