diff --git a/src/controllers/openid4vc/holder/holder.service.ts b/src/controllers/openid4vc/holder/holder.service.ts index c73b9560..f7970458 100644 --- a/src/controllers/openid4vc/holder/holder.service.ts +++ b/src/controllers/openid4vc/holder/holder.service.ts @@ -200,12 +200,14 @@ export class HolderService { public async resolveProofRequest(agentReq: Req, body: ResolveProofRequest) { return (await agentReq.agent.modules.openid4vc.holder.resolveOpenId4VpAuthorizationRequest( body.proofRequestUri, + body.options, )) as any } public async acceptPresentationRequest(agentReq: Req, body: ResolveProofRequest) { const resolved = await agentReq.agent.modules.openid4vc.holder.resolveOpenId4VpAuthorizationRequest( body.proofRequestUri, + body.options, ) // const presentationExchangeService = agent.dependencyManager.resolve(DifPresentationExchangeService) @@ -224,10 +226,20 @@ export class HolderService { dcql: { credentials: dcqlCredentials as DcqlCredentialsForRequest, }, + origin: body.options?.origin, }) - const result: any = submissionResult.serverResponse - result['authorizationResponsePayload'] = submissionResult.authorizationResponsePayload - return result + if (submissionResult.serverResponse) { + const { serverResponse, ...rest } = submissionResult + + return { + ...serverResponse, + body: rest, + } as any + } + return { + status: 200, + body: submissionResult, + } as any } public async deleteCredential(agentReq: Req, { credentialId, credentialType }: DeleteCredentialBody) { diff --git a/src/controllers/openid4vc/types/holder.types.ts b/src/controllers/openid4vc/types/holder.types.ts index acda4b2c..852470ca 100644 --- a/src/controllers/openid4vc/types/holder.types.ts +++ b/src/controllers/openid4vc/types/holder.types.ts @@ -1,3 +1,5 @@ +import type { ResolveOpenId4VpAuthorizationRequestOptions } from '@credo-ts/openid4vc' + export interface ResolveCredentialOfferBody { credentialOfferUri: string } @@ -17,6 +19,7 @@ export interface AuthorizeRequestCredentialOffer { export interface ResolveProofRequest { proofRequestUri: string + options?: ResolveOpenId4VpAuthorizationRequestOptions } export interface AcceptProofRequest { diff --git a/src/controllers/openid4vc/types/verifier.types.ts b/src/controllers/openid4vc/types/verifier.types.ts index 3e040382..9191d0d8 100644 --- a/src/controllers/openid4vc/types/verifier.types.ts +++ b/src/controllers/openid4vc/types/verifier.types.ts @@ -1,6 +1,6 @@ /* eslint-disable @typescript-eslint/explicit-member-accessibility */ import type { DifPresentationExchangeDefinitionV2 } from '@credo-ts/core' -import type { SubmissionRequirement, Format, Issuance, InputDescriptorV2 } from '@sphereon/pex-models' +import type { Format, Issuance, InputDescriptorV2 } from '@sphereon/pex-models' export enum ResponseModeEnum { DIRECT_POST = 'direct_post', @@ -109,3 +109,9 @@ export class OpenId4VcSiopCreateVerifierOptions { export class OpenId4VcUpdateVerifierRecordOptions { clientMetadata?: OpenId4VcSiopVerifierClientMetadata } + +export interface OpenId4VCDCQLVerificationSessionRecord { + verificationSessionId: string + authorizationResponse: Record + origin?: string +} diff --git a/src/controllers/openid4vc/verifier-sessions/verification-sessions.Controller.ts b/src/controllers/openid4vc/verifier-sessions/verification-sessions.Controller.ts index d6274acf..bd6e4931 100644 --- a/src/controllers/openid4vc/verifier-sessions/verification-sessions.Controller.ts +++ b/src/controllers/openid4vc/verifier-sessions/verification-sessions.Controller.ts @@ -1,4 +1,3 @@ -import { Agent } from '@credo-ts/core' import { OpenId4VcVerificationSessionState } from '@credo-ts/openid4vc' import { Request as Req } from 'express' import { Controller, Get, Path, Query, Route, Request, Security, Tags, Post, Body } from 'tsoa' @@ -6,7 +5,7 @@ import { injectable } from 'tsyringe' import { SCOPES } from '../../../enums' import ErrorHandlingService from '../../../errorHandlingService' -import { CreateAuthorizationRequest } from '../types/verifier.types' +import { CreateAuthorizationRequest, OpenId4VCDCQLVerificationSessionRecord } from '../types/verifier.types' import { VerificationSessionsService } from './verification-sessions.service' @@ -87,4 +86,19 @@ export class VerificationSessionsController extends Controller { throw ErrorHandlingService.handle(error) } } + + /** + * Verify authorization response for a DCAPI proof request + */ + @Post('/verify-authorization-response') + public async verifyDcqlProofRequest( + @Request() request: Req, + @Body() verifydcqlProofRquest: OpenId4VCDCQLVerificationSessionRecord, + ) { + try { + return await this.verificationSessionService.verifyAuthorizationResponse(request, verifydcqlProofRquest) + } catch (error) { + throw ErrorHandlingService.handle(error) + } + } } diff --git a/src/controllers/openid4vc/verifier-sessions/verification-sessions.service.ts b/src/controllers/openid4vc/verifier-sessions/verification-sessions.service.ts index d8328528..414e32b9 100644 --- a/src/controllers/openid4vc/verifier-sessions/verification-sessions.service.ts +++ b/src/controllers/openid4vc/verifier-sessions/verification-sessions.service.ts @@ -15,6 +15,10 @@ import { ClientIdPrefix, CreateAuthorizationRequest, OpenId4VcIssuerX5cOptions, + OpenId4VCDCQLVerificationSessionRecord, + OpenId4VcIssuerX5c, + ClientIdPrefix, + OpenId4VcIssuerX5cOptions, ResponseModeEnum, } from '../types/verifier.types' @@ -200,4 +204,16 @@ export class VerificationSessionsService { : undefined, } as any } + + public async verifyAuthorizationResponse( + agentReq: Req, + verifydcqlProofRquest: OpenId4VCDCQLVerificationSessionRecord, + ) { + const verifier = agentReq.agent.modules.openid4vc.verifier + if (!verifier) { + throw new Error('OID4VC verifier module not initialized') + } + const result = (await verifier.verifyAuthorizationResponse({ ...verifydcqlProofRquest })) as any + return result + } }