@sphereon/ssi-sdk.siopv2-oid4vp-rp-rest-api 0.34.1-fix.182 → 0.34.1-fix.223

package/src/siop-api-functions.ts

@@ -46,19 +46,30 @@ export function verifyAuthResponseSIOPv2Endpoint(router: Router, context: IRequi
     console.log(`verifyAuthResponse SIOP endpoint is disabled`)
     return
   }
-  const path = opts?.path ?? '/siop/definitions/:definitionId/auth-responses/:correlationId'
+  const path = opts?.path ?? '/siop/queries/:queryId/auth-responses/:correlationId'
   router.post(path, checkAuth(opts?.endpoint), async (request: Request, response: Response) => {
     try {
       const { correlationId, queryId, tenantId, version } = request.params
-      if (!correlationId || !queryId) {
-        console.log(`No authorization request could be found for the given url. correlationId: ${correlationId}, queryId: ${queryId}`)
+      if (!correlationId) {
+        console.log(`No authorization request could be found for the given url. correlationId: ${correlationId}`)
         return sendErrorResponse(response, 404, 'No authorization request could be found')
       }
-      console.log('Authorization Response (siop-sessions')
-      console.log(JSON.stringify(request.body, null, 2))
-      const definitionItems = await context.agent.pdmGetDefinitions({ filter: [{ queryId, tenantId, version }] })
+      console.debug('Authorization Response (siop-sessions') // TODO use logger
+      console.debug(JSON.stringify(request.body, null, 2))
+      const definitionItems = await context.agent.pdmGetDefinitions({
+        filter: [
+          {
+            queryId,
+            ...(tenantId && { tenantId }),
+            ...(version && { version }),
+          },
+          {
+            id: queryId,
+          },
+        ],
+      })
       if (definitionItems.length === 0) {
-        console.log(`Could not get definition ${queryId} from agent. Will return 404`)
+        console.log(`Could not get dcql query with id ${queryId} from agent. Will return 404`)
         response.statusCode = 404
         response.statusMessage = `No definition ${queryId}`
         return response.send()
@@ -71,7 +82,6 @@ export function verifyAuthResponseSIOPv2Endpoint(router: Router, context: IRequi
       const verifiedResponse = await context.agent.siopVerifyAuthResponse({
         authorizationResponse,
         correlationId,
-        queryId,
         dcqlQuery: definitionItem.query,
       })
 
@@ -89,7 +99,7 @@ export function verifyAuthResponseSIOPv2Endpoint(router: Router, context: IRequi
           return response.send(JSON.stringify(authorizationChallengeValidationResponse))
         }
 
-        const responseRedirectURI = await context.agent.siopGetRedirectURI({ correlationId, queryId: queryId, state: verifiedResponse.state })
+        const responseRedirectURI = await context.agent.siopGetRedirectURI({ correlationId, queryId, state: verifiedResponse.state })
         if (responseRedirectURI) {
           response.setHeader('Content-Type', 'application/json')
           return response.send(JSON.stringify({ redirect_uri: responseRedirectURI }))
@@ -113,26 +123,35 @@ export function getAuthRequestSIOPv2Endpoint(router: Router, context: IRequiredC
     console.log(`getAuthRequest SIOP endpoint is disabled`)
     return
   }
-  const path = opts?.path ?? '/siop/definitions/:definitionId/auth-requests/:correlationId'
+  const path = opts?.path ?? '/siop/queries/:queryId/auth-requests/:correlationId'
   router.get(path, checkAuth(opts?.endpoint), async (request: Request, response: Response) => {
     try {
       const correlationId = request.params.correlationId
-      const definitionId = request.params.definitionId
-      if (!correlationId || !definitionId) {
-        console.log(`No authorization request could be found for the given url. correlationId: ${correlationId}, definitionId: ${definitionId}`)
+      const queryId = request.params.queryId
+      if (!correlationId || !queryId) {
+        console.log(`No authorization request could be found for the given url. correlationId: ${correlationId}, queryId: ${queryId}`)
         return sendErrorResponse(response, 404, 'No authorization request could be found')
       }
       const requestState = await context.agent.siopGetAuthRequestState({
         correlationId,
-        queryId: definitionId,
         errorOnNotFound: false,
       })
       if (!requestState) {
         console.log(
-          `No authorization request could be found for the given url in the state manager. correlationId: ${correlationId}, definitionId: ${definitionId}`,
+          `No authorization request could be found for the given url in the state manager. correlationId: ${correlationId}, definitionId: ${queryId}`,
         )
         return sendErrorResponse(response, 404, `No authorization request could be found`)
       }
+
+      const definitionItems = await context.agent.pdmGetDefinitions({ filter: [{ queryId }] });
+      if (definitionItems.length === 0) {
+        console.log(`Could not get dcql query with id ${queryId} from agent. Will return 404`)
+        response.statusCode = 404
+        response.statusMessage = `No definition ${queryId}`
+        return response.send()
+      }
+      const payload = requestState.request?.requestObject?.getPayload()!
+      payload.dcql_query = definitionItems[0].query
       const requestObject = await requestState.request?.requestObject?.toJwt()
       console.log('JWT Request object:')
       console.log(requestObject)
@@ -148,7 +167,6 @@ export function getAuthRequestSIOPv2Endpoint(router: Router, context: IRequiredC
       } finally {
         await context.agent.siopUpdateAuthRequestState({
           correlationId,
-          queryId: definitionId,
           state: 'authorization_request_created',
           error,
         })

