fix: Use response_uri instead of redirect_uri

packages/oid4vci-holder/src/agent/OID4VCIHolder.ts

@@ -54,7 +54,7 @@ export class OID4VCIHolder implements IAgentPlugin {
 
   readonly methods: IOID4VCIHolder = {
     oid4vciHolderGetMachineInterpreter: this.oid4vciHolderGetMachineInterpreter.bind(this),
-    oid4vciHolderGetInitiationData: this.oid4vciHolderGetInitiationData.bind(this),
+    oid4vciHolderGetInitiationData: this.oid4vciHolderGetCredentialOfferData.bind(this),
     oid4vciHolderCreateCredentialSelection: this.oid4vciHolderCreateCredentialSelection.bind(this),
     oid4vciHolderGetContact: this.oid4vciHolderGetContact.bind(this),
     oid4vciHolderGetCredentials: this.oid4vciHolderGetCredentials.bind(this),
@@ -95,7 +95,7 @@ export class OID4VCIHolder implements IAgentPlugin {
 
   private async oid4vciHolderGetMachineInterpreter(args: OID4VCIMachineInstanceOpts, context: RequiredContext): Promise<OID4VCIMachineType> {
     const services = {
-      initiateOID4VCI: (args: InitiateOID4VCIArgs) => this.oid4vciHolderGetInitiationData(args, context),
+      initiateOID4VCI: (args: InitiateOID4VCIArgs) => this.oid4vciHolderGetCredentialOfferData(args, context),
       createCredentialSelection: (args: CreateCredentialSelectionArgs) => this.oid4vciHolderCreateCredentialSelection(args, context),
       getContact: (args: GetContactArgs) => this.oid4vciHolderGetContact(args, context),
       getCredentials: (args: GetCredentialsArgs) => this.oid4vciHolderGetCredentials(args, context),
@@ -121,7 +121,7 @@ export class OID4VCIHolder implements IAgentPlugin {
     }
   }
 
-  private async oid4vciHolderGetInitiationData(args: InitiateOID4VCIArgs, context: RequiredContext): Promise<InitiationData> {
+  private async oid4vciHolderGetCredentialOfferData(args: InitiateOID4VCIArgs, context: RequiredContext): Promise<InitiationData> {
     const { requestData } = args
 
     if (requestData?.uri === undefined) {
@@ -132,11 +132,12 @@ export class OID4VCIHolder implements IAgentPlugin {
       !requestData?.uri ||
       !(requestData?.uri.startsWith(RequestType.OPENID_INITIATE_ISSUANCE) || requestData?.uri.startsWith(RequestType.OPENID_CREDENTIAL_OFFER))
     ) {
-      return Promise.reject(Error(`Invalid OID4VCI URI: ${requestData?.uri}`))
+      return Promise.reject(Error(`Invalid OID4VCI credential offer URI: ${requestData?.uri}`))
     }
 
     const openID4VCIClient = await OpenID4VCIClient.fromURI({
       uri: requestData?.uri,
+      // TODO: It would be nice to be able to configure the plugin with a custom redirect URI, mainly for mobile
       authorizationRequest: { redirectUri: `${DefaultURISchemes.CREDENTIAL_OFFER}://` },
     })
 

packages/siopv2-oid4vp-common/package.json

@@ -12,7 +12,7 @@
     "access": "public"
   },
   "dependencies": {
-    "@sphereon/did-auth-siop": "0.6.0",
+    "@sphereon/did-auth-siop": "0.6.2",
     "@sphereon/ssi-sdk.core": "workspace:*",
     "@sphereon/ssi-types": "workspace:*",
     "uint8arrays": "3.1.1"

packages/siopv2-oid4vp-op-auth/package.json

@@ -14,7 +14,7 @@
     "build:clean": "tsc --build --clean && tsc --build"
   },
   "dependencies": {
-    "@sphereon/did-auth-siop": "0.6.0",
+    "@sphereon/did-auth-siop": "0.6.2",
     "@sphereon/pex": "^3.3.0",
     "@sphereon/pex-models": "2.2.2",
     "@sphereon/ssi-sdk-ext.did-utils": "0.15.0",

