Fix oid4vc mappers

Closes #29805

Signed-off-by: Stefan Wiedemann <wistefan@googlemail.com>
This commit is contained in:
Stefan Wiedemann 2024-05-27 11:28:46 +02:00 committed by GitHub
parent ea1cdc10bd
commit 5a68056f2a
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
3 changed files with 19 additions and 8 deletions

View file

@ -373,11 +373,15 @@ public class OID4VCIssuerEndpoint {
Map<String, Object> subjectClaims = new HashMap<>();
protocolMappers
.stream()
.filter(mapper -> mapper.isTypeSupported(vcType))
.forEach(mapper -> mapper.setClaimsForSubject(subjectClaims, userSessionModel));
subjectClaims.forEach((key, value) -> vc.getCredentialSubject().setClaims(key, value));
protocolMappers
.stream()
.filter(mapper -> mapper.isTypeSupported(vcType))
.forEach(mapper -> mapper.setClaimsForCredential(vc, userSessionModel));
LOGGER.debugf("The credential to sign is: %s", vc);

View file

@ -76,7 +76,6 @@ import java.util.Map;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertNotNull;
import static org.junit.Assert.assertThrows;
import static org.junit.Assert.assertTrue;
import static org.junit.Assert.fail;
@ -335,6 +334,7 @@ public class OID4VCIssuerEndpointTest extends OID4VCTest {
@Test
public void testRequestCredential() {
String token = getBearerToken(oauth);
ObjectMapper objectMapper = new ObjectMapper();
testingClient
.server(TEST_REALM_NAME)
.run((session -> {
@ -349,8 +349,12 @@ public class OID4VCIssuerEndpointTest extends OID4VCTest {
assertNotNull("A credential should be responded.", credentialResponse.getEntity());
CredentialResponse credentialResponseVO = OBJECT_MAPPER.convertValue(credentialResponse.getEntity(), CredentialResponse.class);
JsonWebToken jsonWebToken = TokenVerifier.create((String) credentialResponseVO.getCredential(), JsonWebToken.class).getToken();
// correct signing and contents are verified in the JwtSigningServiceTest, thus we only check that it is a JWT
assertNotNull("A valid credential string should have been responded", jsonWebToken);
assertNotNull("The credentials should be included at the vc-claim.", jsonWebToken.getOtherClaims().get("vc"));
VerifiableCredential credential = objectMapper.convertValue(jsonWebToken.getOtherClaims().get("vc"), VerifiableCredential.class);
assertTrue("The static claim should be set.", credential.getCredentialSubject().getClaims().containsKey("VerifiableCredential"));
assertFalse("Only mappers supported for the requested type should have been evaluated.", credential.getCredentialSubject().getClaims().containsKey("AnotherCredentialType"));
}));
}
@ -482,6 +486,8 @@ public class OID4VCIssuerEndpointTest extends OID4VCTest {
assertEquals(List.of("VerifiableCredential"), credential.getType());
assertEquals(URI.create("did:web:test.org"), credential.getIssuer());
assertEquals("john@email.cz", credential.getCredentialSubject().getClaims().get("email"));
assertTrue("The static claim should be set.", credential.getCredentialSubject().getClaims().containsKey("VerifiableCredential"));
assertFalse("Only mappers supported for the requested type should have been evaluated.", credential.getCredentialSubject().getClaims().containsKey("AnotherCredentialType"));
}
@Override

View file

@ -188,7 +188,8 @@ public abstract class OID4VCTest extends AbstractTestRealmKeycloakTest {
getRoleMapper(clientId),
getEmailMapper(),
getIdMapper(),
getStaticClaimMapper()
getStaticClaimMapper("VerifiableCredential"),
getStaticClaimMapper("AnotherCredentialType")
)
);
return clientRepresentation;
@ -253,17 +254,17 @@ public abstract class OID4VCTest extends AbstractTestRealmKeycloakTest {
return protocolMapperRepresentation;
}
public static ProtocolMapperRepresentation getStaticClaimMapper() {
public static ProtocolMapperRepresentation getStaticClaimMapper(String supportedType) {
ProtocolMapperRepresentation protocolMapperRepresentation = new ProtocolMapperRepresentation();
protocolMapperRepresentation.setName("static-mapper");
protocolMapperRepresentation.setName(UUID.randomUUID().toString());
protocolMapperRepresentation.setProtocol("oid4vc");
protocolMapperRepresentation.setId(UUID.randomUUID().toString());
protocolMapperRepresentation.setProtocolMapper("oid4vc-static-claim-mapper");
protocolMapperRepresentation.setConfig(
Map.of(
"subjectProperty", "static",
"subjectValue", "Value",
"supportedCredentialTypes", "VerifiableCredential")
"subjectProperty", supportedType,
"staticValue", "true",
"supportedCredentialTypes", supportedType)
);
return protocolMapperRepresentation;
}