fix: hasher dependency and token request assert vci11/13

auer-martin · auer-martin · commit 81bf7692bd77 · 2024-07-04T15:46:39.000+02:00
diff --git a/packages/issuer/lib/VcIssuer.ts b/packages/issuer/lib/VcIssuer.ts
@@ -343,12 +343,24 @@ export class VcIssuer<DIDDoc extends object> {
         credential.credentialSubject = Array.isArray(credential.credentialSubject) ? credentialSubjects : credentialSubjects[0]
       }
 
+      let issuer: string | undefined = undefined
+      if (credential.iss) {
+        issuer = credential.iss
+      } else if (credential.issuer) {
+        if (typeof credential.issuer === 'string') {
+          issuer = credential.issuer
+        } else if (typeof credential.issuer === 'object' && 'id' in credential.issuer && typeof credential.issuer.id === 'string') {
+          issuer = credential.issuer.id
+        }
+      }
+
       const verifiableCredential = await this.issueCredentialImpl(
         {
           credentialRequest: opts.credentialRequest,
           format,
           credential,
           jwtVerifyResult,
+          issuer,
         },
         signerCallback,
       )
@@ -597,23 +609,22 @@ export class VcIssuer<DIDDoc extends object> {
       credential: CredentialIssuanceInput
       jwtVerifyResult: JwtVerifyResult<DIDDoc>
       format?: OID4VCICredentialFormat
+      issuer?: string
     },
     issuerCallback?: CredentialSignerCallback<DIDDoc>,
   ): Promise<W3CVerifiableCredential | CompactSdJwtVc> {
     if ((!opts.credential && !opts.credentialRequest) || !this._credentialSignerCallback) {
       throw new Error(ISSUER_CONFIG_ERROR)
     }
     const credential = issuerCallback ? await issuerCallback(opts) : await this._credentialSignerCallback(opts)
-    const uniform = CredentialMapper.toUniformCredential(credential)
-    const issuer = uniform.issuer ? (typeof uniform.issuer === 'string' ? uniform.issuer : uniform.issuer.id) : '<unknown>'
 
     // TODO: Create builder
     EVENTS.emit(CredentialEventNames.OID4VCI_CREDENTIAL_ISSUED, {
       eventName: CredentialEventNames.OID4VCI_CREDENTIAL_ISSUED,
       id: v4(),
       data: credential,
       // TODO: Format, request etc
-      initiator: issuer ?? '<unknown>',
+      initiator: opts.issuer ?? '<unknown>',
       initiatorType: InitiatorType.EXTERNAL,
       system: System.OID4VCI,
       subsystem: SubSystem.VC_ISSUER,
diff --git a/packages/issuer/lib/tokens/index.ts b/packages/issuer/lib/tokens/index.ts
@@ -100,19 +100,18 @@ export const assertValidAccessTokenRequest = async (
   invalid_request:
   the Authorization Server expects a PIN in the pre-authorized flow but the client does not provide a PIN
    */
-  if (
-    credentialOfferSession.credentialOffer.credential_offer?.grants?.['urn:ietf:params:oauth:grant-type:pre-authorized_code']?.tx_code &&
-    !request.user_pin
-  ) {
+  const preAuthorizedGrant = credentialOfferSession.credentialOffer.credential_offer?.grants?.[GrantTypes.PRE_AUTHORIZED_CODE]
+  if ((preAuthorizedGrant?.tx_code || preAuthorizedGrant?.user_pin_required) && !request.user_pin) {
     throw new TokenError(400, TokenErrorResponse.invalid_request, USER_PIN_REQUIRED_ERROR)
   }
   /*
   invalid_request:
   the Authorization Server does not expect a PIN in the pre-authorized flow but the client provides a PIN
    */
-  if (!credentialOfferSession.credentialOffer.credential_offer?.grants?.[GrantTypes.PRE_AUTHORIZED_CODE]?.user_pin_required && request.user_pin) {
+  if (!preAuthorizedGrant?.user_pin_required && !preAuthorizedGrant?.tx_code && request.user_pin) {
     throw new TokenError(400, TokenErrorResponse.invalid_request, USER_PIN_NOT_REQUIRED_ERROR)
   }
+
   /*
   invalid_grant:
   the Authorization Server expects a PIN in the pre-authorized flow but the client provides the wrong PIN
