@openid4vc/openid4vp 0.3.0-alpha-20250416121152 → 0.3.0-alpha-20250504132432
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.js +2 -2
- package/dist/index.js.map +1 -1
- package/dist/index.mjs +2 -2
- package/dist/index.mjs.map +1 -1
- package/package.json +3 -3
package/dist/index.js
CHANGED
|
@@ -1102,7 +1102,7 @@ async function verifyJarRequest(options) {
|
|
|
1102
1102
|
if (!requestIsSigned) {
|
|
1103
1103
|
throw new import_oauth217.Oauth2ServerErrorResponseError({
|
|
1104
1104
|
error: import_oauth217.Oauth2ErrorCodes.InvalidRequestObject,
|
|
1105
|
-
error_description: "
|
|
1105
|
+
error_description: "JAR request object is not a valid JWT."
|
|
1106
1106
|
});
|
|
1107
1107
|
}
|
|
1108
1108
|
const { authorizationRequestPayload, signer, jwt } = await verifyJarRequestObject({
|
|
@@ -1115,7 +1115,7 @@ async function verifyJarRequest(options) {
|
|
|
1115
1115
|
error_description: 'Jar Request Object is missing the required "client_id" field.'
|
|
1116
1116
|
});
|
|
1117
1117
|
}
|
|
1118
|
-
if (jarRequestParams.client_id !== authorizationRequestPayload.client_id) {
|
|
1118
|
+
if (!isOpenid4vpResponseModeDcApi(authorizationRequestPayload.response_mode) && jarRequestParams.client_id !== authorizationRequestPayload.client_id) {
|
|
1119
1119
|
throw new import_oauth217.Oauth2ServerErrorResponseError({
|
|
1120
1120
|
error: import_oauth217.Oauth2ErrorCodes.InvalidRequest,
|
|
1121
1121
|
error_description: "client_id does not match the request object client_id."
|