fix(backend): adapt endpoints to oidc4vci (#111)

* fix(backend): adapt endpoints to oidc4vci

* fix(backend): adapt endpoints to oid4vci

* chivatos

* fix

* test

* xivatos

* xivatos

* xivatos

* save format

* chivato

* chivato

* chivato

* chivato

* move update format

* chivato

* chivato

* transaction code

* tests

* tests

* update credential response

* test

* test

* refactor(project): fix sonar issues

Author: albertrodriguezin2

CHANGELOG.md

@@ -4,6 +4,10 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [v1.7.1](https://github.com/in2workspace/in2-issuer-api/releases/tag/v1.7.1)
+### Added
+- Adapt endpoints to oid4vci.
+
 ## [v1.7.0](https://github.com/in2workspace/in2-issuer-api/releases/tag/v1.7.0)
 ### Added
 - Added remote signature configuration.

build.gradle

@@ -11,7 +11,7 @@ plugins {
 }
 
 group = 'es.in2'
-version = '1.7.0'
+version = '1.7.1'
 
 java {
     sourceCompatibility = '17'

src/main/java/es/in2/issuer/backend/backoffice/infrastructure/controller/IssuanceController.java

@@ -1,12 +1,13 @@
 package es.in2.issuer.backend.backoffice.infrastructure.controller;
 
 import es.in2.issuer.backend.shared.application.workflow.CredentialIssuanceWorkflow;
-import es.in2.issuer.backend.shared.domain.model.dto.PreSubmittedCredentialRequest;
+import es.in2.issuer.backend.shared.domain.model.dto.PreSubmittedCredentialDataRequest;
 import es.in2.issuer.backend.shared.domain.service.AccessTokenService;
 import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.http.HttpHeaders;
 import org.springframework.http.HttpStatus;
+import org.springframework.http.MediaType;
 import org.springframework.web.bind.annotation.*;
 import reactor.core.publisher.Mono;
 
@@ -24,20 +25,23 @@ public class IssuanceController {
     @PostMapping("/backoffice/v1/issuances")
     @ResponseStatus(HttpStatus.CREATED)
     public Mono<Void> internalIssueCredential(@RequestHeader(HttpHeaders.AUTHORIZATION) String bearerToken,
-                                              @RequestBody PreSubmittedCredentialRequest preSubmittedCredentialRequest) {
+                                              @RequestBody PreSubmittedCredentialDataRequest preSubmittedCredentialDataRequest) {
         String processId = UUID.randomUUID().toString();
         return accessTokenService.getCleanBearerToken(bearerToken).flatMap(
-                token -> credentialIssuanceWorkflow.execute(processId, preSubmittedCredentialRequest, token, null));
+                token -> credentialIssuanceWorkflow.execute(processId, preSubmittedCredentialDataRequest, token, null));
     }
 
-    @PostMapping("/vci/v1/issuances")
+    @PostMapping(
+            value = "/vci/v1/issuances",
+            consumes = MediaType.APPLICATION_JSON_VALUE,
+            produces = MediaType.APPLICATION_JSON_VALUE)
     @ResponseStatus(HttpStatus.CREATED)
     public Mono<Void> externalIssueCredential(@RequestHeader(HttpHeaders.AUTHORIZATION) String bearerToken,
                                               @RequestHeader(name = "X-Id-Token", required = false) String idToken,
-                                              @RequestBody PreSubmittedCredentialRequest preSubmittedCredentialRequest) {
+                                              @RequestBody PreSubmittedCredentialDataRequest preSubmittedCredentialDataRequest) {
         String processId = UUID.randomUUID().toString();
         return accessTokenService.getCleanBearerToken(bearerToken).flatMap(
-                token -> credentialIssuanceWorkflow.execute(processId, preSubmittedCredentialRequest, token, idToken));
+                token -> credentialIssuanceWorkflow.execute(processId, preSubmittedCredentialDataRequest, token, idToken));
     }
 
 }

src/main/java/es/in2/issuer/backend/oidc4vci/domain/model/AuthorizationServerMetadata.java

