@sphereon/oid4vci-client 0.2.0 → 0.4.1-unstable.247

package/lib/__tests__/MetadataMocks.ts

@@ -0,0 +1,428 @@
+import { CredentialOfferPayloadV1_0_09, CredentialOfferRequestWithBaseUrl, OpenId4VCIVersion } from '@sphereon/oid4vci-common';
+
+export const IDENTIPROOF_ISSUER_URL = 'https://issuer.research.identiproof.io';
+export const IDENTIPROOF_AS_URL = 'https://auth.research.identiproof.io';
+export const SPRUCE_ISSUER_URL = 'https://ngi-oidc4vci-test.spruceid.xyz';
+export const DANUBE_ISSUER_URL = 'https://oidc4vc.uniissuer.io';
+export const WALT_ISSUER_URL = 'https://jff.walt.id/issuer-api/oidc';
+export const INITIATION_TEST_HTTPS_URI =
+  'https://server.example.com?issuer=https%3A%2F%2Fserver%2Eexample%2Ecom&credential_type=https%3A%2F%2Fdid%2Eexample%2Eorg%2FhealthCard&credential_type=https%3A%2F%2Fdid%2Eexample%2Eorg%2FdriverLicense&op_state=eyJhbGciOiJSU0Et...FYUaBy';
+export const INITIATION_TEST_URI =
+  'openid-initiate-issuance://?credential_type=OpenBadgeCredential&issuer=https%3A%2F%2Fjff%2Ewalt%2Eid%2Fissuer-api%2Foidc%2F&pre-authorized_code=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJhOTUyZjUxNi1jYWVmLTQ4YjMtODIxYy00OTRkYzgyNjljZjAiLCJwcmUtYXV0aG9yaXplZCI6dHJ1ZX0.YE5DlalcLC2ChGEg47CQDaN1gTxbaQqSclIVqsSAUHE&user_pin_required=false';
+
+export const INITIATION_TEST: CredentialOfferRequestWithBaseUrl = {
+  baseUrl: 'openid-initiate-issuance://',
+  request: {
+    credential_type: 'OpenBadgeCredential',
+    issuer: 'https://jff.walt.id/issuer-api/oidc/',
+    'pre-authorized_code':
+      'eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJhOTUyZjUxNi1jYWVmLTQ4YjMtODIxYy00OTRkYzgyNjljZjAiLCJwcmUtYXV0aG9yaXplZCI6dHJ1ZX0.YE5DlalcLC2ChGEg47CQDaN1gTxbaQqSclIVqsSAUHE',
+    user_pin_required: 'false',
+  } as CredentialOfferPayloadV1_0_09,
+  version: OpenId4VCIVersion.VER_1_0_09,
+};
+export const IDENTIPROOF_AS_METADATA = {
+  issuer: 'https://auth.research.identiproof.io',
+  authorization_endpoint: 'https://auth.research.identiproof.io/oauth2/authorize',
+  token_endpoint: 'https://auth.research.identiproof.io/oauth2/token',
+  token_endpoint_auth_methods_supported: ['client_secret_basic', 'client_secret_post', 'client_secret_jwt', 'private_key_jwt'],
+  jwks_uri: 'https://auth.research.identiproof.io/oauth2/jwks',
+  response_types_supported: ['code'],
+  grant_types_supported: ['authorization_code', 'urn:ietf:params:oauth:grant-type:pre-authorized_code', 'client_credentials', 'refresh_token'],
+  revocation_endpoint: 'https://auth.research.identiproof.io/oauth2/revoke',
+  revocation_endpoint_auth_methods_supported: ['client_secret_basic', 'client_secret_post', 'client_secret_jwt', 'private_key_jwt'],
+  introspection_endpoint: 'https://auth.research.identiproof.io/oauth2/introspect',
+  introspection_endpoint_auth_methods_supported: ['client_secret_basic', 'client_secret_post', 'client_secret_jwt', 'private_key_jwt'],
+  code_challenge_methods_supported: ['S256'],
+};
+
+export const IDENTIPROOF_OID4VCI_METADATA = {
+  issuer: 'https://issuer.research.identiproof.io',
+  authorization_server: 'https://auth.research.identiproof.io',
+  credential_endpoint: 'https://issuer.research.identiproof.io/credential',
+  jwks_uri: 'https://issuer.research.identiproof.io/.well-known/did.json',
+  credentials_supported: {
+    'Cyber Security Certificate': {