package/src/types/types.ts

@@ -1,13 +1,12 @@
-import { IAgentContext, ICredentialVerifier } from '@veramo/core'
+import { CreateAuthorizationRequestPayload, CreateAuthorizationResponsePayload } from '@sphereon/did-auth-siop'
 import { GenericAuthArgs, ISingleEndpointOpts } from '@sphereon/ssi-express-support'
-import { ISIOPv2RP } from '@sphereon/ssi-sdk.siopv2-oid4vp-rp-auth'
 import { IPDManager } from '@sphereon/ssi-sdk.pd-manager'
-import { AdditionalClaims } from '@sphereon/ssi-types'
 import { AuthorizationRequestStateStatus, AuthorizationResponseStateStatus } from '@sphereon/ssi-sdk.siopv2-oid4vp-common'
+import { ISIOPv2RP } from '@sphereon/ssi-sdk.siopv2-oid4vp-rp-auth'
+import { IAgentContext, ICredentialVerifier } from '@veramo/core'
 import { Request, Response } from 'express'
-import { z } from 'zod'
-import { CreateAuthorizationRequestBodySchema, CreateAuthorizationResponseSchema } from '../schemas'
 import { QRCodeOpts } from './QRCode.types'
+import { VerifiedData } from '@sphereon/did-auth-siop'
 
 export type SiopFeatures = 'rp-status' | 'siop'
 
@@ -36,24 +35,20 @@ export interface ICreateAuthRequestWebappEndpointOpts extends ISingleEndpointOpt
 export type IRequiredPlugins = ICredentialVerifier & ISIOPv2RP & IPDManager
 export type IRequiredContext = IAgentContext<IRequiredPlugins>
 
-export type CreateAuthorizationRequest = Request<Record<string, never>, any, CreateAuthorizationRequestBody, Record<string, never>>
+export type CreateAuthorizationRequestPayloadRequest = Request<Record<string, never>, any, CreateAuthorizationRequestPayload, Record<string, never>>
 
-export type CreateAuthorizationRequestBody = z.infer<typeof CreateAuthorizationRequestBodySchema>;
-
-export type CreateAuthorizationResponse = Response<CreateAuthorizationRequestResponse>
-
-export type CreateAuthorizationRequestResponse = z.infer<typeof CreateAuthorizationResponseSchema>;
+export type CreateAuthorizationResponsePayloadResponse = Response<CreateAuthorizationResponsePayload>
 
 export type DeleteAuthorizationRequest = Request<DeleteAuthorizationRequestPathParameters, any, Record<string, any>, Record<string, any>>
 
 export type DeleteAuthorizationRequestPathParameters = {
-  correlationId: string;
+  correlationId: string
 }
 
 export type GetAuthorizationRequestStatus = Request<GetAuthorizationRequestStatusPathParameters, any, Record<string, any>, Record<string, any>>
 
 export type GetAuthorizationRequestStatusPathParameters = {
-  correlationId: string;
+  correlationId: string
 }
 
 export type RequestError = {
@@ -70,29 +65,3 @@ export interface AuthStatusResponse {
   verified_data?: VerifiedData
   error?: RequestError
 }
-
-export type VerifiedData = {
-  authorization_response?: AuthorizationResponse
-  credential_claims?: AdditionalClaims
-}
-
-export type AuthorizationResponse = {
-  presentation_submission?: Record<string, any>
-  vp_token?: VpToken
-}
-
-export type SingleObjectVpTokenPE = Record<string, any>
-
-export type SingleStringVpTokenPE = string
-
-export type MultipleVpTokens = Array<SingleObjectVpTokenPE> | Array<SingleStringVpTokenPE>
-
-export type MultipleVpTokenDCQL = {
-  [key: string]: MultipleVpTokens
-}
-
-export type VpToken =
-  | SingleObjectVpTokenPE
-  | SingleStringVpTokenPE
-  | MultipleVpTokens
-  | MultipleVpTokenDCQL

package/src/universal-oid4vp-api-functions.ts

@@ -1,19 +1,24 @@
-import { AuthorizationResponseStateStatus } from '@sphereon/did-auth-siop'
+import {
+  AuthorizationRequestStateStatus,
+  CreateAuthorizationRequest,
+  createAuthorizationRequestFromPayload,
+  CreateAuthorizationRequestPayloadSchema,
+  CreateAuthorizationResponsePayload,
+} from '@sphereon/did-auth-siop'
 import { checkAuth, ISingleEndpointOpts, sendErrorResponse } from '@sphereon/ssi-express-support'
 import { uriWithBase } from '@sphereon/ssi-sdk.siopv2-oid4vp-common'
 import { Request, Response, Router } from 'express'
 import uuid from 'short-uuid'
 import { validateData } from './middleware/validationMiddleware'
-import { CreateAuthorizationRequestBodySchema } from './schemas'
 import {
-  CreateAuthorizationRequest,
-  CreateAuthorizationRequestResponse,
-  CreateAuthorizationResponse,
+  AuthStatusResponse,
+  CreateAuthorizationRequestPayloadRequest,
+  CreateAuthorizationResponsePayloadResponse,
   DeleteAuthorizationRequest,
   GetAuthorizationRequestStatus,
-  AuthStatusResponse,
   ICreateAuthRequestWebappEndpointOpts,
   IRequiredContext,
+  QRCodeOpts,
 } from './types'
 
 export function createAuthRequestUniversalOID4VPEndpoint(router: Router, context: IRequiredContext, opts?: ICreateAuthRequestWebappEndpointOpts) {
@@ -26,26 +31,29 @@ export function createAuthRequestUniversalOID4VPEndpoint(router: Router, context
   router.post(
     path,
     checkAuth(opts?.endpoint),
-    validateData(CreateAuthorizationRequestBodySchema),
-    async (request: CreateAuthorizationRequest, response: CreateAuthorizationResponse) => {
+    validateData(CreateAuthorizationRequestPayloadSchema),
+    async (request: CreateAuthorizationRequestPayloadRequest, response: CreateAuthorizationResponsePayloadResponse) => {
       try {
-        const correlationId = request.body.correlation_id ?? uuid.uuid()
-        const qrCodeOpts = request.body.qr_code ?? opts?.qrCodeOpts
-        const queryId = request.body.query_id
-        const directPostResponseRedirectUri = request.body.direct_post_response_redirect_uri // TODO Uri not URI
-        const requestUriBase = request.body.request_uri_base
-        const callback = request.body.callback
-
-        const definitionItems = await context.agent.pdmGetDefinitions({ filter: [{ queryId }] })
+        const authRequest: CreateAuthorizationRequest = createAuthorizationRequestFromPayload(request.body)
+        const correlationId = authRequest.correlationId ?? uuid.uuid()
+        const qrCodeOpts = authRequest.qrCode ? ({ ...authRequest.qrCode } satisfies QRCodeOpts) : opts?.qrCodeOpts
+        const queryId = authRequest.queryId
+
+        const definitionItems = await context.agent.pdmGetDefinitions({
+          filter: [
+            { id: queryId }, // Allow both PK (unique queryId + version combi) or just plain queryId which assumes the latest version
+            { queryId },
+          ],
+        })
         if (definitionItems.length === 0) {
           console.log(`No query could be found for the given id. Query id: ${queryId}`)
           return sendErrorResponse(response, 404, { status: 404, message: 'No query could be found' })
         }
 
