Fix oid4vc mappers
Closes #29805 Signed-off-by: Stefan Wiedemann <wistefan@googlemail.com>
This commit is contained in:
parent
ea1cdc10bd
commit
5a68056f2a
3 changed files with 19 additions and 8 deletions
|
@ -373,11 +373,15 @@ public class OID4VCIssuerEndpoint {
|
|||
|
||||
Map<String, Object> subjectClaims = new HashMap<>();
|
||||
protocolMappers
|
||||
.stream()
|
||||
.filter(mapper -> mapper.isTypeSupported(vcType))
|
||||
.forEach(mapper -> mapper.setClaimsForSubject(subjectClaims, userSessionModel));
|
||||
|
||||
subjectClaims.forEach((key, value) -> vc.getCredentialSubject().setClaims(key, value));
|
||||
|
||||
protocolMappers
|
||||
.stream()
|
||||
.filter(mapper -> mapper.isTypeSupported(vcType))
|
||||
.forEach(mapper -> mapper.setClaimsForCredential(vc, userSessionModel));
|
||||
|
||||
LOGGER.debugf("The credential to sign is: %s", vc);
|
||||
|
|
|
@ -76,7 +76,6 @@ import java.util.Map;
|
|||
import static org.junit.Assert.assertEquals;
|
||||
import static org.junit.Assert.assertFalse;
|
||||
import static org.junit.Assert.assertNotNull;
|
||||
import static org.junit.Assert.assertThrows;
|
||||
import static org.junit.Assert.assertTrue;
|
||||
import static org.junit.Assert.fail;
|
||||
|
||||
|
@ -335,6 +334,7 @@ public class OID4VCIssuerEndpointTest extends OID4VCTest {
|
|||
@Test
|
||||
public void testRequestCredential() {
|
||||
String token = getBearerToken(oauth);
|
||||
ObjectMapper objectMapper = new ObjectMapper();
|
||||
testingClient
|
||||
.server(TEST_REALM_NAME)
|
||||
.run((session -> {
|
||||
|
@ -349,8 +349,12 @@ public class OID4VCIssuerEndpointTest extends OID4VCTest {
|
|||
assertNotNull("A credential should be responded.", credentialResponse.getEntity());
|
||||
CredentialResponse credentialResponseVO = OBJECT_MAPPER.convertValue(credentialResponse.getEntity(), CredentialResponse.class);
|
||||
JsonWebToken jsonWebToken = TokenVerifier.create((String) credentialResponseVO.getCredential(), JsonWebToken.class).getToken();
|
||||
// correct signing and contents are verified in the JwtSigningServiceTest, thus we only check that it is a JWT
|
||||
|
||||
assertNotNull("A valid credential string should have been responded", jsonWebToken);
|
||||
assertNotNull("The credentials should be included at the vc-claim.", jsonWebToken.getOtherClaims().get("vc"));
|
||||
VerifiableCredential credential = objectMapper.convertValue(jsonWebToken.getOtherClaims().get("vc"), VerifiableCredential.class);
|
||||
assertTrue("The static claim should be set.", credential.getCredentialSubject().getClaims().containsKey("VerifiableCredential"));
|
||||
assertFalse("Only mappers supported for the requested type should have been evaluated.", credential.getCredentialSubject().getClaims().containsKey("AnotherCredentialType"));
|
||||
}));
|
||||
}
|
||||
|
||||
|
@ -482,6 +486,8 @@ public class OID4VCIssuerEndpointTest extends OID4VCTest {
|
|||
assertEquals(List.of("VerifiableCredential"), credential.getType());
|
||||
assertEquals(URI.create("did:web:test.org"), credential.getIssuer());
|
||||
assertEquals("john@email.cz", credential.getCredentialSubject().getClaims().get("email"));
|
||||
assertTrue("The static claim should be set.", credential.getCredentialSubject().getClaims().containsKey("VerifiableCredential"));
|
||||
assertFalse("Only mappers supported for the requested type should have been evaluated.", credential.getCredentialSubject().getClaims().containsKey("AnotherCredentialType"));
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
@ -188,7 +188,8 @@ public abstract class OID4VCTest extends AbstractTestRealmKeycloakTest {
|
|||
getRoleMapper(clientId),
|
||||
getEmailMapper(),
|
||||
getIdMapper(),
|
||||
getStaticClaimMapper()
|
||||
getStaticClaimMapper("VerifiableCredential"),
|
||||
getStaticClaimMapper("AnotherCredentialType")
|
||||
)
|
||||
);
|
||||
return clientRepresentation;
|
||||
|
@ -253,17 +254,17 @@ public abstract class OID4VCTest extends AbstractTestRealmKeycloakTest {
|
|||
return protocolMapperRepresentation;
|
||||
}
|
||||
|
||||
public static ProtocolMapperRepresentation getStaticClaimMapper() {
|
||||
public static ProtocolMapperRepresentation getStaticClaimMapper(String supportedType) {
|
||||
ProtocolMapperRepresentation protocolMapperRepresentation = new ProtocolMapperRepresentation();
|
||||
protocolMapperRepresentation.setName("static-mapper");
|
||||
protocolMapperRepresentation.setName(UUID.randomUUID().toString());
|
||||
protocolMapperRepresentation.setProtocol("oid4vc");
|
||||
protocolMapperRepresentation.setId(UUID.randomUUID().toString());
|
||||
protocolMapperRepresentation.setProtocolMapper("oid4vc-static-claim-mapper");
|
||||
protocolMapperRepresentation.setConfig(
|
||||
Map.of(
|
||||
"subjectProperty", "static",
|
||||
"subjectValue", "Value",
|
||||
"supportedCredentialTypes", "VerifiableCredential")
|
||||
"subjectProperty", supportedType,
|
||||
"staticValue", "true",
|
||||
"supportedCredentialTypes", supportedType)
|
||||
);
|
||||
return protocolMapperRepresentation;
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue