Merge pull request #118 from cre8/fix/tx_code

nklomp · web-flow · commit 1c9b5eab3343 · 2024-07-05T10:05:03.000+02:00
fix: update tx_code check
diff --git a/packages/issuer-rest/lib/__tests__/IssuerTokenServer.spec.ts b/packages/issuer-rest/lib/__tests__/IssuerTokenServer.spec.ts
@@ -60,6 +60,11 @@ describe('OID4VCIServer', () => {
           grants: {
             'urn:ietf:params:oauth:grant-type:pre-authorized_code': {
               user_pin_required: true,
+              tx_code: {
+                length: 6,
+                input_mode: 'numeric',
+                description: 'Please enter the 6 digit code you received on your phone',
+              },
               'pre-authorized_code': preAuthorizedCode1,
             },
           },
@@ -79,7 +84,6 @@ describe('OID4VCIServer', () => {
             'urn:ietf:params:oauth:grant-type:pre-authorized_code': {
               ...credentialOfferState1.credentialOffer.credential_offer?.grants?.['urn:ietf:params:oauth:grant-type:pre-authorized_code'],
               'pre-authorized_code': preAuthorizedCode2,
-              user_pin_required: false,
             },
           },
         },
@@ -185,7 +189,7 @@ describe('OID4VCIServer', () => {
   it('should return http code 400 with message User pin is required', async () => {
     const res = await requests(app)
       .post('/token')
-      .send(`grant_type=urn:ietf:params:oauth:grant-type:pre-authorized_code&pre-authorized_code=${preAuthorizedCode1}`)
+      .send(`grant_type=urn:ietf:params:oauth:grant-type:pre-authorized_code&pre-authorized_code=${preAuthorizedCode1}&user_pin=12345678`)
     expect(res.statusCode).toEqual(400)
     const actual = JSON.parse(res.text)
     expect(actual).toEqual({
diff --git a/packages/issuer/lib/tokens/index.ts b/packages/issuer/lib/tokens/index.ts
@@ -110,7 +110,7 @@ export const assertValidAccessTokenRequest = async (
   invalid_request:
   the Authorization Server does not expect a PIN in the pre-authorized flow but the client provides a PIN
    */
-  if (!credentialOfferSession.credentialOffer.credential_offer?.grants?.[GrantTypes.PRE_AUTHORIZED_CODE]?.user_pin_required && request.user_pin) {
+  if (!credentialOfferSession.credentialOffer.credential_offer?.grants?.[GrantTypes.PRE_AUTHORIZED_CODE]?.tx_code && request.user_pin) {
     throw new TokenError(400, TokenErrorResponse.invalid_request, USER_PIN_NOT_REQUIRED_ERROR)
   }
   /*

Original file line number	Diff line number	Diff line change
`@@ -110,7 +110,7 @@ export const assertValidAccessTokenRequest = async (`
`110`	`110`	`invalid_request:`
`111`	`111`	`the Authorization Server does not expect a PIN in the pre-authorized flow but the client provides a PIN`
`112`	`112`	`*/`
`113`		`- if (!credentialOfferSession.credentialOffer.credential_offer?.grants?.[GrantTypes.PRE_AUTHORIZED_CODE]?.user_pin_required && request.user_pin) {`
	`113`	`+ if (!credentialOfferSession.credentialOffer.credential_offer?.grants?.[GrantTypes.PRE_AUTHORIZED_CODE]?.tx_code && request.user_pin) {`
`114`	`114`	`throw new TokenError(400, TokenErrorResponse.invalid_request, USER_PIN_NOT_REQUIRED_ERROR)`
`115`	`115`	`}`
`116`	`116`	`/*`