-        const requestByReferenceURI = uriWithBase(`/siop/definitions/${queryId}/auth-requests/${correlationId}`, {
-          baseURI: requestUriBase ?? opts?.siopBaseURI,
+        const requestByReferenceURI = uriWithBase(`/siop/queries/${queryId}/auth-requests/${correlationId}`, {
+          baseURI: authRequest.requestUriBase ?? opts?.siopBaseURI,
         })
-        const responseURI = uriWithBase(`/siop/definitions/${queryId}/auth-responses/${correlationId}`, { baseURI: opts?.siopBaseURI })
+        const responseURI = uriWithBase(`/siop/queries/${queryId}/auth-responses/${correlationId}`, { baseURI: opts?.siopBaseURI })
 
         const authRequestURI = await context.agent.siopCreateAuthRequestURI({
           queryId,
@@ -54,8 +62,8 @@ export function createAuthRequestUniversalOID4VPEndpoint(router: Router, context
           requestByReferenceURI,
           responseURIType: 'response_uri',
           responseURI,
-          ...(directPostResponseRedirectUri && { responseRedirectURI: directPostResponseRedirectUri }),
-          callback,
+          ...(authRequest.directPostResponseRedirectUri && { responseRedirectURI: authRequest.directPostResponseRedirectUri }),
+          ...(authRequest.callback && { callback: authRequest.callback }),
         })
 
         let qrCodeDataUri: string | undefined
@@ -63,6 +71,8 @@ export function createAuthRequestUniversalOID4VPEndpoint(router: Router, context
           const { AwesomeQR } = await import('awesome-qr')
           const qrCode = new AwesomeQR({ ...qrCodeOpts, text: authRequestURI })
           qrCodeDataUri = `data:image/png;base64,${(await qrCode.draw())!.toString('base64')}`
+        } else {
+          qrCodeDataUri = authRequestURI
         }
 
         const authRequestBody = {
@@ -71,7 +81,7 @@ export function createAuthRequestUniversalOID4VPEndpoint(router: Router, context
           request_uri: authRequestURI,
           status_uri: `${uriWithBase(opts?.webappAuthStatusPath ?? `/backend/auth/status/${correlationId}`, { baseURI: opts?.webappBaseURI })}`,
           ...(qrCodeDataUri && { qr_uri: qrCodeDataUri }),
-        } satisfies CreateAuthorizationRequestResponse
+        } satisfies CreateAuthorizationResponsePayload
         console.log(`Auth Request URI data to send back: ${JSON.stringify(authRequestBody)}`)
 
         return response.status(201).json(authRequestBody)
@@ -134,8 +144,11 @@ export function authStatusUniversalOID4VPEndpoint(router: Router, context: IRequ
       }
 
       let responseState
-      if (requestState.status === 'authorization_request_created') {
-        responseState = await context.agent.siopGetAuthResponseState({ correlationId, errorOnNotFound: false })
+      if (requestState.status === AuthorizationRequestStateStatus.RETRIEVED) {
+        responseState = await context.agent.siopGetAuthResponseState({
+          correlationId,
+          errorOnNotFound: false
+        })
       }
       const overallState = responseState ?? requestState
 