@@ -7,9 +7,9 @@
 
 @Builder
 public record AuthorizationServerMetadata(
-        @JsonProperty("issuer") String issuer,
-        @JsonProperty("token_endpoint") String tokenEndpoint,
-        @JsonProperty("response_types_supported") Set<String> responseTypesSupported,
-        @JsonProperty("pre-authorized_grant_anonymous_access_supported") boolean preAuthorizedGrantAnonymousAccessSupported
+        @JsonProperty(value = "issuer", required = true) String issuer,
+        @JsonProperty(value = "token_endpoint", required = true) String tokenEndpoint,
+        @JsonProperty(value = "response_types_supported", required = true) Set<String> responseTypesSupported,
+        @JsonProperty(value = "pre-authorized_grant_anonymous_access_supported", required = true) boolean preAuthorizedGrantAnonymousAccessSupported
 ) {
 }

src/main/java/es/in2/issuer/backend/oidc4vci/domain/model/CredentialIssuerMetadata.java

@@ -8,11 +8,11 @@
 
 @Builder
 public record CredentialIssuerMetadata(
-        @JsonProperty("credential_issuer") String credentialIssuer,
-        @JsonProperty("issuance_endpoint") String issuanceEndpoint,
-        @JsonProperty("credential_endpoint") String credentialEndpoint,
+        @JsonProperty(value = "credential_issuer", required = true) String credentialIssuer,
+        @JsonProperty(value = "issuance_endpoint", required = true) String issuanceEndpoint,
+        @JsonProperty(value = "credential_endpoint", required = true) String credentialEndpoint,
         @JsonProperty("deferred_credential_endpoint") String deferredCredentialEndpoint,
-        @JsonProperty("credential_configurations_supported") Map<String, CredentialConfiguration> credentialConfigurationsSupported
+        @JsonProperty(value = "credential_configurations_supported", required = true) Map<String, CredentialConfiguration> credentialConfigurationsSupported
 ) {
 
     @Builder

src/main/java/es/in2/issuer/backend/oidc4vci/domain/model/TokenResponse.java

@@ -5,9 +5,8 @@
 
 @Builder
 public record TokenResponse(
-        @JsonProperty("access_token") String accessToken,
-        @JsonProperty("token_type") String tokenType,
-        @JsonProperty("expires_in") long expiresIn,
-        @JsonProperty("c_nonce") String nonce,
-        @JsonProperty("c_nonce_expires_in") Long nonceExpiresIn) {
+        @JsonProperty(value = "access_token", required = true) String accessToken,
+        @JsonProperty(value = "token_type", required = true) String tokenType,
+        @JsonProperty(value = "expires_in", required = true) long expiresIn,
+        @JsonProperty(value = "refresh_token", required = true) String refreshToken) {
 }

src/main/java/es/in2/issuer/backend/oidc4vci/domain/service/impl/TokenServiceImpl.java

@@ -16,11 +16,9 @@
 import java.time.temporal.ChronoUnit;
 import java.util.Map;
 import java.util.NoSuchElementException;
-import java.util.concurrent.TimeUnit;
 
 import static es.in2.issuer.backend.oidc4vci.domain.util.Constants.ACCESS_TOKEN_EXPIRATION_TIME_DAYS;
 import static es.in2.issuer.backend.shared.domain.util.Constants.GRANT_TYPE;
-import static es.in2.issuer.backend.shared.domain.util.Constants.PRE_AUTH_CODE_EXPIRY_DURATION_MINUTES;
 import static es.in2.issuer.backend.shared.domain.util.Utils.generateCustomNonce;
 
 @Slf4j
@@ -49,16 +47,11 @@ public Mono<TokenResponse> generateTokenResponse(
                             String accessToken = generateAccessToken(preAuthorizedCode, issueTimeEpochSeconds, expirationTimeEpochSeconds);
                             String tokenType = "bearer";
                             long expiresIn = expirationTimeEpochSeconds - Instant.now().getEpochSecond();
-                            long nonceExpiresIn = (int) TimeUnit.SECONDS.convert(
-                                    PRE_AUTH_CODE_EXPIRY_DURATION_MINUTES,
-                                    TimeUnit.MINUTES);
 
                             return TokenResponse.builder()
                                     .accessToken(accessToken)
                                     .tokenType(tokenType)
                                     .expiresIn(expiresIn)
-                                    .nonce(nonce)
-                                    .nonceExpiresIn(nonceExpiresIn)
                                     .build();
                         }));
     }

src/main/java/es/in2/issuer/backend/oidc4vci/infrastructure/controller/CredentialController.java

@@ -2,7 +2,7 @@
 
 import es.in2.issuer.backend.shared.application.workflow.CredentialIssuanceWorkflow;
 import es.in2.issuer.backend.shared.domain.model.dto.CredentialRequest;
-import es.in2.issuer.backend.shared.domain.model.dto.VerifiableCredentialResponse;
+import es.in2.issuer.backend.shared.domain.model.dto.CredentialResponse;
 import es.in2.issuer.backend.shared.domain.service.AccessTokenService;
 import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
@@ -25,7 +25,8 @@ public class CredentialController {
     private final AccessTokenService accessTokenService;
 
     @PostMapping(produces = MediaType.APPLICATION_JSON_VALUE)
-    public Mono<ResponseEntity<VerifiableCredentialResponse>> createVerifiableCredential(
+    @ResponseStatus(HttpStatus.OK)
+    public Mono<ResponseEntity<CredentialResponse>> createVerifiableCredential(
             @RequestHeader(HttpHeaders.AUTHORIZATION) String authorizationHeader,
             @RequestBody CredentialRequest credentialRequest) {
         String processId = UUID.randomUUID().toString();

src/main/java/es/in2/issuer/backend/oidc4vci/infrastructure/controller/DeferredCredentialController.java

@@ -2,7 +2,8 @@
 
 import es.in2.issuer.backend.shared.application.workflow.CredentialIssuanceWorkflow;
 import es.in2.issuer.backend.shared.domain.model.dto.DeferredCredentialRequest;
-import es.in2.issuer.backend.shared.domain.model.dto.VerifiableCredentialResponse;
+import es.in2.issuer.backend.shared.domain.model.dto.CredentialResponse;
+import es.in2.issuer.backend.shared.domain.model.dto.DeferredCredentialResponse;
 import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.http.HttpHeaders;
@@ -23,7 +24,7 @@ public class DeferredCredentialController {
 
     @PostMapping(produces = MediaType.APPLICATION_JSON_VALUE)
     @ResponseStatus(HttpStatus.OK)
-    public Mono<VerifiableCredentialResponse> getCredential(
+    public Mono<DeferredCredentialResponse> getCredential(
             @RequestHeader(HttpHeaders.AUTHORIZATION) String authorizationHeader,
             @RequestBody DeferredCredentialRequest deferredCredentialRequest) {
         // todo: Check if the authorization header is needed here

src/main/java/es/in2/issuer/backend/shared/application/workflow/CredentialIssuanceWorkflow.java

@@ -5,14 +5,12 @@
 
 public interface CredentialIssuanceWorkflow {
 
-    Mono<Void> execute(String processId, PreSubmittedCredentialRequest preSubmittedCredentialRequest, String bearerToken, String idToken);
+    Mono<Void> execute(String processId, PreSubmittedCredentialDataRequest preSubmittedCredentialDataRequest, String bearerToken, String idToken);
 
     // Refactor
-    Mono<VerifiableCredentialResponse> generateVerifiableCredentialResponse(String processId, CredentialRequest credentialRequest, String token);
+    Mono<CredentialResponse> generateVerifiableCredentialResponse(String processId, CredentialRequest credentialRequest, String token);
 
-    Mono<BatchCredentialResponse> generateVerifiableCredentialBatchResponse(String username, BatchCredentialRequest batchCredentialRequest, String token);
-
-    Mono<VerifiableCredentialResponse> generateVerifiableCredentialDeferredResponse(String processId, DeferredCredentialRequest deferredCredentialRequest);
+    Mono<DeferredCredentialResponse> generateVerifiableCredentialDeferredResponse(String processId, DeferredCredentialRequest deferredCredentialRequest);
 
     Mono<Void> bindAccessTokenByPreAuthorizedCode(String processId, AuthServerNonceRequest authServerNonceRequest);
 }