+      formats: {
+        jwt_vc: {
+          types: ['VerifiableCredential', 'Cyber Security Certificate'],
+          cryptographic_binding_methods_supported: ['did'],
+          cryptographic_suites_supported: ['ES256'],
+        },
+      },
+    },
+    OpenBadgeCredential: {
+      formats: {
+        jwt_vc: {
+          types: ['VerifiableCredential', 'OpenBadgeCredential'],
+          cryptographic_binding_methods_supported: ['did'],
+          cryptographic_suites_supported: ['ES256'],
+        },
+      },
+    },
+    OpenBadgeExtendedCredential: {
+      formats: {
+        jwt_vc: {
+          types: ['VerifiableCredential', 'OpenBadgeExtendedCredential'],
+          cryptographic_binding_methods_supported: ['did'],
+          cryptographic_suites_supported: ['ES256'],
+        },
+      },
+    },
+  },
+};
+
+export const SPRUCE_OID4VCI_METADATA = {
+  issuer: 'https://ngi-oidc4vci-test.spruceid.xyz',
+  credential_endpoint: 'https://ngi-oidc4vci-test.spruceid.xyz/credential',
+  token_endpoint: 'https://ngi-oidc4vci-test.spruceid.xyz/token',
+  jwks_uri: 'https://ngi-oidc4vci-test.spruceid.xyz/jwks',
+  grant_types_supported: ['urn:ietf:params:oauth:grant-type:pre-authorized_code'],
+  credentials_supported: {
+    OpenBadgeCredential: {
+      formats: {
+        jwt_vc: {
+          types: ['VerifiableCredential', 'OpenBadgeCredential'],
+          cryptographic_binding_methods_supported: ['did'],
+          cryptographic_suites_supported: ['ES256', 'ES256K'],
+        },
+        ldp_vc: {
+          types: ['VerifiableCredential', 'OpenBadgeCredential'],
+          cryptographic_binding_methods_supported: ['did'],
+          cryptographic_suites_supported: ['Ed25519Signature2018'],
+        },
+      },
+    },
+  },
+};
+
+export const DANUBE_OIDC_METADATA = {
+  response_types_supported: ['code', 'token'],
+  credentials_supported: {
+    OpenBadgeCredential: {
+      display: [
+        {
+          name: 'Open Badge V3',
+          locale: 'en-US',
+          logo: { url: 'https://uniissuer.io/images/logo.jpg' },
+        },
+      ],
+      formats: {
+        ldp_vc: {
+          types: ['VerifiableCredential', 'OpenBadgeCredential'],
+          cryptographic_binding_methods_supported: ['did'],
+          cryptographic_suites_supported: ['Ed25519Signature2018', 'Ed25519Signature2020', 'EcdsaSecp256k1Signature2019', 'JsonWebSignature2020'],
+        },
+        jwt_vc: {
+          types: ['VerifiableCredential', 'OpenBadgeCredential'],
+          cryptographic_binding_methods_supported: ['did'],
+          cryptographic_suites_supported: ['Ed25519Signature2018', 'Ed25519Signature2020', 'EcdsaSecp256k1Signature2019', 'JsonWebSignature2020'],
+        },
+      },
+      claims: { achievement: { mandatory: true, value_type: 'object' } },
+    },
+    VaccinationCertificate: {
+      formats: {
+        jwt_vc: {
+          types: ['VerifiableCredential', 'VaccinationCertificate'],
+          cryptographic_binding_methods_supported: ['did'],
+          cryptographic_suites_supported: ['Ed25519Signature2018', 'Ed25519Signature2020', 'EcdsaSecp256k1Signature2019', 'JsonWebSignature2020'],
+        },
+      },
+    },
+  },
+  credential_issuer: {
+    display: [
+      {
+        name: 'Danube Tech',
+        locale: 'en-US',
+        logo: { url: 'https://uniissuer.io/images/logo.jpg' },
+      },
+    ],
+  },
+  code_challenge_methods_supported: ['plain', 'S256'],
+  grant_types_supported: ['authorization_code', 'urn:ietf:params:oauth:grant-type:pre-authorized_code'],
+  token_endpoint_auth_methods_supported: ['client_secret_post', 'client_secret_basic'],
+  authorization_endpoint: 'https://oidc4vc.uniissuer.io/authorize',
+  token_endpoint: 'https://oidc4vc.uniissuer.io/token',
+  credential_endpoint: 'https://oidc4vc.uniissuer.io/credential',
+};
+
+export const WALT_OID4VCI_METADATA = {
+  authorization_endpoint: 'https://jff.walt.id/issuer-api/oidc/fulfillPAR',
+  token_endpoint: 'https://jff.walt.id/issuer-api/oidc/token',
+  pushed_authorization_request_endpoint: 'https://jff.walt.id/issuer-api/oidc/par',
+  issuer: 'https://jff.walt.id/issuer-api',
+  jwks_uri: 'https://jff.walt.id/issuer-api/oidc',
+  grant_types_supported: ['authorization_code', 'urn:ietf:params:oauth:grant-type:pre-authorized_code'],
+  request_uri_parameter_supported: true,
+  credentials_supported: {
+    VerifiableDiploma: {
+      display: [{ name: 'VerifiableDiploma' }],
+      formats: {
+        ldp_vc: {
+          cryptographic_binding_methods_supported: ['did'],
+          cryptographic_suites_supported: [
+            'Ed25519Signature2018',
+            'Ed25519Signature2020',
+            'EcdsaSecp256k1Signature2019',
+            'RsaSignature2018',
+            'JsonWebSignature2020',
+            'JcsEd25519Signature2020',
+          ],
+          types: ['VerifiableCredential', 'VerifiableAttestation', 'VerifiableDiploma'],
+        },
+        jwt_vc: {
+          cryptographic_binding_methods_supported: ['did'],
+          cryptographic_suites_supported: ['ES256', 'ES256K', 'EdDSA', 'RS256', 'PS256'],
+          types: ['VerifiableCredential', 'VerifiableAttestation', 'VerifiableDiploma'],
+        },
+      },
+    },
+    VerifiableVaccinationCertificate: {
+      display: [{ name: 'VerifiableVaccinationCertificate' }],
+      formats: {
+        ldp_vc: {
+          cryptographic_binding_methods_supported: ['did'],
+          cryptographic_suites_supported: [
+            'Ed25519Signature2018',
+            'Ed25519Signature2020',
+            'EcdsaSecp256k1Signature2019',
+            'RsaSignature2018',
+            'JsonWebSignature2020',
+            'JcsEd25519Signature2020',
+          ],
+          types: ['VerifiableCredential', 'VerifiableAttestation', 'VerifiableVaccinationCertificate'],
+        },
+        jwt_vc: {
+          cryptographic_binding_methods_supported: ['did'],
+          cryptographic_suites_supported: ['ES256', 'ES256K', 'EdDSA', 'RS256', 'PS256'],
+          types: ['VerifiableCredential', 'VerifiableAttestation', 'VerifiableVaccinationCertificate'],
+        },
+      },
+    },
+    Europass: {
+      display: [{ name: 'Europass' }],
+      formats: {
+        ldp_vc: {
+          cryptographic_binding_methods_supported: ['did'],
+          cryptographic_suites_supported: [
+            'Ed25519Signature2018',
+            'Ed25519Signature2020',
+            'EcdsaSecp256k1Signature2019',
+            'RsaSignature2018',
+            'JsonWebSignature2020',
+            'JcsEd25519Signature2020',
+          ],
+          types: ['VerifiableCredential', 'VerifiableAttestation', 'Europass'],
+        },
