22628817567

Committed 03 Mar 2026 02:59PM UTC coverage: 44.11% (+0.2%) from 43.895%

Build # 22628817567

Build Type

Pull #80

github

Committed by

wistefan

Commit Message

Merge remote-tracking branch 'origin/authenticon-2' into authenticon-2

Pull Request Pull Request #80: make nonce optional and improve jwt mapping

Coverage Stats

12 of 39 new or added lines in 3 files covered. (30.77%)

79 existing lines in 1 file now uncovered.

1685 of 3820 relevant lines covered (44.11%)

0.5 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

33.64

/openapi/api_frontend.go

/*
 * vcverifier
 *
 * Backend component to verify credentials
 *
 * API version: 0.0.1
 * Generated by: OpenAPI Generator (https://openapi-generator.tech)
 */

package openapi

import (
        "net/http"
        "slices"

        "github.com/fiware/VCVerifier/logging"
        "github.com/fiware/VCVerifier/verifier"
        "github.com/google/uuid"

        "github.com/gin-gonic/gin"
)

const DEFAULT_REQUEST_MODE = verifier.REQUEST_MODE_BY_REFERENCE

var frontendVerifier verifier.Verifier
var requestObjectClient *verifier.RequestObjectClient

func getFrontendVerifier() verifier.Verifier {
        if frontendVerifier == nil {
                frontendVerifier = verifier.GetVerifier()
        }
        return frontendVerifier
}

func getRequestObjectClient() *verifier.RequestObjectClient {
        if requestObjectClient == nil {
                requestObjectClient = verifier.NewRequestObjectClient()
        }
        return requestObjectClient
}

// VerifierPageDisplayQRSIOP - Presents a qr as starting point for the auth process
func VerifierPageDisplayQRSIOP(c *gin.Context) {

        state, stateExists := c.GetQuery("state")
        if !stateExists {
                c.AbortWithStatusJSON(http.StatusBadRequest, ErrorMessageNoState)
                // early exit
                return
        }

        callback, callbackExists := c.GetQuery("client_callback")
        if !callbackExists {
                c.AbortWithStatusJSON(http.StatusBadRequest, ErrorMessageNoCallback)
                // early exit
                return
        }

        clientId, clientIdExists := c.GetQuery("client_id")
        if !clientIdExists {
                logging.Log().Infof("Start a login flow for a not specified client.")
        }

        nonce, nonceExists := c.GetQuery("nonce")
        if !nonceExists {
                nonce = ""
        }

        requestMode, requestModeExists := c.GetQuery("request_mode")
        if !requestModeExists {
                logging.Log().Infof("Using default request mode %s.", DEFAULT_REQUEST_MODE)
                requestMode = DEFAULT_REQUEST_MODE
        }

        qr, err := getFrontendVerifier().ReturnLoginQR(c.Request.Host, "https", callback, state, clientId, nonce, requestMode)
        if err != nil {
                c.AbortWithStatusJSON(http.StatusInternalServerError, ErrorMessage{"qr_generation_error", err.Error()})
                return
        }

        c.HTML(http.StatusOK, "verifier_present_qr", gin.H{"qrcode": qr})
}

// VerifierLoginQr - Presents a qr as starting point for the auth process
func VerifierLoginQr(c *gin.Context) {

        state, stateExists := c.GetQuery("state")
        if !stateExists {
                c.AbortWithStatusJSON(http.StatusBadRequest, ErrorMessageNoState)
                // early exit
                return
        }

        redirectUri, redirectUriExists := c.GetQuery("redirect_uri")
        requestUri, requestUriExists := c.GetQuery("request_uri")

        if !redirectUriExists && !requestUriExists {
                c.AbortWithStatusJSON(http.StatusBadRequest, ErrorMessageNoRedircetUri)
                // early exit
                return
        }

        clientId, clientIdExists := c.GetQuery("client_id")
        if !clientIdExists {
                logging.Log().Infof("Start a login flow for a not specified client.")
        }

        scope, scopeExists := c.GetQuery("scope")
        if !scopeExists {
                logging.Log().Infof("Start a login flow with default scope.")
                scope = ""
        }

