[OID4VCI] Revisit and fix OAuthClient.preAuthorizedCodeGrantRequest() #46003
Description
Description
Currently we send a pre-auth AccessToken request like this ...
PreAuthorizedCode preAuthorizedCode = credOffer.getGrants().getPreAuthorizedCode();
AccessTokenResponse accessTokenResponse = oauth.oid4vc()
.preAuthorizedCodeGrantRequest(preAuthorizedCode.getPreAuthorizedCode())
.endpoint(ctx.authorizationMetadata.getTokenEndpoint())
.send();
int statusCode = accessTokenResponse.getStatusCode();
if (HttpStatus.SC_OK != statusCode) {
throw new IllegalStateException(accessTokenResponse.getErrorDescription() != null
? accessTokenResponse.getErrorDescription()
: "Request failed with status " + statusCode);
}
String accessToken = accessTokenResponse.getAccessToken();
This code has several issues ...
- It suggests that the endpoint Url is needed
- The pre-auth AccessToken could reuse oauth.accessTokenRequest() because it is one
- It does not support
authorization_details - Error handling should not have to be duplicated for every request
Value Proposition
- remove calls to PreAuthorizedCodeGrantRequest.endpoint()
- reuse existing AccessTokenRequest, which supports
authorization_detailsalready - error handling by AccessTokenResponse
Goals
Cleaner and more reliable code
Non-Goals
--
Discussion
No response
Notes
No response