+        jwt_vc: {
+          cryptographic_binding_methods_supported: ['did'],
+          cryptographic_suites_supported: ['ES256', 'ES256K', 'EdDSA', 'RS256', 'PS256'],
+          types: ['VerifiableCredential', 'VerifiableAttestation', 'Europass'],
+        },
+      },
+    },
+    VerifiableMandate: {
+      display: [{ name: 'VerifiableMandate' }],
+      formats: {
+        ldp_vc: {
+          cryptographic_binding_methods_supported: ['did'],
+          cryptographic_suites_supported: [
+            'Ed25519Signature2018',
+            'Ed25519Signature2020',
+            'EcdsaSecp256k1Signature2019',
+            'RsaSignature2018',
+            'JsonWebSignature2020',
+            'JcsEd25519Signature2020',
+          ],
+          types: ['VerifiableCredential', 'VerifiableMandate'],
+        },
+        jwt_vc: {
+          cryptographic_binding_methods_supported: ['did'],
+          cryptographic_suites_supported: ['ES256', 'ES256K', 'EdDSA', 'RS256', 'PS256'],
+          types: ['VerifiableCredential', 'VerifiableMandate'],
+        },
+      },
+    },
+    EuropeanBankIdentity: {
+      display: [{ name: 'EuropeanBankIdentity' }],
+      formats: {
+        ldp_vc: {
+          cryptographic_binding_methods_supported: ['did'],
+          cryptographic_suites_supported: [
+            'Ed25519Signature2018',
+            'Ed25519Signature2020',
+            'EcdsaSecp256k1Signature2019',
+            'RsaSignature2018',
+            'JsonWebSignature2020',
+            'JcsEd25519Signature2020',
+          ],
+          types: ['VerifiableCredential', 'EuropeanBankIdentity'],
+        },
+        jwt_vc: {
+          cryptographic_binding_methods_supported: ['did'],
+          cryptographic_suites_supported: ['ES256', 'ES256K', 'EdDSA', 'RS256', 'PS256'],
+          types: ['VerifiableCredential', 'EuropeanBankIdentity'],
+        },
+      },
+    },
+    VerifiableAttestation: {
+      display: [{ name: 'VerifiableAttestation' }],
+      formats: {
+        ldp_vc: {
+          cryptographic_binding_methods_supported: ['did'],
+          cryptographic_suites_supported: [
+            'Ed25519Signature2018',
+            'Ed25519Signature2020',
+            'EcdsaSecp256k1Signature2019',
+            'RsaSignature2018',
+            'JsonWebSignature2020',
+            'JcsEd25519Signature2020',
+          ],
+          types: ['VerifiableCredential', 'VerifiableAttestation'],
+        },
+        jwt_vc: {
+          cryptographic_binding_methods_supported: ['did'],
+          cryptographic_suites_supported: ['ES256', 'ES256K', 'EdDSA', 'RS256', 'PS256'],
+          types: ['VerifiableCredential', 'VerifiableAttestation'],
+        },
+      },
+    },
+    OpenBadgeCredential: {
+      display: [{ name: 'OpenBadgeCredential' }],
+      formats: {
+        ldp_vc: {
+          cryptographic_binding_methods_supported: ['did'],
+          cryptographic_suites_supported: [
+            'Ed25519Signature2018',
+            'Ed25519Signature2020',
+            'EcdsaSecp256k1Signature2019',
+            'RsaSignature2018',
+            'JsonWebSignature2020',
+            'JcsEd25519Signature2020',
+          ],
+          types: ['VerifiableCredential', 'OpenBadgeCredential'],
+        },
+        jwt_vc: {
+          cryptographic_binding_methods_supported: ['did'],
