mirror of
https://github.com/keycloak/keycloak.git
synced 2025-12-16 20:15:46 -06:00
Remove deferred credential endpoint from OID4VC metadata (#44907)
Closes #44779 Signed-off-by: forkimenjeckayang <forkimenjeckayang@gmail.com>
This commit is contained in:
forkimenjeckayang
committed by
GitHub
GitHub
parent
ae853466fa
commit
2f7045d7dd
@@ -143,7 +143,6 @@ public class OID4VCIssuerWellKnownProvider implements WellKnownProvider {
|
|||||||
.setCredentialIssuer(getIssuer(context))
|
.setCredentialIssuer(getIssuer(context))
|
||||||
.setCredentialEndpoint(getCredentialsEndpoint(context))
|
.setCredentialEndpoint(getCredentialsEndpoint(context))
|
||||||
.setNonceEndpoint(getNonceEndpoint(context))
|
.setNonceEndpoint(getNonceEndpoint(context))
|
||||||
.setDeferredCredentialEndpoint(getDeferredCredentialEndpoint(context))
|
|
||||||
.setCredentialsSupported(getSupportedCredentials(keycloakSession))
|
.setCredentialsSupported(getSupportedCredentials(keycloakSession))
|
||||||
.setAuthorizationServers(List.of(getIssuer(context)))
|
.setAuthorizationServers(List.of(getIssuer(context)))
|
||||||
.setCredentialResponseEncryption(responseEnc)
|
.setCredentialResponseEncryption(responseEnc)
|
||||||
@@ -169,10 +168,6 @@ public class OID4VCIssuerWellKnownProvider implements WellKnownProvider {
|
|||||||
return issuer;
|
return issuer;
|
||||||
}
|
}
|
||||||
|
|
||||||
private static String getDeferredCredentialEndpoint(KeycloakContext context) {
|
|
||||||
return getIssuer(context) + "/protocol/" + OID4VCLoginProtocolFactory.PROTOCOL_ID + "/deferred_credential";
|
|
||||||
}
|
|
||||||
|
|
||||||
private CredentialIssuer.BatchCredentialIssuance getBatchCredentialIssuance(KeycloakSession session) {
|
private CredentialIssuer.BatchCredentialIssuance getBatchCredentialIssuance(KeycloakSession session) {
|
||||||
return getBatchCredentialIssuance(session.getContext().getRealm());
|
return getBatchCredentialIssuance(session.getContext().getRealm());
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -154,9 +154,7 @@ public class OID4VCIssuerWellKnownProviderTest extends OID4VCIssuerEndpointTest
|
|||||||
assertEquals("nonce_endpoint should be correct",
|
assertEquals("nonce_endpoint should be correct",
|
||||||
expectedIssuer + "/protocol/oid4vc/nonce",
|
expectedIssuer + "/protocol/oid4vc/nonce",
|
||||||
issuer.getNonceEndpoint());
|
issuer.getNonceEndpoint());
|
||||||
assertEquals("deferred_credential_endpoint should be correct",
|
assertNull("deferred_credential_endpoint should be omitted", issuer.getDeferredCredentialEndpoint());
|
||||||
expectedIssuer + "/protocol/oid4vc/deferred_credential",
|
|
||||||
issuer.getDeferredCredentialEndpoint());
|
|
||||||
assertNotNull("authorization_servers should be present", issuer.getAuthorizationServers());
|
assertNotNull("authorization_servers should be present", issuer.getAuthorizationServers());
|
||||||
assertNotNull("credential_response_encryption should be present", issuer.getCredentialResponseEncryption());
|
assertNotNull("credential_response_encryption should be present", issuer.getCredentialResponseEncryption());
|
||||||
assertNotNull("batch_credential_issuance should be present", issuer.getBatchCredentialIssuance());
|
assertNotNull("batch_credential_issuance should be present", issuer.getBatchCredentialIssuance());
|
||||||
@@ -216,9 +214,8 @@ public class OID4VCIssuerWellKnownProviderTest extends OID4VCIssuerEndpointTest
|
|||||||
assertEquals("nonce_endpoint should be correct",
|
assertEquals("nonce_endpoint should be correct",
|
||||||
expectedIssuer + "/protocol/oid4vc/nonce",
|
expectedIssuer + "/protocol/oid4vc/nonce",
|
||||||
claims.get("nonce_endpoint"));
|
claims.get("nonce_endpoint"));
|
||||||
assertEquals("deferred_credential_endpoint should be correct",
|
assertFalse("deferred_credential_endpoint should be omitted",
|
||||||
expectedIssuer + "/protocol/oid4vc/deferred_credential",
|
claims.containsKey("deferred_credential_endpoint"));
|
||||||
claims.get("deferred_credential_endpoint"));
|
|
||||||
assertNotNull("authorization_servers should be present", claims.get("authorization_servers"));
|
assertNotNull("authorization_servers should be present", claims.get("authorization_servers"));
|
||||||
assertNotNull("credential_response_encryption should be present", claims.get("credential_response_encryption"));
|
assertNotNull("credential_response_encryption should be present", claims.get("credential_response_encryption"));
|
||||||
assertNotNull("batch_credential_issuance should be present", claims.get("batch_credential_issuance"));
|
assertNotNull("batch_credential_issuance should be present", claims.get("batch_credential_issuance"));
|
||||||
@@ -674,7 +671,6 @@ public class OID4VCIssuerWellKnownProviderTest extends OID4VCIssuerEndpointTest
|
|||||||
public static void testCredentialConfig(SuiteContext suiteContext, KeycloakTestingClient testingClient) {
|
public static void testCredentialConfig(SuiteContext suiteContext, KeycloakTestingClient testingClient) {
|
||||||
String expectedIssuer = suiteContext.getAuthServerInfo().getContextRoot().toString() + "/auth/realms/" + TEST_REALM_NAME;
|
String expectedIssuer = suiteContext.getAuthServerInfo().getContextRoot().toString() + "/auth/realms/" + TEST_REALM_NAME;
|
||||||
String expectedCredentialsEndpoint = expectedIssuer + "/protocol/oid4vc/credential";
|
String expectedCredentialsEndpoint = expectedIssuer + "/protocol/oid4vc/credential";
|
||||||
String expectedDeferredEndpoint = expectedIssuer + "/protocol/oid4vc/deferred_credential";
|
|
||||||
final String expectedAuthorizationServer = expectedIssuer;
|
final String expectedAuthorizationServer = expectedIssuer;
|
||||||
testingClient
|
testingClient
|
||||||
.server(TEST_REALM_NAME)
|
.server(TEST_REALM_NAME)
|
||||||
@@ -683,7 +679,7 @@ public class OID4VCIssuerWellKnownProviderTest extends OID4VCIssuerEndpointTest
|
|||||||
CredentialIssuer credentialIssuer = oid4VCIssuerWellKnownProvider.getIssuerMetadata();
|
CredentialIssuer credentialIssuer = oid4VCIssuerWellKnownProvider.getIssuerMetadata();
|
||||||
assertEquals("The correct issuer should be included.", expectedIssuer, credentialIssuer.getCredentialIssuer());
|
assertEquals("The correct issuer should be included.", expectedIssuer, credentialIssuer.getCredentialIssuer());
|
||||||
assertEquals("The correct credentials endpoint should be included.", expectedCredentialsEndpoint, credentialIssuer.getCredentialEndpoint());
|
assertEquals("The correct credentials endpoint should be included.", expectedCredentialsEndpoint, credentialIssuer.getCredentialEndpoint());
|
||||||
assertEquals("The correct deferred_credential_endpoint should be included.", expectedDeferredEndpoint, credentialIssuer.getDeferredCredentialEndpoint());
|
assertNull("deferred_credential_endpoint should be omitted.", credentialIssuer.getDeferredCredentialEndpoint());
|
||||||
assertEquals("Since the authorization server is equal to the issuer, just 1 should be returned.", 1, credentialIssuer.getAuthorizationServers().size());
|
assertEquals("Since the authorization server is equal to the issuer, just 1 should be returned.", 1, credentialIssuer.getAuthorizationServers().size());
|
||||||
assertEquals("The expected server should have been returned.", expectedAuthorizationServer, credentialIssuer.getAuthorizationServers().get(0));
|
assertEquals("The expected server should have been returned.", expectedAuthorizationServer, credentialIssuer.getAuthorizationServers().get(0));
|
||||||
assertTrue("The test-credential should be supported.", credentialIssuer.getCredentialsSupported().containsKey("test-credential"));
|
assertTrue("The test-credential should be supported.", credentialIssuer.getCredentialsSupported().containsKey("test-credential"));
|
||||||
@@ -768,8 +764,8 @@ public class OID4VCIssuerWellKnownProviderTest extends OID4VCIssuerEndpointTest
|
|||||||
expectedIssuer + "/protocol/oid4vc/credential", issuer.getCredentialEndpoint());
|
expectedIssuer + "/protocol/oid4vc/credential", issuer.getCredentialEndpoint());
|
||||||
assertEquals("nonce_endpoint should be correct",
|
assertEquals("nonce_endpoint should be correct",
|
||||||
expectedIssuer + "/protocol/oid4vc/nonce", issuer.getNonceEndpoint());
|
expectedIssuer + "/protocol/oid4vc/nonce", issuer.getNonceEndpoint());
|
||||||
assertEquals("deferred_credential_endpoint should be correct",
|
assertNull("deferred_credential_endpoint should be omitted",
|
||||||
expectedIssuer + "/protocol/oid4vc/deferred_credential", issuer.getDeferredCredentialEndpoint());
|
issuer.getDeferredCredentialEndpoint());
|
||||||
|
|
||||||
assertNotNull("authorization_servers should be present", issuer.getAuthorizationServers());
|
assertNotNull("authorization_servers should be present", issuer.getAuthorizationServers());
|
||||||
assertNotNull("credential_response_encryption should be present", issuer.getCredentialResponseEncryption());
|
assertNotNull("credential_response_encryption should be present", issuer.getCredentialResponseEncryption());
|
||||||
|
|||||||
Reference in New Issue
Block a user