@@ -144,9 +157,8 @@ export function authStatusUniversalOID4VPEndpoint(router: Router, context: IRequ
         correlation_id: overallState.correlationId,
         query_id: overallState.queryId,
         last_updated: overallState.lastUpdated,
-        ...(responseState?.status === AuthorizationResponseStateStatus.VERIFIED &&
-          responseState.verifiedData !== undefined && { verified_data: responseState.verifiedData }),
-        ...(overallState.error && { message: overallState.error.message }),
+        ...('verifiedData' in overallState && { verified_data: overallState.verifiedData }),
+        ...(overallState.error && { message: overallState.error.message })
       } satisfies AuthStatusResponse
       console.debug(`Will send auth status: ${JSON.stringify(statusBody)}`)
 

package/src/schemas/index.ts

@@ -1,36 +0,0 @@
-import { CallbackOptsSchema, RequestUriMethod, ResponseMode, ResponseType } from '@sphereon/did-auth-siop'
-import { z } from 'zod'
-
-export const ResponseTypeSchema = z.enum([ResponseType.VP_TOKEN])
-
-export const ResponseModeSchema = z.enum([ResponseMode.DIRECT_POST, ResponseMode.DIRECT_POST_JWT])
-
-const requestUriMethods = ['get', 'post'] as const satisfies Array<RequestUriMethod>
-export const RequestUriMethodSchema = z.enum(requestUriMethods)
-export const QRCodeOptsSchema = z.object({
-  size: z.number().optional(),
-  color_dark: z.string().optional(),
-  color_light: z.string().optional(),
-})
-
-export const CreateAuthorizationRequestBodySchema = z.object({
-  query_id: z.string(),
-  client_id: z.string().optional(),
-  request_uri_base: z.string().optional(),
-  correlation_id: z.string().optional(),
-  request_uri_method: RequestUriMethodSchema.optional(),
-  response_type: ResponseTypeSchema.optional(),
-  response_mode: ResponseModeSchema.optional(),
-  transaction_data: z.array(z.string()).optional(),
-  qr_code: QRCodeOptsSchema.optional(),
-  direct_post_response_redirect_uri: z.string().optional(),
-  callback: CallbackOptsSchema.optional(),
-})
-
-export const CreateAuthorizationResponseSchema = z.object({
-  correlation_id: z.string(),
-  query_id: z.string(),
-  request_uri: z.string(),
-  status_uri: z.string(),
-  qr_uri: z.string().optional(),
-})