+          cryptographic_suites_supported: ['ES256', 'ES256K', 'EdDSA', 'RS256', 'PS256'],
+          types: ['VerifiableCredential', 'OpenBadgeCredential'],
+        },
+      },
+    },
+    PeerReview: {
+      display: [{ name: 'PeerReview' }],
+      formats: {
+        ldp_vc: {
+          cryptographic_binding_methods_supported: ['did'],
+          cryptographic_suites_supported: [
+            'Ed25519Signature2018',
+            'Ed25519Signature2020',
+            'EcdsaSecp256k1Signature2019',
+            'RsaSignature2018',
+            'JsonWebSignature2020',
+            'JcsEd25519Signature2020',
+          ],
+          types: ['VerifiableCredential', 'PeerReview'],
+        },
+        jwt_vc: {
+          cryptographic_binding_methods_supported: ['did'],
+          cryptographic_suites_supported: ['ES256', 'ES256K', 'EdDSA', 'RS256', 'PS256'],
+          types: ['VerifiableCredential', 'PeerReview'],
+        },
+      },
+    },
+    ProofOfResidence: {
+      display: [{ name: 'ProofOfResidence' }],
+      formats: {
+        ldp_vc: {
+          cryptographic_binding_methods_supported: ['did'],
+          cryptographic_suites_supported: [
+            'Ed25519Signature2018',
+            'Ed25519Signature2020',
+            'EcdsaSecp256k1Signature2019',
+            'RsaSignature2018',
+            'JsonWebSignature2020',
+            'JcsEd25519Signature2020',
+          ],
+          types: ['VerifiableCredential', 'VerifiableAttestation', 'ProofOfResidence'],
+        },
+        jwt_vc: {
+          cryptographic_binding_methods_supported: ['did'],
+          cryptographic_suites_supported: ['ES256', 'ES256K', 'EdDSA', 'RS256', 'PS256'],
+          types: ['VerifiableCredential', 'VerifiableAttestation', 'ProofOfResidence'],
+        },
+      },
+    },
+    AmletCredential: {
+      display: [{ name: 'AmletCredential' }],
+      formats: {
+        ldp_vc: {
+          cryptographic_binding_methods_supported: ['did'],
+          cryptographic_suites_supported: [
+            'Ed25519Signature2018',
+            'Ed25519Signature2020',
+            'EcdsaSecp256k1Signature2019',
+            'RsaSignature2018',
+            'JsonWebSignature2020',
+            'JcsEd25519Signature2020',
+          ],
+          types: ['VerifiableCredential', 'AmletCredential'],
+        },
+        jwt_vc: {
+          cryptographic_binding_methods_supported: ['did'],
+          cryptographic_suites_supported: ['ES256', 'ES256K', 'EdDSA', 'RS256', 'PS256'],
+          types: ['VerifiableCredential', 'AmletCredential'],
+        },
+      },
+    },
+    ParticipantCredential: {
+      display: [{ name: 'ParticipantCredential' }],
+      formats: {
+        ldp_vc: {
+          cryptographic_binding_methods_supported: ['did'],
+          cryptographic_suites_supported: [
+            'Ed25519Signature2018',
+            'Ed25519Signature2020',
+            'EcdsaSecp256k1Signature2019',
+            'RsaSignature2018',
+            'JsonWebSignature2020',
+            'JcsEd25519Signature2020',
+          ],
+          types: ['VerifiableCredential', 'ParticipantCredential'],
+        },
+        jwt_vc: {
+          cryptographic_binding_methods_supported: ['did'],
+          cryptographic_suites_supported: ['ES256', 'ES256K', 'EdDSA', 'RS256', 'PS256'],
