[bugfix] mdoc credential request without the 'claims' property

TakahikoKawasaki · TakahikoKawasaki · commit 3060a0dff2b5 · 2024-06-05T07:41:20.000+09:00
diff --git a/src/main/java/com/authlete/jaxrs/server/vc/MdocOrderProcessor.java b/src/main/java/com/authlete/jaxrs/server/vc/MdocOrderProcessor.java
@@ -116,18 +116,45 @@ private static boolean matchDocType(
     @SuppressWarnings("unchecked")
     private static boolean includeClaims(
             Map<String, Object> issuableCredential,
-            Map<String, Object> requestedCredential)
+            Map<String, Object> requestedCredential) throws InvalidCredentialRequestException
     {
         // The claims in the issuable credential.
         Object issuableCredentialClaims = issuableCredential.get(KEY_CLAIMS);
 
         // The claims in the requested credential.
         Object requestedCredentialClaims = requestedCredential.get(KEY_CLAIMS);
 
-        // If either or both are not maps.
-        if (!(issuableCredentialClaims instanceof Map) ||
-            !(requestedCredentialClaims instanceof Map))
+        // If the credential request does not include the "claims" property.
+        if (requestedCredentialClaims == null)
+        {
+            // Conceptually, any issuable credential includes an empty claim set.
+            // But note that the issued verifiable credential will include no claim.
+            return true;
+        }
+
+        // If the credential request includes the "claims" property but its
+        // value is not a JSON object.
+        if (!(requestedCredentialClaims instanceof Map))
+        {
+            throw new InvalidCredentialRequestException(
+                    "The value of the 'claims' property in the credential request is not a JSON object.");
+        }
+
+        // If the content of the "claims" property in the credential request is empty.
+        if (((Map<String, Object>)requestedCredentialClaims).isEmpty())
         {
+            // Conceptually, any issuable credential includes an empty claim set.
+            // But note that the issued verifiable credential will include no claim.
+            return true;
+        }
+
+        // If the code flow reaches here, requestedCredentialClaims contains
+        // at least one claim.
+
+        // If the issuable credential does include any claims.
+        if (!(issuableCredentialClaims instanceof Map))
+        {
+            // No claim can be requested.
             return false;
         }
 
@@ -271,6 +298,13 @@ private static Map<String, Object> buildClaims(
 
         Map<String, Object> claims = new LinkedHashMap<>();
 
+        // If the credential request does not include the "claims" property.
+        if (requestedClaims == null)
+        {
+            // The verifiable credential will include no claim.
+            return claims;
+        }
+
         for (Map.Entry<String, Object> requestedNameSpace : requestedClaims.entrySet())
         {
             // The name space
