diff --git a/CHANGELOG.md b/CHANGELOG.md index e12018ca..82434ade 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,6 +4,7 @@ Release 5.2.0: - SD-JWT: Validate confirmation claims correctly - Adapt to changes in `signum`, i.e. the classes `JwsSigned` and `JweDecrypted` are now typed to their payload - ISO credentials: Serialize and deserialize device signed items correctly (i.e. considering the namespace of the element) + - Add `issuerState` to `OAuth2Client.createAuthRequest` for OID4VCI flows Release 5.1.0: - Drop ARIES protocol implementation, and the `vck-aries` artifact diff --git a/vck-openid/src/commonMain/kotlin/at/asitplus/wallet/lib/oauth2/OAuth2Client.kt b/vck-openid/src/commonMain/kotlin/at/asitplus/wallet/lib/oauth2/OAuth2Client.kt index 45430045..843082bf 100644 --- a/vck-openid/src/commonMain/kotlin/at/asitplus/wallet/lib/oauth2/OAuth2Client.kt +++ b/vck-openid/src/commonMain/kotlin/at/asitplus/wallet/lib/oauth2/OAuth2Client.kt @@ -6,7 +6,10 @@ import at.asitplus.openid.OpenIdConstants.GRANT_TYPE_CODE import at.asitplus.signum.indispensable.io.Base64UrlStrict import at.asitplus.wallet.lib.iso.sha256 import at.asitplus.wallet.lib.jws.JwsService -import at.asitplus.wallet.lib.oidvci.* +import at.asitplus.wallet.lib.oidvci.DefaultMapStore +import at.asitplus.wallet.lib.oidvci.MapStore +import at.asitplus.wallet.lib.oidvci.WalletService +import at.asitplus.wallet.lib.oidvci.buildDPoPHeader import io.matthewnelson.encoding.core.Encoder.Companion.encodeToString import kotlin.random.Random @@ -52,12 +55,14 @@ class OAuth2Client( * @param authorizationDetails from RFC 9396 OAuth 2.0 Rich Authorization Requests * @param resource from RFC 8707 Resource Indicators for OAuth 2.0, in OID4VCI flows the value * of [IssuerMetadata.credentialIssuer] + * @param issuerState for OID4VCI flows the value from [CredentialOfferGrantsAuthCode.issuerState] */ suspend fun createAuthRequest( state: String, authorizationDetails: Set? = null, scope: String? = null, resource: String? = null, + issuerState: String? = null, ) = AuthenticationRequestParameters( responseType = GRANT_TYPE_CODE, state = state, @@ -65,6 +70,7 @@ class OAuth2Client( authorizationDetails = authorizationDetails, scope = scope, resource = resource, + issuerState = issuerState, redirectUrl = redirectUrl, codeChallenge = generateCodeVerifier(state), codeChallengeMethod = CODE_CHALLENGE_METHOD_SHA256, diff --git a/vck-openid/src/commonMain/kotlin/at/asitplus/wallet/lib/oidvci/CredentialIssuer.kt b/vck-openid/src/commonMain/kotlin/at/asitplus/wallet/lib/oidvci/CredentialIssuer.kt index 8f9dcef1..fbf40fd9 100644 --- a/vck-openid/src/commonMain/kotlin/at/asitplus/wallet/lib/oidvci/CredentialIssuer.kt +++ b/vck-openid/src/commonMain/kotlin/at/asitplus/wallet/lib/oidvci/CredentialIssuer.kt @@ -91,7 +91,7 @@ class CredentialIssuer( * Offer all [credentialSchemes] to clients. * * Callers need to encode this in [CredentialOfferUrlParameters], and offer the resulting URL to clients, - * i.e. by displaying a QR Code that can be scanned with wallet appps. + * i.e. by displaying a QR Code that can be scanned with wallet apps. */ suspend fun credentialOfferWithAuthorizationCode(): CredentialOffer = CredentialOffer( credentialIssuer = publicContext, diff --git a/vck-openid/src/commonMain/kotlin/at/asitplus/wallet/lib/oidvci/Extensions.kt b/vck-openid/src/commonMain/kotlin/at/asitplus/wallet/lib/oidvci/Extensions.kt index 3d9c4878..c08a4670 100644 --- a/vck-openid/src/commonMain/kotlin/at/asitplus/wallet/lib/oidvci/Extensions.kt +++ b/vck-openid/src/commonMain/kotlin/at/asitplus/wallet/lib/oidvci/Extensions.kt @@ -112,8 +112,8 @@ fun CredentialFormatEnum.toRepresentation() = when (this) { fun Issuer.IssuedCredential.toCredentialResponseParameters() = when (this) { is Issuer.IssuedCredential.Iso -> CredentialResponseParameters( - CredentialFormatEnum.MSO_MDOC, - issuerSigned.serialize().encodeToString(Base64UrlStrict), + format = CredentialFormatEnum.MSO_MDOC, + credential = issuerSigned.serialize().encodeToString(Base64UrlStrict), ) is Issuer.IssuedCredential.VcJwt -> CredentialResponseParameters(