        if requestUriExists {
                logging.Log().Debug("Requesting the client for its request object.")
                cro, err := getRequestObjectClient().GetClientRequestObject(requestUri)
                if err != nil {
                        logging.Log().Warnf("Was not able to get request object. Err: %v", err)
                        c.AbortWithStatusJSON(http.StatusInternalServerError, ErrorMessageUnresolvableRequestObject)
                        return
                }
                if !slices.Contains(cro.Aud, getFrontendVerifier().GetHost()) {
                        c.AbortWithStatusJSON(http.StatusInternalServerError, ErrorMessageInvalidAudience)
                        return
                }

                clientId = cro.ClientId
                scope = cro.Scope
                redirectUri = cro.RedirectUri
        }

        nonce, nonceExists := c.GetQuery("nonce")
        if !nonceExists {
                nonce = uuid.NewString()
        }

        requestMode, requestModeExists := c.GetQuery("request_mode")
        if !requestModeExists {
                logging.Log().Infof("Using default request mode %s.", DEFAULT_REQUEST_MODE)
                requestMode = DEFAULT_REQUEST_MODE
        }

        qr, err := getFrontendVerifier().ReturnLoginQRV2(c.Request.Host, "https", redirectUri, state, clientId, scope, nonce, requestMode)
        if err != nil {
                c.AbortWithStatusJSON(500, ErrorMessage{"qr_generation_error", err.Error()})
                return
        }

        c.HTML(http.StatusOK, "verifier_present_qr_v2", gin.H{"qrcode": qr, "wsUrl": getFrontendVerifier().GetHost() + "/ws?state=" + state})
}

// VerifierPageLoginExpired - Presents a page when the login session is expired
func VerifierPageLoginExpired(c *gin.Context) {
        c.JSON(http.StatusOK, gin.H{})
}

