diff --git a/lib/oidc4vc/get_authorization_uri_for_issuer.dart b/lib/oidc4vc/get_authorization_uri_for_issuer.dart index fb0d36cce..8bcc1a66b 100644 --- a/lib/oidc4vc/get_authorization_uri_for_issuer.dart +++ b/lib/oidc4vc/get_authorization_uri_for_issuer.dart @@ -77,8 +77,11 @@ Future getAuthorizationUriForIssuer({ late Uri authorizationUri; - final (authorizationEndpoint, authorizationRequestParemeters) = - await oidc4vc.getAuthorizationData( + final ( + authorizationEndpoint, + authorizationRequestParemeters, + openIdConfiguration + ) = await oidc4vc.getAuthorizationData( selectedCredentials: selectedCredentials, clientId: clientId, clientSecret: clientSecret, @@ -98,7 +101,12 @@ Future getAuthorizationUriForIssuer({ dio: client.dio, ); - if (secureAuthorizedFlow) { + final requirePushedAuthorizationRequests = + openIdConfiguration.requirePushedAuthorizationRequests; + + if ((requirePushedAuthorizationRequests != null && + requirePushedAuthorizationRequests) || + (requirePushedAuthorizationRequests == null && secureAuthorizedFlow)) { final headers = { 'Content-Type': 'application/x-www-form-urlencoded', }; diff --git a/packages/oidc4vc/lib/src/models/openid_configuration.dart b/packages/oidc4vc/lib/src/models/openid_configuration.dart index 2eeb54dcb..93afe2075 100644 --- a/packages/oidc4vc/lib/src/models/openid_configuration.dart +++ b/packages/oidc4vc/lib/src/models/openid_configuration.dart @@ -23,6 +23,7 @@ class OpenIdConfiguration extends Equatable { this.credentialManifests, this.issuer, this.jwksUri, + this.requirePushedAuthorizationRequests, this.grantTypesSupported, }); @@ -60,6 +61,8 @@ class OpenIdConfiguration extends Equatable { final String? issuer; @JsonKey(name: 'jwks_uri') final String? jwksUri; + @JsonKey(name: 'require_pushed_authorization_requests') + final bool? requirePushedAuthorizationRequests; @JsonKey(name: 'grant_types_supported') final List? grantTypesSupported; @@ -83,6 +86,7 @@ class OpenIdConfiguration extends Equatable { credentialManifests, issuer, jwksUri, + requirePushedAuthorizationRequests, grantTypesSupported, ]; } diff --git a/packages/oidc4vc/lib/src/oidc4vc.dart b/packages/oidc4vc/lib/src/oidc4vc.dart index 6b9f249fa..cd03a6f4f 100644 --- a/packages/oidc4vc/lib/src/oidc4vc.dart +++ b/packages/oidc4vc/lib/src/oidc4vc.dart @@ -128,8 +128,10 @@ class OIDC4VC { /// Received JWT is already filtered on required members /// Received JWT keys are already sorted in lexicographic order - /// authorization endpoint, authorizationRequestParemeters - Future<(String, Map)> getAuthorizationData({ + /// authorization endpoint, authorizationRequestParemeters, + /// OpenIdConfiguration + Future<(String, Map, OpenIdConfiguration)> + getAuthorizationData({ required List selectedCredentials, required String? clientId, required String? clientSecret, @@ -185,7 +187,11 @@ class OIDC4VC { secureAuthorizedFlow: secureAuthorizedFlow, ); - return (authorizationEndpoint, authorizationRequestParemeters); + return ( + authorizationEndpoint, + authorizationRequestParemeters, + openIdConfiguration, + ); } catch (e) { throw Exception('NOT_A_VALID_OPENID_URL'); } diff --git a/packages/oidc4vc/test/src/oidc4vc_test.dart b/packages/oidc4vc/test/src/oidc4vc_test.dart index 8e932d1dc..82d9dac6b 100644 --- a/packages/oidc4vc/test/src/oidc4vc_test.dart +++ b/packages/oidc4vc/test/src/oidc4vc_test.dart @@ -242,7 +242,7 @@ void main() { (request) => request.reply(200, jsonDecode(openIdConfiguration)), ); - final (authorizationEndpoint, authorizationRequestParemeters) = + final (authorizationEndpoint, authorizationRequestParemeters, _) = await oidc4vc.getAuthorizationData( selectedCredentials: selectedCredentials, clientId: clientId,