fix: Do not set default client_id

Author: nklomp

packages/client/lib/OpenID4VCIClient.ts

@@ -76,11 +76,7 @@ export class OpenID4VCIClient {
     this._kid = kid;
     this._alg = alg;
     // TODO: We need to refactor this and always explicitly call createAuthorizationRequestUrl, so we can have a credential selection first and use the kid as a default for the client id
-    this._clientId =
-      clientId ??
-      (credentialOffer && getClientIdFromCredentialOfferPayload(credentialOffer.credential_offer)) ??
-      kid?.split('#')[0] ??
-      'com.sphereon.ssi.wallet';
+    this._clientId = clientId ?? (credentialOffer && getClientIdFromCredentialOfferPayload(credentialOffer.credential_offer)) ?? kid?.split('#')[0];
     this._pkce = { ...this._pkce, ...pkce };
     this._authorizationRequestOpts = this.syncAuthorizationRequestOpts(authorizationRequest);
     debug(`Authorization req options: ${JSON.stringify(this._authorizationRequestOpts, null, 2)}`);
@@ -208,6 +204,7 @@ export class OpenID4VCIClient {
         throw Error(`Cannot retrieve issuer metadata without either a credential offer, or issuer value`);
       }
     }
+
     return this.endpointMetadata;
   }
 
@@ -530,6 +527,24 @@ export class OpenID4VCIClient {
     return this.endpointMetadata ? this.endpointMetadata.credential_endpoint : `${this.getIssuer()}/credential`;
   }
 
+  /**
+   * Too bad we need a method like this, but EBSI is not exposing metadata
+   */
+  public isEBSI() {
+    if (
+      this.credentialOffer?.credential_offer.credentials.find(
+        (cred) =>
+          // eslint-disable-next-line @typescript-eslint/ban-ts-comment
+          // @ts-ignore
+          typeof cred !== 'string' && 'trust_framework' in cred && 'name' in cred.trust_framework && cred.trust_framework.name.includes('ebsi'),
+      )
+    ) {
+      return true;
+    }
+    this.assertIssuerData();
+    return this.endpointMetadata.credentialIssuerMetadata?.authorization_endpoint?.includes('ebsi.eu');
+  }
+
   private assertIssuerData(): void {
     if (!this._credentialIssuer) {
       throw Error(`No credential issuer value present`);

packages/common/lib/functions/CredentialRequestUtil.ts

@@ -11,7 +11,9 @@ export function getTypesFromRequest(credentialRequest: UniformCredentialRequest,
     // @ts-ignore
     types =
       'credential_definition' in credentialRequest && credentialRequest.credential_definition
-        ? credentialRequest.credential_definition.types
+        ? // eslint-disable-next-line @typescript-eslint/ban-ts-comment
+          // @ts-ignore
+          credentialRequest.credential_definition.types
         : credentialRequest.types;
   } else if (credentialRequest.format === 'vc+sd-jwt') {
     types = [credentialRequest.vct];

packages/common/lib/functions/IssuerMetadataUtils.ts

@@ -1,4 +1,5 @@
 import {
+  AuthorizationServerMetadata,
   CredentialIssuerMetadata,
   CredentialOfferFormat,
   CredentialSupported,
@@ -165,3 +166,21 @@ export function getIssuerDisplays(metadata: CredentialIssuerMetadata | IssuerMet
     ) ?? [];
   return matchedDisplays.sort((item) => (item.locale ? opts?.prefLocales.indexOf(item.locale) ?? 1 : Number.MAX_VALUE));
 }
+
+/**
+ * TODO check again when WAL-617 is done to replace how we get the issuer name.
+ */
+export function getIssuerName(
+  url: string,
+  credentialIssuerMetadata?: Partial<AuthorizationServerMetadata> & (CredentialIssuerMetadata | IssuerMetadataV1_0_08),
+): string {
+  if (credentialIssuerMetadata) {
+    const displays: Array<MetadataDisplay> = credentialIssuerMetadata ? getIssuerDisplays(credentialIssuerMetadata) : [];
+    for (const display of displays) {
+      if (display.name) {
+        return display.name;
+      }
+    }
+  }
+  return url;
+}