+          types: ['VerifiableCredential', 'ParticipantCredential'],
+        },
+      },
+    },
+    VerifiableId: {
+      display: [{ name: 'VerifiableId' }],
+      formats: {
+        ldp_vc: {
+          cryptographic_binding_methods_supported: ['did'],
+          cryptographic_suites_supported: [
+            'Ed25519Signature2018',
+            'Ed25519Signature2020',
+            'EcdsaSecp256k1Signature2019',
+            'RsaSignature2018',
+            'JsonWebSignature2020',
+            'JcsEd25519Signature2020',
+          ],
+          types: ['VerifiableCredential', 'VerifiableAttestation', 'VerifiableId'],
+        },
+        jwt_vc: {
+          cryptographic_binding_methods_supported: ['did'],
+          cryptographic_suites_supported: ['ES256', 'ES256K', 'EdDSA', 'RS256', 'PS256'],
+          types: ['VerifiableCredential', 'VerifiableAttestation', 'VerifiableId'],
+        },
+      },
+    },
+  },
+  credential_issuer: { display: [{ locale: null, name: 'https://jff.walt.id/issuer-api' }] },
+  credential_endpoint: 'https://jff.walt.id/issuer-api/oidc/credential',
+  subject_types_supported: ['public'],
+};

package/lib/__tests__/OpenID4VCIClient.spec.ts

@@ -0,0 +1,166 @@
+import { AuthzFlowType, CodeChallengeMethod } from '@sphereon/oid4vci-common';
+// eslint-disable-next-line @typescript-eslint/ban-ts-comment
+// @ts-ignore
+import nock from 'nock';
+
+import { OpenID4VCIClient } from '../OpenID4VCIClient';
+
+const MOCK_URL = 'https://server.example.com/';
+
+describe('OpenID4VCIClient should', () => {
+  let client: OpenID4VCIClient;
+
+  beforeEach(async () => {
+    nock(MOCK_URL).get(/.*/).reply(200, {});
+    client = await OpenID4VCIClient.fromURI({
+      uri: 'openid-initiate-issuance://?issuer=https://server.example.com&credential_type=TestCredential',
+      flowType: AuthzFlowType.AUTHORIZATION_CODE_FLOW,
+    });
+  });
+
+  afterEach(() => {
+    nock.cleanAll();
+  });
+
+  it('should create successfully construct an authorization request url', async () => {
+    // eslint-disable-next-line @typescript-eslint/ban-ts-comment
+    // @ts-ignore
+    client._endpointMetadata?.issuerMetadata.authorization_endpoint = `${MOCK_URL}v1/auth/authorize`;
+    const url = client.createAuthorizationRequestUrl({
+      clientId: 'test-client',
+      codeChallengeMethod: CodeChallengeMethod.SHA256,
+      codeChallenge: 'mE2kPHmIprOqtkaYmESWj35yz-PB5vzdiSu0tAZ8sqs',
+      scope: 'openid TestCredential',
+      redirectUri: 'http://localhost:8881/cb',
+    });
+
+    const urlSearchParams = new URLSearchParams(url.split('?')[1]);
+    const scope = urlSearchParams.get('scope')?.split(' ');
+
+    expect(scope?.[0]).toBe('openid');
+  });
+  it('throw an error if authorization endpoint is not set in server metadata', async () => {
+    expect(() => {
+      client.createAuthorizationRequestUrl({
+        clientId: 'test-client',
+        codeChallengeMethod: CodeChallengeMethod.SHA256,
+        codeChallenge: 'mE2kPHmIprOqtkaYmESWj35yz-PB5vzdiSu0tAZ8sqs',
+        scope: 'openid TestCredential',
+        redirectUri: 'http://localhost:8881/cb',
+      });
+    }).toThrow(Error('Server metadata does not contain authorization endpoint'));
+  });
+  it("injects 'openid' as the first scope if not provided", async () => {
+    // eslint-disable-next-line @typescript-eslint/ban-ts-comment
