fix: for pin in IssuerTokenServer

Sphereon-Opensource · May 17, 2024 · 354e8ad · 354e8ad
1 parent b8bb359
commit 354e8ad
Show file tree

Hide file tree

Showing 2 changed files with 3 additions and 5 deletions.
diff --git a/packages/issuer-rest/lib/__tests__/IssuerTokenServer.spec.ts b/packages/issuer-rest/lib/__tests__/IssuerTokenServer.spec.ts
@@ -187,8 +187,8 @@ describe('OID4VCIServer', () => {
  expect(res.statusCode).toEqual(400)
  const actual = JSON.parse(res.text)
  expect(actual).toEqual({
- error: 'invalid_request',
- error_description: 'User pin is required',
+ error: 'invalid_grant',
+ error_description: 'PIN is invalid',
  })
  })
  it('should return http code 400 with message pre-authorized_code is required', async () => {

diff --git a/packages/issuer/lib/tokens/index.ts b/packages/issuer/lib/tokens/index.ts
@@ -99,9 +99,7 @@ export const assertValidAccessTokenRequest = async (
  the Authorization Server expects a PIN in the pre-authorized flow but the client does not provide a PIN
  */
  if (
- credentialOfferSession.credentialOffer.credential_offer?.grants?.['urn:ietf:params:oauth:grant-type:pre-authorized_code']?.[
- 'pre-authorized_code'
- ] &&
+ credentialOfferSession.credentialOffer.credential_offer?.grants?.['urn:ietf:params:oauth:grant-type:pre-authorized_code']?.tx_code &&
  !request.user_pin
  ) {
  throw new TokenError(400, TokenErrorResponse.invalid_request, USER_PIN_REQUIRED_ERROR)