packages/siopv2-oid4vp-rp-auth/package.json

@@ -14,7 +14,7 @@
     "build:clean": "tsc --build --clean && tsc --build"
   },
   "dependencies": {
-    "@sphereon/did-auth-siop": "0.6.0",
+    "@sphereon/did-auth-siop": "0.6.2",
     "@sphereon/pex": "^3.3.0",
     "@sphereon/ssi-sdk-ext.did-utils": "0.15.0",
     "@sphereon/ssi-sdk.core": "workspace:*",

packages/siopv2-oid4vp-rp-rest-api/package.json

@@ -11,7 +11,7 @@
     "start:dev": "ts-node __tests__/RestAPI.ts"
   },
   "dependencies": {
-    "@sphereon/did-auth-siop": "0.6.0",
+    "@sphereon/did-auth-siop": "0.6.2",
     "@sphereon/ssi-express-support": "workspace:*",
     "@sphereon/ssi-sdk.core": "workspace:*",
     "@sphereon/ssi-sdk.kv-store-temp": "workspace:*",

packages/siopv2-oid4vp-rp-rest-api/src/siop-api-functions.ts

@@ -25,18 +25,20 @@ export function verifyAuthResponseSIOPv2Endpoint(
       console.log('Authorization Response (siop-sessions')
       console.log(JSON.stringify(request.body, null, 2))
       const definition = await context.agent.pexStoreGetDefinition({ definitionId })
+      if (!definition) {
+        console.log(`Could not get definition ${definitionId} from agent. Will return 404`)
+        response.statusCode = 404
+        response.statusMessage = `No definition ${definitionId}`
+        return response.send()
+      }
       const authorizationResponse =
         typeof request.body === 'string' ? (JSON.parse(request.body) as AuthorizationResponsePayload) : (request.body as AuthorizationResponsePayload)
       if (typeof authorizationResponse.presentation_submission === 'string') {
-        console.log(`Supplied presentation_submission was a string instead of JSON. Correctig, but external party should fix their implementation!`)
+        console.log(`Supplied presentation_submission was a string instead of JSON. Correcting, but external party should fix their implementation!`)
         authorizationResponse.presentation_submission = JSON.parse(authorizationResponse.presentation_submission) as PresentationSubmission
       }
       console.log(`URI: ${JSON.stringify(authorizationResponse)}`)
-      if (!definition) {
-        response.statusCode = 404
-        response.statusMessage = `No definition ${definitionId}`
-        return response.send()
-      }
+
       const verifiedResponse = await context.agent.siopVerifyAuthResponse({
         authorizationResponse,
         correlationId,
@@ -53,12 +55,13 @@ export function verifyAuthResponseSIOPv2Endpoint(
       if (wrappedPresentation) {
         // const credentialSubject = wrappedPresentation.presentation.verifiableCredential[0]?.credential?.credentialSubject
         // console.log(JSON.stringify(credentialSubject, null, 2))
-        console.log(JSON.stringify(wrappedPresentation.presentation, null, 2))
+        console.log('PRESENTATION:' + JSON.stringify(wrappedPresentation.presentation, null, 2))
         response.statusCode = 200
         // todo: delete session
       } else {
+        console.log('Missing Presentation (Verifiable Credentials)')
         response.statusCode = 500
-        response.statusMessage = 'Missing Credentials'
+        response.statusMessage = 'Missing Presentation (Verifiable Credentials)'
       }
       return response.send()
     } catch (error) {

packages/siopv2-oid4vp-rp-rest-api/src/webapp-api-functions.ts

@@ -30,7 +30,7 @@ export function createAuthRequestWebappEndpoint(router: Router, context: IRequir
         state,
         nonce: opts?.nonce,
         requestByReferenceURI,
-        responseURIType: 'redirect_uri',
+        responseURIType: 'response_uri',
         responseURI,
       })
       const authRequestBody: GenerateAuthRequestURIResponse = {

packages/w3c-vc-api/package.json

@@ -11,7 +11,7 @@
     "start:dev": "ts-node __tests__/agent.ts"
   },
   "dependencies": {
-    "@sphereon/did-auth-siop": "0.6.0",
+    "@sphereon/did-auth-siop": "0.6.2",
     "@sphereon/ssi-express-support": "workspace:*",
     "@sphereon/ssi-sdk.core": "workspace:*",
     "@sphereon/ssi-sdk.kv-store-temp": "workspace:*",