Skip to content

Commit 76c5b22

Browse files
cicnavicicnavi
committed
Don't handle issuer state for pre-auth code flow
1 parent 933277d commit 76c5b22

File tree

1 file changed

+10
-5
lines changed

1 file changed

+10
-5
lines changed

src/Controllers/VerifiableCredentials/CredentialIssuerCredentialController.php

Lines changed: 10 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -7,6 +7,7 @@
77
use Base64Url\Base64Url;
88
use League\OAuth2\Server\ResourceServer;
99
use SimpleSAML\Module\oidc\Bridges\PsrHttpBridge;
10+
use SimpleSAML\Module\oidc\Codebooks\FlowTypeEnum;
1011
use SimpleSAML\Module\oidc\Entities\AccessTokenEntity;
1112
use SimpleSAML\Module\oidc\ModuleConfig;
1213
use SimpleSAML\Module\oidc\Repositories\AccessTokenRepository;
@@ -124,7 +125,10 @@ public function credential(Request $request): Response
124125
}
125126

126127
$issuerState = $accessToken->getIssuerState();
127-
if (!is_string($issuerState)) {
128+
if (
129+
!is_string($issuerState) &&
130+
($accessToken->getFlowTypeEnum() === FlowTypeEnum::VciAuthorizationCode)
131+
) {
128132
$this->loggerService->error(
129133
'CredentialIssuerCredentialController::credential: Issuer state missing in access token.',
130134
['access_token' => $accessToken],
@@ -136,7 +140,7 @@ public function credential(Request $request): Response
136140
);
137141
}
138142

139-
if ($this->issuerStateRepository->findValid($issuerState) === null) {
143+
if (is_string($issuerState) && $this->issuerStateRepository->findValid($issuerState) === null) {
140144
$this->loggerService->warning(
141145
'CredentialIssuerCredentialController::credential: Issuer state not valid.',
142146
['issuer_state' => $issuerState],
@@ -678,9 +682,10 @@ public function credential(Request $request): Response
678682
throw new OpenIdException('Invalid credential format ID.');
679683
}
680684

681-
$this->loggerService->debug('Revoking issuer state.', ['issuerState' => $issuerState]);
682-
;
683-
$this->issuerStateRepository->revoke($issuerState);
685+
if (is_string($issuerState)) {
686+
$this->loggerService->debug('Revoking issuer state.', ['issuerState' => $issuerState]);
687+
$this->issuerStateRepository->revoke($issuerState);
688+
}
684689

685690
$this->loggerService->debug('Returning credential response.', [
686691
'credentials' => [

0 commit comments

Comments
 (0)