chore: fixed session lookup by credentialOfferCorrelationId

Author: sanderPostma

packages/issuer-rest/lib/oid4vci-api-functions.ts

@@ -108,7 +108,7 @@ export function getIssuePayloadEndpoint<DIDDoc extends object>(router: Router, i
           error_description: `query parameter 'id' is missing`
         })
       }
-      const session = await issuer.getCredentialOfferSessionById(id as string)
+      const session = await issuer.getCredentialOfferSessionById(id as string, 'preAuthorizedCode')
       if (!session || !session.credentialOffer) {
         return sendErrorResponse(response, 404, {
           error: 'invalid_request',

packages/issuer/lib/VcIssuer.ts

@@ -113,7 +113,7 @@ export class VcIssuer<DIDDoc extends object> {
     this._cNonceExpiresIn = (args?.cNonceExpiresIn ?? (process.env.C_NONCE_EXPIRES_IN ? parseInt(process.env.C_NONCE_EXPIRES_IN) : 300)) as number
   }
 
-  public async getCredentialOfferSessionById(id: string, lookup?: 'uri' | 'id'): Promise<CredentialOfferSession> {
+  public async getCredentialOfferSessionById(id: string, lookup?: 'uri' | 'id' | 'preAuthorizedCode'): Promise<CredentialOfferSession> {
     if (!this.uris) {
       return Promise.reject(Error('Cannot lookup credential offer by id if URI state manager is not set'))
     }
@@ -233,8 +233,8 @@ export class VcIssuer<DIDDoc extends object> {
         throw Error('No URI state manager set, whilst apparently credential offer URIs are being used')
       }
       const credentialOfferCorrelationId = shortUUID.generate()// TODO allow to be supplied
-      credentialOfferObject.credential_offer_uri = opts.credentialOfferUri ?? `${issuerPayloadUri}/${credentialOfferCorrelationId}` // TODO how is this going to work with auth code flow?
-      await this.uris.set(credentialOfferObject.credential_offer_uri, {
+      credentialOfferObject.credential_offer_uri = opts.credentialOfferUri ?? `${issuerPayloadUri?.replace(':id', credentialOfferCorrelationId)}` // TODO how is this going to work with auth code flow?
+      await this.uris.set(credentialOfferCorrelationId, {
         uri: credentialOfferObject.credential_offer_uri,
         createdAt: createdAt,
         preAuthorizedCode,

packages/issuer/lib/__tests__/VcIssuer.spec.ts

@@ -288,7 +288,7 @@ describe('VcIssuer', () => {
       vcIssuer
         .createCredentialOfferURI({
           credentialOfferPayloadMode: 'by_uri_reference',
-          issuerPayloadUri: 'http://issuer-example.com',
+          issuerPayloadUri: 'http://issuer-example.com/:id',
           grants: {
             authorization_code: {
               issuer_state: issuerState
@@ -712,7 +712,7 @@ describe('VcIssuer without did', () => {
   it('should create credential offer uri with by_uri_reference mode', async () => {
     const result = await vcIssuer.createCredentialOfferURI({
       credentialOfferPayloadMode: 'by_uri_reference',
-      issuerPayloadUri: 'https://example.com/api/credentials',
+      issuerPayloadUri: 'https://example.com/api/credentials/:id',
       grants: {
         authorization_code: {
           issuer_state: issuerState
@@ -743,7 +743,7 @@ describe('VcIssuer without did', () => {
   it('should get credential offer session by uri', async () => {
     const result = await vcIssuer.createCredentialOfferURI({
       credentialOfferPayloadMode: 'by_uri_reference',
-      issuerPayloadUri: 'https://example.com/api/credentials',
+      issuerPayloadUri: 'https://example.com/api/credentials/:id',
       grants: {
         authorization_code: {
           issuer_state: issuerState