From e132b292afffe8aaf462c0cff774316a3ffa33fd Mon Sep 17 00:00:00 2001 From: Roland Groen Date: Mon, 8 Apr 2024 23:18:23 +0200 Subject: [PATCH] Resolve unexpected redirectUri parsing issue Altered the parsing method of redirectUri to correctly include requesterDidUrl.Host, which was previously fixed to the hostname "/iam/oid4vci/callback". Improved the error message on failed issuer DID ownership validation for better debugging and clarity. --- auth/api/iam/api.go | 2 +- auth/api/iam/api_test.go | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/auth/api/iam/api.go b/auth/api/iam/api.go index e7254ea8fa..a0efa87de6 100644 --- a/auth/api/iam/api.go +++ b/auth/api/iam/api.go @@ -646,7 +646,7 @@ func (r Wrapper) RequestOid4vciCredentialIssuance(ctx context.Context, request R log.Logger().WithError(err).Errorf("failed convert did (%s) to url", requestHolder.String()) return nil, err } - redirectUri, err := url.Parse("/iam/oid4vci/callback") + redirectUri, err := url.Parse(fmt.Sprintf("https://%s/iam/oid4vci/callback", requesterDidUrl.Host)) if err != nil { log.Logger().WithError(err).Errorf("failed to create the url for host: %s", requesterDidUrl.Host) return nil, err diff --git a/auth/api/iam/api_test.go b/auth/api/iam/api_test.go index 6a870eb431..1ddb64a13d 100644 --- a/auth/api/iam/api_test.go +++ b/auth/api/iam/api_test.go @@ -897,7 +897,7 @@ func TestWrapper_RequestOid4vciCredentialIssuance(t *testing.T) { require.NoError(t, err) require.NotNil(t, issuance) actual := issuance.(RequestOid4vciCredentialIssuance200JSONResponse) - redirectUri, _ := url.Parse(actual.RedirectUri) + redirectUri, _ := url.Parse(actual.RedirectURI) assert.Equal(t, "auth.server", redirectUri.Host) assert.Equal(t, "/authorize", redirectUri.Path) assert.True(t, redirectUri.Query().Has("state")) @@ -926,7 +926,7 @@ func TestWrapper_RequestOid4vciCredentialIssuance(t *testing.T) { ctx.vdr.EXPECT().IsOwner(nil, holderDID).Return(false, nil) _, err := ctx.client.RequestOid4vciCredentialIssuance(nil, requestCredentials(holderDID, issuerDID, redirectURI)) require.Error(t, err) - assert.EqualError(t, err, "DID document not managed by this node") + assert.EqualError(t, err, "problem with owner DID: DID document not managed by this node") }) t.Run("no_auth_endpoint_err_2", func(t *testing.T) { ctx := newTestClient(t)