Merge pull request #228 from walt-id/fix-presentation-submission-from-legacy-response

fix: parsing and test parsing of ValidatedID SIOP response

Author: severinstampler

.github/workflows/release.yml

@@ -66,7 +66,7 @@ jobs:
                       chore: Chores
                       other: Other Changes
                   default-commit-type: Other Changes
-                  release-name: ${{ env.release_version }}
+                  release-name: v${{ env.release_version }}
                   mention-authors: true
                   mention-new-contributors: true
                   include-compare: true

src/main/kotlin/id/walt/model/oidc/IDToken.kt

@@ -2,6 +2,7 @@ package id.walt.model.oidc
 
 import com.beust.klaxon.Json
 import com.beust.klaxon.Klaxon
+import com.fasterxml.jackson.databind.annotation.JsonSerialize
 import com.nimbusds.jwt.SignedJWT
 import id.walt.common.KlaxonWithConverters
 import id.walt.model.dif.PresentationSubmission
@@ -12,20 +13,21 @@ import java.time.Instant
 
 data class IDToken(
     @Json("iss") val issuer: String = "https://self-issued.me/v2",
-    @Json("sub") val subject: String,
-    @Json("aud") val client_id: String,
-    @Json("exp") val expiration: Long = Instant.now().plusSeconds((60 * 60).toLong()).epochSecond,
-    @Json("iat") val issueDate: Long = Instant.now().epochSecond,
-    val nonce: String,
+    @Json(name = "sub", serializeNull = false) val subject: String? = null,
+    @Json(name = "aud", serializeNull = false) val client_id: String? = null,
+    @Json(name = "exp", serializeNull = false) val expiration: Long? = null,
+    @Json(name = "iat", serializeNull = false) val issueDate: Long? = null,
+    @Json(name = "nonce", serializeNull = false) val nonce: String? = null,
     @Json(name = "_vp_token", serializeNull = false) val vpTokenRef: VpTokenRef?,
     @Json(ignored = true) var jwt: String? = null
 ) {
     fun sign(): String {
-        return JwtService.getService().sign(subject, Klaxon().toJsonString(this))
+        return subject?.let {JwtService.getService().sign(it, Klaxon().toJsonString(this)) } ?:
+            throw Exception("No subject specified")
     }
 
     fun verify(): Boolean {
-        if (jwt != null) {
+        if (jwt != null && subject != null) {
             if (KeyStoreService.getService().getKeyId(subject) == null) {
                 DidService.importKeys(subject)
             }