+    // @ts-ignore
+    client._endpointMetadata?.issuerMetadata.authorization_endpoint = `${MOCK_URL}v1/auth/authorize`;
+
+    const url = client.createAuthorizationRequestUrl({
+      clientId: 'test-client',
+      codeChallengeMethod: CodeChallengeMethod.SHA256,
+      codeChallenge: 'mE2kPHmIprOqtkaYmESWj35yz-PB5vzdiSu0tAZ8sqs',
+      scope: 'TestCredential',
+      redirectUri: 'http://localhost:8881/cb',
+    });
+
+    const urlSearchParams = new URLSearchParams(url.split('?')[1]);
+    const scope = urlSearchParams.get('scope')?.split(' ');
+
+    expect(scope?.[0]).toBe('openid');
+  });
+  it('throw an error if no scope and no authorization_details is provided', async () => {
+    // eslint-disable-next-line @typescript-eslint/ban-ts-comment
+    // @ts-ignore
+    client._endpointMetadata?.issuerMetadata.authorization_endpoint = `${MOCK_URL}v1/auth/authorize`;
+
+    expect(() => {
+      client.createAuthorizationRequestUrl({
+        clientId: 'test-client',
+        codeChallengeMethod: CodeChallengeMethod.SHA256,
+        codeChallenge: 'mE2kPHmIprOqtkaYmESWj35yz-PB5vzdiSu0tAZ8sqs',
+        redirectUri: 'http://localhost:8881/cb',
+      });
+    }).toThrow(Error('Please provide a scope or authorization_details'));
+  });
+  it('create an authorization request url with authorization_details array property', async () => {
+    // eslint-disable-next-line @typescript-eslint/ban-ts-comment
+    // @ts-ignore
+    client._endpointMetadata.issuerMetadata.authorization_endpoint = `${MOCK_URL}v1/auth/authorize`;
+
+    expect(
+      client.createAuthorizationRequestUrl({
+        clientId: 'test-client',
+        codeChallengeMethod: CodeChallengeMethod.SHA256,
+        codeChallenge: 'mE2kPHmIprOqtkaYmESWj35yz-PB5vzdiSu0tAZ8sqs',
+        authorizationDetails: [
+          {
+            type: 'openid_credential',
+            format: 'ldp_vc',
+            credential_definition: {
+              '@context': ['https://www.w3.org/2018/credentials/v1', 'https://www.w3.org/2018/credentials/examples/v1'],
+              types: ['VerifiableCredential', 'UniversityDegreeCredential'],
+            },
+          },
+          {
+            type: 'openid_credential',
+            format: 'mso_mdoc',
+            doctype: 'org.iso.18013.5.1.mDL',
+          },
+        ],
+        redirectUri: 'http://localhost:8881/cb',
+      })
+    ).toEqual(
+      'https://server.example.com/v1/auth/authorize?response_type=code&client_id=test-client&code_challenge_method=S256&code_challenge=mE2kPHmIprOqtkaYmESWj35yz-PB5vzdiSu0tAZ8sqs&authorization_details=%5B%7B%22type%22%3A%22openid_credential%22%2C%22format%22%3A%22ldp_vc%22%2C%22credential_definition%22%3A%7B%22%40context%22%3A%5B%22https%3A%2F%2Fwww%2Ew3%2Eorg%2F2018%2Fcredentials%2Fv1%22%2C%22https%3A%2F%2Fwww%2Ew3%2Eorg%2F2018%2Fcredentials%2Fexamples%2Fv1%22%5D%2C%22types%22%3A%5B%22VerifiableCredential%22%2C%22UniversityDegreeCredential%22%5D%7D%2C%22locations%22%3A%22https%3A%2F%2Fserver%2Eexample%2Ecom%22%7D%2C%7B%22type%22%3A%22openid_credential%22%2C%22format%22%3A%22mso_mdoc%22%2C%22doctype%22%3A%22org%2Eiso%2E18013%2E5%2E1%2EmDL%22%2C%22locations%22%3A%22https%3A%2F%2Fserver%2Eexample%2Ecom%22%7D%5D&redirect_uri=http%3A%2F%2Flocalhost%3A8881%2Fcb'
+    );
+  });
