Fixes

Author: skyforce77

src/main/java/com/authlete/jaxrs/server/api/vci/AbstractCredentialEndpoint.java

@@ -52,10 +52,7 @@ private String processAccessToken(final HttpServletRequest request)
         // The value of the "Authorization" header.
         final String authorization = request.getHeader(HttpHeaders.AUTHORIZATION);
 
-        // If an access token have been set
-        final String accessToken = request.getParameter("access_token");
-
-        return super.extractAccessToken(authorization, accessToken);
+        return super.extractAccessToken(authorization, null);
     }
 
 

src/main/java/com/authlete/jaxrs/server/api/vci/CredentialEndpoint.java

@@ -61,6 +61,10 @@ public Response post(@Context HttpServletRequest request,
 
         final CredentialIssuanceOrder order =
                 CredentialUtil.toOrder(introspection, credential);
+        if(order == null)
+        {
+            return ExceptionUtil.badRequest(String.format("Unsupported credential format %s.", formatId));
+        }
 
         // Issue
         return credentialIssue(api, order, accessToken);

…rver/api/vci/JWKSetMetadataEndpoint.java …er/api/vci/CredentialJWKSetEndpoint.javasrc/main/java/com/authlete/jaxrs/server/api/vci/JWKSetMetadataEndpoint.java renamed to src/main/java/com/authlete/jaxrs/server/api/vci/CredentialJWKSetEndpoint.java src/main/java/com/authlete/jaxrs/server/api/vci/JWKSetMetadataEndpoint.java renamed to src/main/java/com/authlete/jaxrs/server/api/vci/CredentialJWKSetEndpoint.java

@@ -29,19 +29,19 @@
 import com.authlete.jaxrs.server.util.ResponseUtil;
 
 
-@Path("/.well-known/jwks.json")
-public class JWKSetMetadataEndpoint extends AbstractCredentialEndpoint
+@Path("/api/vci/jwks")
+public class CredentialJWKSetEndpoint extends AbstractCredentialEndpoint
 {
     @GET
     public Response get()
     {
         final AuthleteApi api = AuthleteApiFactory.getDefaultApi();
 
-        return metadata(api);
+        return process(api);
     }
 
 
-    private Response metadata(final AuthleteApi api)
+    private Response process(final AuthleteApi api)
             throws WebApplicationException
     {
         final CredentialIssuerJwksRequest request =

src/main/java/com/authlete/jaxrs/server/api/vci/DeferredCredentialEndpoint.java

@@ -39,7 +39,7 @@
 import com.authlete.jaxrs.server.util.ResponseUtil;
 
 
-@Path("/api/credential_deferred")
+@Path("/api/deferred_credential")
 public class DeferredCredentialEndpoint extends AbstractCredentialEndpoint
 {
     @POST
@@ -64,7 +64,7 @@ public Response post(@Context HttpServletRequest request,
 
         if (order.isIssuanceDeferred())
         {
-            return ResponseUtil.badRequest("Issuance not ready yet.");
+            return ResponseUtil.badRequestJson("{\"error\": \"issuance_pending\"");
         }
 
         // Issue
@@ -110,10 +110,10 @@ private CredentialRequestInfo credentialDeferredParse(final AuthleteApi api,
     private Response credentialIssue(final AuthleteApi api,
                                      final CredentialIssuanceOrder order)
     {
-        final CredentialDeferredIssueRequest credentialSingleIssueRequest = new CredentialDeferredIssueRequest()
+        final CredentialDeferredIssueRequest request = new CredentialDeferredIssueRequest()
                 .setOrder(order);
 
-        final CredentialDeferredIssueResponse response = api.credentialDeferredIssue(credentialSingleIssueRequest);
+        final CredentialDeferredIssueResponse response = api.credentialDeferredIssue(request);
         final String content = response.getResponseContent();
 
         switch (response.getAction())
@@ -125,7 +125,7 @@ private Response credentialIssue(final AuthleteApi api,
                 return ResponseUtil.forbiddenJson(content);
 
             case OK:
-                return ResponseUtil.ok(content);
+                return ResponseUtil.okJson(content);
 
             case INTERNAL_SERVER_ERROR:
             default:

src/main/java/com/authlete/jaxrs/server/api/vci/JWTIssuerMetadataEndpoint.java

@@ -0,0 +1,70 @@
+/*
+ * Copyright (C) 2023 Authlete, Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,
+ * either express or implied. See the License for the specific
+ * language governing permissions and limitations under the
+ * License.
+ */
+package com.authlete.jaxrs.server.api.vci;
+
+
+import javax.ws.rs.GET;
+import javax.ws.rs.Path;
+import javax.ws.rs.WebApplicationException;
+import javax.ws.rs.core.Response;
+import com.authlete.common.api.AuthleteApi;
+import com.authlete.common.api.AuthleteApiFactory;
+import com.authlete.common.dto.CredentialIssuerJwksRequest;
+import com.authlete.common.dto.CredentialIssuerJwksResponse;
+import com.authlete.common.dto.CredentialJwtIssuerMetadataRequest;
+import com.authlete.common.dto.CredentialJwtIssuerMetadataResponse;
+import com.authlete.jaxrs.server.util.ExceptionUtil;
+import com.authlete.jaxrs.server.util.ResponseUtil;
+
+
+@Path("/.well-known/jwt-issuer")
+public class JWTIssuerMetadataEndpoint extends AbstractCredentialEndpoint
+{
+    @GET
+    public Response get()
+    {
+        final AuthleteApi api = AuthleteApiFactory.getDefaultApi();
+
+        return metadata(api);
+    }
+
+
+    private Response metadata(final AuthleteApi api)
+            throws WebApplicationException
+    {
+        final CredentialJwtIssuerMetadataRequest request =
+                new CredentialJwtIssuerMetadataRequest()
+                        .setPretty(false);
+
+        final CredentialJwtIssuerMetadataResponse response =
+                api.credentialJwtIssuerMetadata(request);
+        final String content = response.getResponseContent();
+
+        switch (response.getAction())
+        {
+            case NOT_FOUND:
+                return ResponseUtil.notFoundJson(content);
+
+            case OK:
+                return ResponseUtil.okJson(content);
+
+            case INTERNAL_SERVER_ERROR:
+            default:
+                throw ExceptionUtil.internalServerErrorExceptionJson(content);
+        }
+    }
+}