src/test/kotlin/id/walt/services/oidc/OIDC4VCTest.kt

@@ -445,4 +445,13 @@ class OIDC4VCTest : AnnotationSpec() {
 
         KlaxonWithConverters().toJsonString(presentation) shouldEqualJson KlaxonWithConverters().toJsonString(OIDCTestProvider.TEST_PRESENTATION_DEFINITION)
     }
+
+    @Test
+    fun testValidatedIDSIOPResponse() {
+        val response = "id_token=eyJhbGciOiJFUzI1NksiLCJqd2siOnsiY3J2Ijoic2VjcDI1NmsxIiwia3R5IjoiRUMiLCJ4IjoiQVBaOUVmNVhvWVowYzBhRFRlNHhrem1lZWpGZS1XVVZmY0RpZnVkbnlRayIsInkiOiJDdGVlWGVkZEFlbTFZdVdrM1dIMkR4Y0RsbTVPRlZzRW4xVlJjcWVSVkJvIn0sImtpZCI6ImRpZDplYnNpOnpyajFUbVNEajFIajVKQkpkcFBQZmgxRFd0TURFcTdIRm93SnMxbkJ3OWhabSM0cy1UUHFvQjNTNlJ3VjRESzFJenZETVJWN21sNUk0bi1md2U0MXdQN1N3IiwidHlwIjoiSldUIn0.eyJfdnBfdG9rZW4iOnsicHJlc2VudGF0aW9uX3N1Ym1pc3Npb24iOnsiZGVmaW5pdGlvbl9pZCI6ImNvbmZvcm1hbmNlX21vY2tfdnBfcmVxdWVzdCIsImRlc2NyaXB0b3JfbWFwIjpbeyJmb3JtYXQiOiJqd3RfdnAiLCJpZCI6ImNvbmZvcm1hbmNlX21vY2tfdnAiLCJwYXRoIjoiJCJ9XSwiaWQiOiJhZWY1MTU4OS05MGM4LTQ4NWQtOTQwZi0yOTQ5NjE2NzMyY2QifX0sImlhdCI6MTY3NzUxMTYwNywiaXNzIjoiaHR0cHM6Ly9zZWxmLWlzc3VlZC5tZS92MiJ9.OytXRqiLDrHEaFD-PIa4Pf8NuWEV8bS2fKpi7eS9SZu8PCu8gRev-222LQWGQhJl43ekprLsgWf0NO7Hdm-Gmg&vp_token=eyJhbGciOiJFUzI1NksiLCJqd2siOnsiY3J2Ijoic2VjcDI1NmsxIiwia3R5IjoiRUMiLCJ4IjoiQVBaOUVmNVhvWVowYzBhRFRlNHhrem1lZWpGZS1XVVZmY0RpZnVkbnlRayIsInkiOiJDdGVlWGVkZEFlbTFZdVdrM1dIMkR4Y0RsbTVPRlZzRW4xVlJjcWVSVkJvIn0sImtpZCI6ImRpZDplYnNpOnpyajFUbVNEajFIajVKQkpkcFBQZmgxRFd0TURFcTdIRm93SnMxbkJ3OWhabSM0cy1UUHFvQjNTNlJ3VjRESzFJenZETVJWN21sNUk0bi1md2U0MXdQN1N3IiwidHlwIjoiSldUIn0.eyJhdWQiOiJkaWQ6ZWJzaTp6WmNuS0w4Vk1KTEFoMm02MzZLd1NuMyIsImV4cCI6MTY3NzUxMjUwNywiaWF0IjoxNjc3NTExNjA3LCJpc3MiOiJkaWQ6ZWJzaTp6cmoxVG1TRGoxSGo1SkJKZHBQUGZoMURXdE1ERXE3SEZvd0pzMW5CdzloWm0iLCJqdGkiOiJ1cm46ZGlkOjc5MzM0NzQ1LWYyYzUtNDBmZC1iZGUzLTA1NmUwYjM0OTY3YyIsIm5iZiI6MTY3NzUxMTYwNywic3ViIjoiZGlkOmVic2k6enJqMVRtU0RqMUhqNUpCSmRwUFBmaDFEV3RNREVxN0hGb3dKczFuQnc5aFptIiwidnAiOnsiQGNvbnRleHQiOlsiaHR0cHM6Ly93d3cudzMub3JnLzIwMTgvY3JlZGVudGlhbHMvdjEiXSwiaG9sZGVyIjoiZGlkOmVic2k6enJqMVRtU0RqMUhqNUpCSmRwUFBmaDFEV3RNREVxN0hGb3dKczFuQnc5aFptIiwiaWQiOiJ1cm46ZGlkOjc5MzM0NzQ1LWYyYzUtNDBmZC1iZGUzLTA1NmUwYjM0OTY3YyIsInR5cGUiOlsiVmVyaWZpYWJsZVByZXNlbnRhdGlvbiJdLCJ2ZXJpZmlhYmxlQ3JlZGVudGlhbCI6WyJleUpyYVdRaU9pSmthV1E2WldKemFUcDZXbU51UzB3NFZrMUtURUZvTW0wMk16WkxkMU51TXlNeVpUY3laalppWlRreVpXUTBaRE13WVRFeE16ZG1aV05tTVRNME5EVXhNQ0lzSW5SNWNDSTZJa3BYVkNJc0ltRnNaeUk2SWtWVE1qVTJTeUo5LmV5SnBjM01pT2lKa2FXUTZaV0p6YVRwNldtTnVTMHc0VmsxS1RFRm9NbTAyTXpaTGQxTnVNeUlzSW5OMVlpSTZJbVJwWkRwbFluTnBPbnB5YWpGVWJWTkVhakZJYWpWS1FrcGtjRkJRWm1neFJGZDBUVVJGY1RkSVJtOTNTbk14YmtKM09XaGFiU0lzSW01aVppSTZNVFkzTnpVd016a3pOQ3dpYVdGMElqb3hOamMzTlRBek9UTTBMQ0oyWXlJNmV5SjBlWEJsSWpwYklsWmxjbWxtYVdGaWJHVkRjbVZrWlc1MGFXRnNJaXdpVm1WeWFXWnBZV0pzWlVGMGRHVnpkR0YwYVc5dUlpd2lWbVZ5YVdacFlXSnNaVWxrSWwwc0lrQmpiMjUwWlhoMElqcGJJbWgwZEhCek9pOHZkM2QzTG5jekxtOXlaeTh5TURFNEwyTnlaV1JsYm5ScFlXeHpMM1l4SWwwc0ltbGtJam9pZFhKdU9uVjFhV1E2WTJSaVlUWTBOV010WmpNMU5TMDBabVZqTFRsbE1HTXRPRGcxT0RJNFl6WmlaV05pSWl3aWFYTnpkV1Z5SWpvaVpHbGtPbVZpYzJrNmVscGpia3RNT0ZaTlNreEJhREp0TmpNMlMzZFRiak1pTENKcGMzTjFZVzVqWlVSaGRHVWlPaUl5TURJekxUQXlMVEkzVkRFek9qRTRPalUwV2lJc0ltbHpjM1ZsWkNJNklqSXdNak10TURJdE1qZFVNVE02TVRnNk5UUmFJaXdpZG1Gc2FXUkdjbTl0SWpvaU1qQXlNeTB3TWkweU4xUXhNem94T0RvMU5Gb2lMQ0pqY21Wa1pXNTBhV0ZzVTJOb1pXMWhJanA3SW1sa0lqb2lhSFIwY0hNNkx5OXlZWGN1WjJsMGFIVmlkWE5sY21OdmJuUmxiblF1WTI5dEwzZGhiSFF0YVdRdmQyRnNkR2xrTFhOemFXdHBkQzEyWTJ4cFlpOXRZWE4wWlhJdmMzSmpMM1JsYzNRdmNtVnpiM1Z5WTJWekwzTmphR1Z0WVhNdlZtVnlhV1pwWVdKc1pVbGtMbXB6YjI0aUxDSjBlWEJsSWpvaVJuVnNiRXB6YjI1VFkyaGxiV0ZXWVd4cFpHRjBiM0l5TURJeEluMHNJbU55WldSbGJuUnBZV3hUZFdKcVpXTjBJanA3SW1sa0lqb2laR2xrT21WaWMyazZlbkpxTVZSdFUwUnFNVWhxTlVwQ1NtUndVRkJtYURGRVYzUk5SRVZ4TjBoR2IzZEtjekZ1UW5jNWFGcHRJaXdpWTNWeWNtVnVkRUZrWkhKbGMzTWlPbHNpTVNCTllXbHVJRk4wY21WbGRDd2dSMmhsYm5RaVhTd2laR0YwWlU5bVFtbHlkR2dpT2lJeE9Ua3pMVEEwTFRBNElpd2labUZ0YVd4NVRtRnRaU0k2SWxOVVFVMVFURVZTSWl3aVptbHljM1JPWVcxbElqb2lVMlYyWlhKcGJpSXNJbWRsYm1SbGNpSTZJazFCVEVVaUxDSnVZVzFsUVc1a1JtRnRhV3g1VG1GdFpVRjBRbWx5ZEdnaU9pSlRaWFpsY21sdUlGTlVRVTFRVEVWU0lpd2ljR1Z5YzI5dVlXeEpaR1Z1ZEdsbWFXVnlJam9pTURrd05EQXdPREE0TkVnaUxDSndiR0ZqWlU5bVFtbHlkR2dpT2lKSFNFVk9WQ3dnUWtWTVIwbFZUU0o5TENKbGRtbGtaVzVqWlNJNlczc2laRzlqZFcxbGJuUlFjbVZ6Wlc1alpTSTZXeUpRYUhsemFXTmhiQ0pkTENKbGRtbGtaVzVqWlVSdlkzVnRaVzUwSWpwYklsQmhjM053YjNKMElsMHNJbk4xWW1wbFkzUlFjbVZ6Wlc1alpTSTZJbEJvZVhOcFkyRnNJaXdpZEhsd1pTSTZXeUpFYjJOMWJXVnVkRlpsY21sbWFXTmhkR2x2YmlKZExDSjJaWEpwWm1sbGNpSTZJbVJwWkRwbFluTnBPakpCT1VKYU9WTlZaVFpDWVhSaFkxTndkbk14VmpWRFpHcElka3h3VVRkaVJYTnBNa3BpTmt4a1NFdHVVWGhoVGlKOVhYMHNJbXAwYVNJNkluVnlianAxZFdsa09tTmtZbUUyTkRWakxXWXpOVFV0TkdabFl5MDVaVEJqTFRnNE5UZ3lPR00yWW1WallpSjkuMWVlSkFlU254WmVnTE9IZHNqWFZ6TDhXU1JDLWtJYUlHMWFTb0dqUWpHWGllc25kUGFGUzN3Nkp3TGMwNWdCMkNVckkyVHVGNzlpZm1JNDdGOU1DOXciXX19._r3GF0BOH7_u4yu4ezXW7GVDQ3DfrgjzSmpfJwMtBB3AaStb_pvYEFfWpZcDKOXtv-t0p85Qhghw8_U3yJHPsg"
+        val siopResponse = SIOPv2Response.fromFormParams(URLUtils.parseParameters(response).map { kv -> Pair(kv.key, kv.value.first()) }.toMap())
+        siopResponse.id_token shouldNotBe null
+        siopResponse.presentation_submission shouldNotBe null
+        siopResponse.vp_token shouldNotBe null
+    }
 }