+  it('create an authorization request url with authorization_details object property', async () => {
+    // eslint-disable-next-line @typescript-eslint/ban-ts-comment
+    // @ts-ignore
+    client._endpointMetadata.issuerMetadata.authorization_endpoint = `${MOCK_URL}v1/auth/authorize`;
+
+    expect(
+      client.createAuthorizationRequestUrl({
+        clientId: 'test-client',
+        codeChallengeMethod: CodeChallengeMethod.SHA256,
+        codeChallenge: 'mE2kPHmIprOqtkaYmESWj35yz-PB5vzdiSu0tAZ8sqs',
+        authorizationDetails: {
+          type: 'openid_credential',
+          format: 'ldp_vc',
+          credential_definition: {
+            '@context': ['https://www.w3.org/2018/credentials/v1', 'https://www.w3.org/2018/credentials/examples/v1'],
+            types: ['VerifiableCredential', 'UniversityDegreeCredential'],
+          },
+        },
+        redirectUri: 'http://localhost:8881/cb',
+      })
+    ).toEqual(
+      'https://server.example.com/v1/auth/authorize?response_type=code&client_id=test-client&code_challenge_method=S256&code_challenge=mE2kPHmIprOqtkaYmESWj35yz-PB5vzdiSu0tAZ8sqs&authorization_details=%7B%22type%22%3A%22openid_credential%22%2C%22format%22%3A%22ldp_vc%22%2C%22credential_definition%22%3A%7B%22%40context%22%3A%5B%22https%3A%2F%2Fwww%2Ew3%2Eorg%2F2018%2Fcredentials%2Fv1%22%2C%22https%3A%2F%2Fwww%2Ew3%2Eorg%2F2018%2Fcredentials%2Fexamples%2Fv1%22%5D%2C%22types%22%3A%5B%22VerifiableCredential%22%2C%22UniversityDegreeCredential%22%5D%7D%2C%22locations%22%3A%22https%3A%2F%2Fserver%2Eexample%2Ecom%22%7D&redirect_uri=http%3A%2F%2Flocalhost%3A8881%2Fcb'
+    );
+  });
+  it('create an authorization request url with authorization_details and scope', async () => {
+    // eslint-disable-next-line @typescript-eslint/ban-ts-comment
+    // @ts-ignore
+    client._endpointMetadata.issuerMetadata.authorization_endpoint = `${MOCK_URL}v1/auth/authorize`;
+
+    expect(
+      client.createAuthorizationRequestUrl({
+        clientId: 'test-client',
+        codeChallengeMethod: CodeChallengeMethod.SHA256,
+        codeChallenge: 'mE2kPHmIprOqtkaYmESWj35yz-PB5vzdiSu0tAZ8sqs',
+        authorizationDetails: {
+          type: 'openid_credential',
+          format: 'ldp_vc',
+          locations: ['https://test.com'],
+          credential_definition: {
+            '@context': ['https://www.w3.org/2018/credentials/v1', 'https://www.w3.org/2018/credentials/examples/v1'],
+            types: ['VerifiableCredential', 'UniversityDegreeCredential'],
+          },
+        },
+        scope: 'openid',
+        redirectUri: 'http://localhost:8881/cb',
+      })
+    ).toEqual(
+      'https://server.example.com/v1/auth/authorize?response_type=code&client_id=test-client&code_challenge_method=S256&code_challenge=mE2kPHmIprOqtkaYmESWj35yz-PB5vzdiSu0tAZ8sqs&authorization_details=%7B%22type%22%3A%22openid_credential%22%2C%22format%22%3A%22ldp_vc%22%2C%22locations%22%3A%5B%22https%3A%2F%2Ftest%2Ecom%22%2C%22https%3A%2F%2Fserver%2Eexample%2Ecom%22%5D%2C%22credential_definition%22%3A%7B%22%40context%22%3A%5B%22https%3A%2F%2Fwww%2Ew3%2Eorg%2F2018%2Fcredentials%2Fv1%22%2C%22https%3A%2F%2Fwww%2Ew3%2Eorg%2F2018%2Fcredentials%2Fexamples%2Fv1%22%5D%2C%22types%22%3A%5B%22VerifiableCredential%22%2C%22UniversityDegreeCredential%22%5D%7D%7D&redirect_uri=http%3A%2F%2Flocalhost%3A8881%2Fcb&scope=openid'
+    );
+  });
+});