1	/*
2	* vcverifier
3	*
4	* Backend component to verify credentials
5	*
6	* API version: 0.0.1
7	* Generated by: OpenAPI Generator (https://openapi-generator.tech)
8	*/
9
10	package openapi
11
12	import (
13	"net/http"
14	"slices"
15
16	"github.com/fiware/VCVerifier/logging"
17	"github.com/fiware/VCVerifier/verifier"
18	"github.com/google/uuid"
19
20	"github.com/gin-gonic/gin"
21	)
22
23	const DEFAULT_REQUEST_MODE = verifier.REQUEST_MODE_BY_REFERENCE
24
25	var frontendVerifier verifier.Verifier
26	var requestObjectClient *verifier.RequestObjectClient
27
28	func getFrontendVerifier() verifier.Verifier {
29	if frontendVerifier == nil {	1✔
30	frontendVerifier = verifier.GetVerifier()	1✔
31	}	×
32	return frontendVerifier	×
33	}	1✔
34
35	func getRequestObjectClient() *verifier.RequestObjectClient {
36	if requestObjectClient == nil {	×
37	requestObjectClient = verifier.NewRequestObjectClient()	×
38	}	×
39	return requestObjectClient	×
40	}	×
41
42	// VerifierPageDisplayQRSIOP - Presents a qr as starting point for the auth process
43	func VerifierPageDisplayQRSIOP(c *gin.Context) {
44		1✔
45	state, stateExists := c.GetQuery("state")	1✔
46	if !stateExists {	1✔
47	c.AbortWithStatusJSON(http.StatusBadRequest, ErrorMessageNoState)	2✔
48	// early exit	1✔
49	return	1✔
50	}	1✔
51		1✔
52	callback, callbackExists := c.GetQuery("client_callback")
53	if !callbackExists {	1✔
54	c.AbortWithStatusJSON(http.StatusBadRequest, ErrorMessageNoCallback)	2✔
55	// early exit	1✔
56	return	1✔
57	}	1✔
58		1✔
59	clientId, clientIdExists := c.GetQuery("client_id")
60	if !clientIdExists {	1✔
61	logging.Log().Infof("Start a login flow for a not specified client.")	2✔
62	}	1✔
63		1✔
64	nonce, nonceExists := c.GetQuery("nonce")
65	if !nonceExists {	1✔
66	nonce = ""	2✔
67	}	1✔
68		1✔
69	requestMode, requestModeExists := c.GetQuery("request_mode")
70	if !requestModeExists {	1✔
71	logging.Log().Infof("Using default request mode %s.", DEFAULT_REQUEST_MODE)	2✔
72	requestMode = DEFAULT_REQUEST_MODE	1✔
73	}	1✔
74		1✔
75	qr, err := getFrontendVerifier().ReturnLoginQR(c.Request.Host, "https", callback, state, clientId, nonce, requestMode)
76	if err != nil {	1✔
77	c.AbortWithStatusJSON(http.StatusInternalServerError, ErrorMessage{"qr_generation_error", err.Error()})	2✔
78	return	1✔
79	}	1✔
80		1✔
81	c.HTML(http.StatusOK, "verifier_present_qr", gin.H{"qrcode": qr})
82	}	1✔
83
84	// VerifierLoginQr - Presents a qr as starting point for the auth process
85	func VerifierLoginQr(c *gin.Context) {
86		×
87	state, stateExists := c.GetQuery("state")	×
88	if !stateExists {	×
89	c.AbortWithStatusJSON(http.StatusBadRequest, ErrorMessageNoState)	×
90	// early exit	×
91	return	×
92	}	×
93		×
94	redirectUri, redirectUriExists := c.GetQuery("redirect_uri")
95	requestUri, requestUriExists := c.GetQuery("request_uri")	×
96		×
97	if !redirectUriExists && !requestUriExists {	×
98	c.AbortWithStatusJSON(http.StatusBadRequest, ErrorMessageNoRedircetUri)	×
99	// early exit	×
100	return	×
101	}	×
102		×
103	clientId, clientIdExists := c.GetQuery("client_id")
104	if !clientIdExists {	×
105	logging.Log().Infof("Start a login flow for a not specified client.")	×
106	}	×
107		×
108	scope, scopeExists := c.GetQuery("scope")
109	if !scopeExists {	×
110	logging.Log().Infof("Start a login flow with default scope.")	×
111	scope = ""	×
112	}	×
113		×
114	if requestUriExists {
115	logging.Log().Debug("Requesting the client for its request object.")	×
116	cro, err := getRequestObjectClient().GetClientRequestObject(requestUri)	×
117	if err != nil {	×
118	logging.Log().Warnf("Was not able to get request object. Err: %v", err)	×
119	c.AbortWithStatusJSON(http.StatusInternalServerError, ErrorMessageUnresolvableRequestObject)	×
120	return	×
121	}	×
122	if !slices.Contains(cro.Aud, getFrontendVerifier().GetHost()) {	×
123	c.AbortWithStatusJSON(http.StatusInternalServerError, ErrorMessageInvalidAudience)	×
124	return	×
125	}	×
126		×
127	clientId = cro.ClientId
128	scope = cro.Scope	×
129	redirectUri = cro.RedirectUri	×
130	}	×
131
132	nonce, nonceExists := c.GetQuery("nonce")
133	if !nonceExists {	×
134	nonce = uuid.NewString()	×
NEW 135	}	×
136		×
137	requestMode, requestModeExists := c.GetQuery("request_mode")
138	if !requestModeExists {	×
139	logging.Log().Infof("Using default request mode %s.", DEFAULT_REQUEST_MODE)	×
140	requestMode = DEFAULT_REQUEST_MODE	×
141	}	×
142		×
143	qr, err := getFrontendVerifier().ReturnLoginQRV2(c.Request.Host, "https", redirectUri, state, clientId, scope, nonce, requestMode)
144	if err != nil {	×
145	c.AbortWithStatusJSON(500, ErrorMessage{"qr_generation_error", err.Error()})	×
146	return	×
147	}	×
148		×
149	c.HTML(http.StatusOK, "verifier_present_qr_v2", gin.H{"qrcode": qr, "wsUrl": getFrontendVerifier().GetHost() + "/ws?state=" + state})
150	}	×
151		×
152	// VerifierPageLoginExpired - Presents a page when the login session is expired	×
153	func VerifierPageLoginExpired(c *gin.Context) {	×
154	c.JSON(http.StatusOK, gin.H{})	×
155	}	×

FIWARE / VCVerifier / 22628817567

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous