implement requirePushedAuthorizationRequests parameter #2712

lib/oidc4vc/get_authorization_uri_for_issuer.dart

@@ -77,8 +77,11 @@ Future<void> getAuthorizationUriForIssuer({
 
   late Uri authorizationUri;
 
-  final (authorizationEndpoint, authorizationRequestParemeters) =
-      await oidc4vc.getAuthorizationData(
+  final (
+    authorizationEndpoint,
+    authorizationRequestParemeters,
+    openIdConfiguration
+  ) = await oidc4vc.getAuthorizationData(
     selectedCredentials: selectedCredentials,
     clientId: clientId,
     clientSecret: clientSecret,
@@ -98,7 +101,12 @@ Future<void> getAuthorizationUriForIssuer({
     dio: client.dio,
   );
 
-  if (secureAuthorizedFlow) {
+  final requirePushedAuthorizationRequests =
+      openIdConfiguration.requirePushedAuthorizationRequests;
+
+  if ((requirePushedAuthorizationRequests != null &&
+          requirePushedAuthorizationRequests) ||
+      (requirePushedAuthorizationRequests == null && secureAuthorizedFlow)) {
     final headers = <String, dynamic>{
       'Content-Type': 'application/x-www-form-urlencoded',
     };

packages/oidc4vc/lib/src/models/openid_configuration.dart

@@ -23,6 +23,7 @@ class OpenIdConfiguration extends Equatable {
     this.credentialManifests,
     this.issuer,
     this.jwksUri,
+    this.requirePushedAuthorizationRequests,
     this.grantTypesSupported,
   });
 
@@ -60,6 +61,8 @@ class OpenIdConfiguration extends Equatable {
   final String? issuer;
   @JsonKey(name: 'jwks_uri')
   final String? jwksUri;
+  @JsonKey(name: 'require_pushed_authorization_requests')
+  final bool? requirePushedAuthorizationRequests;
   @JsonKey(name: 'grant_types_supported')
   final List<String>? grantTypesSupported;
 
@@ -83,6 +86,7 @@ class OpenIdConfiguration extends Equatable {
         credentialManifests,
         issuer,
         jwksUri,
+        requirePushedAuthorizationRequests,
         grantTypesSupported,
       ];
 }

packages/oidc4vc/lib/src/oidc4vc.dart

@@ -128,8 +128,10 @@ class OIDC4VC {
   /// Received JWT is already filtered on required members
   /// Received JWT keys are already sorted in lexicographic order
 
-  /// authorization endpoint, authorizationRequestParemeters
-  Future<(String, Map<String, dynamic>)> getAuthorizationData({
+  /// authorization endpoint, authorizationRequestParemeters,
+  /// OpenIdConfiguration
+  Future<(String, Map<String, dynamic>, OpenIdConfiguration)>
+      getAuthorizationData({
     required List<dynamic> selectedCredentials,
     required String? clientId,
     required String? clientSecret,
@@ -185,7 +187,11 @@ class OIDC4VC {
         secureAuthorizedFlow: secureAuthorizedFlow,
       );
 
-      return (authorizationEndpoint, authorizationRequestParemeters);
+      return (
+        authorizationEndpoint,
+        authorizationRequestParemeters,
+        openIdConfiguration,
+      );
     } catch (e) {
       throw Exception('NOT_A_VALID_OPENID_URL');
     }

packages/oidc4vc/test/src/oidc4vc_test.dart

@@ -242,7 +242,7 @@ void main() {
             (request) => request.reply(200, jsonDecode(openIdConfiguration)),
           );
 
-          final (authorizationEndpoint, authorizationRequestParemeters) =
+          final (authorizationEndpoint, authorizationRequestParemeters, _) =
               await oidc4vc.getAuthorizationData(
             selectedCredentials: selectedCredentials,
             clientId: clientId,