feat: updated authorization request dto

Signed-off-by: Mykhailo Sizov <[email protected]>
mishasizov-SK · Feb 16, 2024 · ae85aab · ae85aab
1 parent 5d18d28
commit ae85aab
Show file tree

Hide file tree

Showing 3 changed files with 44 additions and 15 deletions.
diff --git a/pkg/openid4ci/interaction.go b/pkg/openid4ci/interaction.go
@@ -153,17 +153,23 @@ func (i *interaction) instantiateCodeVerifier() error {
 func (i *interaction) generateAuthorizationDetails(format string, types []string) ([]byte, error) {
 	// TODO: Add support for requesting multiple credentials at once (by sending an array).
 	// Currently we always use the first credential type specified in the offer.
-	authorizationDetails := &authorizationDetails{
-		Type:   "openid_credential",
-		Types:  types,
-		Format: format,
+	authorizationDetailsDTO := &authorizationDetails{
+		CredentialConfigurationID: "",
+		CredentialDefinition: &issuer.CredentialDefinition{
+			Context:           nil,
+			CredentialSubject: nil,
+			Type:              types,
+		},
+		Format:    format,
+		Locations: nil,
+		Type:      "openid_credential",
 	}
 
 	if i.issuerMetadata.AuthorizationServer != "" {
-		authorizationDetails.Locations = []string{i.issuerMetadata.CredentialIssuer}
+		authorizationDetailsDTO.Locations = []string{i.issuerMetadata.CredentialIssuer}
 	}
 
-	authorizationDetailsBytes, err := json.Marshal(authorizationDetails)
+	authorizationDetailsBytes, err := json.Marshal(authorizationDetailsDTO)
 	if err != nil {
 		return nil, err
 	}

diff --git a/pkg/openid4ci/issuerinitiatedinteraction_test.go b/pkg/openid4ci/issuerinitiatedinteraction_test.go
@@ -400,9 +400,9 @@ func TestIssuerInitiatedInteraction_CreateAuthorizationURL(t *testing.T) {
 			authorizationURL, err := interaction.CreateAuthorizationURL("clientID", "redirectURI")
 			require.NoError(t, err)
 			require.Contains(t, authorizationURL, authorizationServerURL+
-				"?authorization_details=%7B%22type%22%3A%22openid_credential%22%2C%22locations"+
-				"%22%3A%5B%22%22%5D%2C%22types%22%3A%5B%22VerifiableCredential%22%2C%22VerifiedEmployee%22%5D%2C%22"+
-				"format%22%3A%22jwt_vc_json%22%7D&client_id=clientID")
+				"?authorization_details=%7B%22credential_definition%22%3A%7B%22type%22%3A%5B%22VerifiableCredential"+
+				"%22%2C%22VerifiedEmployee%22%5D%7D%2C%22format%22%3A%22jwt_vc_json%22%2C%22locations%22%3A%5B%22%2"+
+				"2%5D%2C%22type%22%3A%22openid_credential%22%7D&client_id=clientID")
 		})
 		t.Run("Using the OAuth Discoverable Client ID Scheme", func(t *testing.T) {
 			interaction := newIssuerInitiatedInteraction(t, createCredentialOfferIssuanceURI(t, server.URL, true, true))
@@ -411,9 +411,9 @@ func TestIssuerInitiatedInteraction_CreateAuthorizationURL(t *testing.T) {
 				openid4ci.WithOAuthDiscoverableClientIDScheme())
 			require.NoError(t, err)
 			require.Contains(t, authorizationURL, authorizationServerURL+
-				"?authorization_details=%7B%22type%22%3A%22openid_credential%22%2C%22locations"+
-				"%22%3A%5B%22%22%5D%2C%22types%22%3A%5B%22VerifiableCredential%22%2C%22VerifiedEmployee%22%5D%2C%22"+
-				"format%22%3A%22jwt_vc_json%22%7D&client_id=clientID")
+				"?authorization_details=%7B%22credential_definition%22%3A%7B%22type%22%3A%5B%22VerifiableCredential"+
+				"%22%2C%22VerifiedEmployee%22%5D%7D%2C%22format%22%3A%22jwt_vc_json%22%2C%22locations%22%3A%5B%22%2"+
+				"2%5D%2C%22type%22%3A%22openid_credential%22%7D&client_id=clientID")
 		})
 	})
 	t.Run("Fail to get issuer metadata", func(t *testing.T) {

diff --git a/pkg/openid4ci/models.go b/pkg/openid4ci/models.go
@@ -9,6 +9,8 @@ package openid4ci
 import (
 	"encoding/json"
 	"time"
+
+	"github.com/trustbloc/wallet-sdk/pkg/models/issuer"
 )
 
 // CredentialOffer represents the Credential Offer object as defined in
@@ -32,11 +34,32 @@ type AuthorizeResult struct {
 	UserPINRequired               bool
 }
 
+// authorizationDetails is a model to convey the details about the Credentials the Client wants to obtain.
 type authorizationDetails struct {
-	Type      string   `json:"type,omitempty"`
+	// REQUIRED when Format parameter is not present.
+	// String specifying a unique identifier of the Credential being described in the
+	// credential_configurations_supported map in the Credential Issuer Metadata.
+	// The referenced object in the credential_configurations_supported map conveys the details,
+	// such as the format, for issuance of the requested Credential.
+	// It MUST NOT be present if format parameter is present.
+	CredentialConfigurationID string `json:"credential_configuration_id,omitempty"`
+
+	// Object containing the detailed description of the credential type.
+	CredentialDefinition *issuer.CredentialDefinition `json:"credential_definition,omitempty"`
+
+	// REQUIRED when CredentialConfigurationID parameter is not present.
+	// String identifying the format of the Credential the Wallet needs.
+	// This Credential format identifier determines further claims in the authorization details object needed
+	// to identify the Credential type in the requested format.
+	// It MUST NOT be present if credential_configuration_id parameter is present.
+	Format string `json:"format,omitempty"`
+
+	// An array of strings that allows a client to specify the location of the resource server(s)
+	// allowing the Authorization Server to mint audience restricted access tokens.
 	Locations []string `json:"locations,omitempty"`
-	Types     []string `json:"types,omitempty"`
-	Format    string   `json:"format,omitempty"`
+
+	// String that determines the authorization details type. MUST be set to "openid_credential" for OIDC4VC.
+	Type string `json:"type"`
 }
 
 // OpenIDConfig represents an issuer's OpenID configuration.