feat: Make client_id as redirect_url if redirect_url is missing #1901

TalaoDAO · Sep 14, 2023 · a7a4c26 · a7a4c26
1 parent a0eedda
commit a7a4c26
Show file tree

Hide file tree

Showing 3 changed files with 56 additions and 13 deletions.
diff --git a/lib/app/shared/helper_functions/helper_functions.dart b/lib/app/shared/helper_functions/helper_functions.dart
@@ -439,7 +439,6 @@ List<int> sortedPublcJwk(Map<String, dynamic> privateKey) {
 bool isUriAsValueValid(List<String> keys) =>
     keys.contains('response_type') &&
     keys.contains('client_id') &&
-    keys.contains('redirect_uri') &&
     keys.contains('nonce');
 
 bool isPolygonIdUrl(String url) =>
@@ -577,9 +576,9 @@ Future<String> getHost({
 
       return Uri.parse(decodedResponse['redirect_uri'].toString()).host;
     } else {
-      return Uri.parse(
-        uri.queryParameters['redirect_uri'] ?? '',
-      ).host;
+      final String? redirectUri = getRedirectUri(uri);
+      if (redirectUri == null) return '';
+      return Uri.parse(redirectUri).host;
     }
   }
 }
@@ -628,3 +627,26 @@ Future<(String?, String)> getIssuerAndPreAuthorizedCode({
 
   return (preAuthorizedCode, issuer);
 }
+
+bool isURL(String input) {
+  final Uri? uri = Uri.tryParse(input);
+  return uri != null && uri.hasScheme;
+}
+
+String? getRedirectUri(Uri uri) {
+  final clientId = uri.queryParameters['client_id'] ?? '';
+  final redirectUri = uri.queryParameters['redirect_uri'];
+
+  /// if redirectUri is not provided and client_id is url then
+  /// redirectUri = client_id
+  if (redirectUri == null) {
+    final isUrl = isURL(clientId);
+    if (isUrl) {
+      return clientId;
+    } else {
+      return null;
+    }
+  } else {
+    return redirectUri;
+  }
+}
diff --git a/lib/dashboard/qr_code/qr_code_scan/cubit/qr_code_scan_cubit.dart b/lib/dashboard/qr_code/qr_code_scan/cubit/qr_code_scan_cubit.dart
@@ -292,18 +292,30 @@ class QRCodeScanCubit extends Cubit<QRCodeScanState> {
               response['presentation_definition_uri'];
 
           final queryJson = <String, dynamic>{};
-          if (redirectUri != null) {
+          if (clientId != null) {
+            queryJson['client_id'] = clientId;
+          }
+
+          /// if redirectUri is not provided and client_id is url then
+          /// redirectUri = client_id
+          if (redirectUri == null) {
+            if (clientId == null) throw Exception();
+            final isUrl = isURL(clientId.toString());
+            if (isUrl) {
+              queryJson['redirect_uri'] = clientId;
+            } else {
+              throw Exception();
+            }
+          } else {
             queryJson['redirect_uri'] = redirectUri;
           }
+
           if (nonce != null) {
             queryJson['nonce'] = nonce;
           }
           if (stateValue != null) {
             queryJson['state'] = stateValue;
           }
-          if (clientId != null) {
-            queryJson['client_id'] = clientId;
-          }
           if (responseType != null) {
             queryJson['response_type'] = responseType;
           }
@@ -843,9 +855,12 @@ class QRCodeScanCubit extends Cubit<QRCodeScanState> {
   /// complete SIOPV2 Flow
   Future<void> completeSiopV2Flow() async {
     try {
-      final redirectUri = state.uri?.queryParameters['redirect_uri'] ?? '';
+      final clientId = state.uri!.queryParameters['client_id'] ?? '';
+      final String? redirectUri = getRedirectUri(state.uri!);
+
+      if (redirectUri == null) throw Exception();
+
       final nonce = state.uri?.queryParameters['nonce'] ?? '';
-      final clientId = state.uri?.queryParameters['client_id'] ?? '';
       final stateValue = state.uri?.queryParameters['state'];
 
       final keys = <String>[];

diff --git a/lib/scan/cubit/scan_cubit.dart b/lib/scan/cubit/scan_cubit.dart
@@ -535,8 +535,12 @@ class ScanCubit extends Cubit<ScanState> {
         getLogger('ScanCubit - presentCredentialToOIDC4VPAndSiopV2Request');
 
     final nonce = uri.queryParameters['nonce'] ?? '';
-    final redirectUri = uri.queryParameters['redirect_uri'] ?? '';
     final clientId = uri.queryParameters['client_id'] ?? '';
+
+    final String? redirectUri = getRedirectUri(uri);
+
+    if (redirectUri == null) throw Exception();
+
     final stateValue = uri.queryParameters['state'];
 
     final credentialList =
@@ -610,7 +614,8 @@ class ScanCubit extends Cubit<ScanState> {
     await Future<void>.delayed(const Duration(milliseconds: 500));
 
     try {
-      final redirectUri = uri.queryParameters['redirect_uri'] ?? '';
+      final String? redirectUri = getRedirectUri(uri);
+      if (redirectUri == null) throw Exception();
 
       final String vpToken = await createVpToken(
         credentialsToBePresented: credentialsToBePresented!,
@@ -706,7 +711,8 @@ class ScanCubit extends Cubit<ScanState> {
     await Future<void>.delayed(const Duration(milliseconds: 500));
 
     try {
-      final redirectUri = uri.queryParameters['redirect_uri'] ?? '';
+      final String? redirectUri = getRedirectUri(uri);
+      if (redirectUri == null) throw Exception();
 
       final String idToken = await createIdToken(
         credentialsToBePresented: credentialsToBePresented!,