package/src/webapp-api-functions.ts

@@ -1,183 +0,0 @@
-import { AuthorizationRequestState, AuthorizationResponseStateStatus } from '@sphereon/did-auth-siop'
-import { checkAuth, ISingleEndpointOpts, sendErrorResponse } from '@sphereon/ssi-express-support'
-import { AuthStatusResponse, GenerateAuthRequestURIResponse, uriWithBase } from '@sphereon/ssi-sdk.siopv2-oid4vp-common'
-import { AuthorizationResponseStateWithVerifiedData, VerifiedDataMode } from '@sphereon/ssi-sdk.siopv2-oid4vp-rp-auth'
-import { shaHasher as defaultHasher } from '@sphereon/ssi-sdk.core'
-import { Request, Response, Router } from 'express'
-import uuid from 'short-uuid'
-import { ICreateAuthRequestWebappEndpointOpts, IRequiredContext } from './types'
-
-export function createAuthRequestWebappEndpoint(router: Router, context: IRequiredContext, opts?: ICreateAuthRequestWebappEndpointOpts) {
-  if (opts?.enabled === false) {
-    console.log(`createAuthRequest Webapp endpoint is disabled`)
-    return
-  }
-  const path = opts?.path ?? '/webapp/definitions/:definitionId/auth-requests'
-  router.post(path, checkAuth(opts?.endpoint), async (request: Request, response: Response) => {
-    try {
-      // if (!request.agent) throw Error('No agent configured')
-      const definitionId = request.params.definitionId
-      if (!definitionId) {
-        return sendErrorResponse(response, 400, 'No definitionId query parameter provided')
-      }
-      const state: string = request.body.state ?? uuid.uuid()
-      const correlationId = request.body.correlationId ?? state
-      const qrCodeOpts = request.body.qrCodeOpts ?? opts?.qrCodeOpts
-
-      const requestByReferenceURI = uriWithBase(`/siop/definitions/${definitionId}/auth-requests/${state}`, {
-        baseURI: opts?.siopBaseURI,
-      })
-      const responseURI = uriWithBase(`/siop/definitions/${definitionId}/auth-responses/${state}`, { baseURI: opts?.siopBaseURI })
-      // first version is for backwards compat
-      const responseRedirectURI =
-        ('response_redirect_uri' in request.body && (request.body.response_redirect_uri as string | undefined)) ??
-        ('responseRedirectURI' in request.body && (request.body.responseRedirectURI as string | undefined))
-
-      const authRequestURI = await context.agent.siopCreateAuthRequestURI({
-        definitionId,
-        correlationId,
-        state,
-        nonce: uuid.uuid(),
-        requestByReferenceURI,
-        responseURIType: 'response_uri',
-        responseURI,
-        ...(responseRedirectURI && { responseRedirectURI }),
-      })
-
-      let qrCodeDataUri: string | undefined
-      if (qrCodeOpts) {
-        const { AwesomeQR } = await import('awesome-qr')
-        const qrCode = new AwesomeQR({ ...qrCodeOpts, text: authRequestURI })
-        qrCodeDataUri = `data:image/png;base64,${(await qrCode.draw())!.toString('base64')}`
-      }
-      const authRequestBody: GenerateAuthRequestURIResponse = {
-        correlationId,
-        state,
-        definitionId,
-        authRequestURI,
-        authStatusURI: `${uriWithBase(opts?.webappAuthStatusPath ?? '/webapp/auth-status', { baseURI: opts?.webappBaseURI })}`,
-        ...(qrCodeDataUri && { qrCodeDataUri }),
-      }
-      console.log(`Auth Request URI data to send back: ${JSON.stringify(authRequestBody)}`)
-      return response.json(authRequestBody)
-    } catch (error) {
-      return sendErrorResponse(response, 500, 'Could not create an authorization request URI', error)
-    }
-  })
-}
-
-export function authStatusWebappEndpoint(router: Router, context: IRequiredContext, opts?: ISingleEndpointOpts) {
-  if (opts?.enabled === false) {
-    console.log(`authStatus Webapp endpoint is disabled`)
-    return
-  }
-  const path = opts?.path ?? '/webapp/auth-status'
-  router.post(path, checkAuth(opts?.endpoint), async (request: Request, response: Response) => {
-    try {
-      console.log('Received auth-status request...')
-      const correlationId: string = request.body.correlationId as string
-      const definitionId: string = request.body.definitionId as string
-
-      const requestState =
-        correlationId && definitionId
-          ? await context.agent.siopGetAuthRequestState({
-              correlationId,
-              definitionId,
-              errorOnNotFound: false,
-            })
-          : undefined
-      if (!requestState || !definitionId || !correlationId) {
-        console.log(
-          `No authentication request mapping could be found for the given URL. correlation: ${correlationId}, definitionId: ${definitionId}`,
-        )
-        response.statusCode = 404
-        const statusBody: AuthStatusResponse = {
-          status: requestState ? requestState.status : 'error',
-          error: 'No authentication request mapping could be found for the given URL.',
-          correlationId,
-          definitionId,
-          lastUpdated: requestState ? requestState.lastUpdated : Date.now(),
-        }
-        return response.json(statusBody)
-      }
-
-      let includeVerifiedData: VerifiedDataMode = VerifiedDataMode.NONE
-      if ('includeVerifiedData' in request.body) {
-        includeVerifiedData = request.body.includeVerifiedData as VerifiedDataMode
-      }
-
-      let responseState
-      if (requestState.status === 'sent') {
-        responseState = (await context.agent.siopGetAuthResponseState({
-          correlationId,
-          definitionId,
-          includeVerifiedData: includeVerifiedData,
-          errorOnNotFound: false,
-        })) as AuthorizationResponseStateWithVerifiedData
-      }
-      const overallState: AuthorizationRequestState | AuthorizationResponseStateWithVerifiedData = responseState ?? requestState
-
-      const statusBody: AuthStatusResponse = {
-        status: overallState.status,
-        ...(overallState.error ? { error: overallState.error?.message } : {}),
-        correlationId,
-        definitionId,
-        lastUpdated: overallState.lastUpdated,
-        ...(responseState && responseState.status === AuthorizationResponseStateStatus.VERIFIED
-          ? {
-              payload: await responseState.response.mergedPayloads({ hasher: defaultHasher }),
-              verifiedData: responseState.verifiedData,
-            }
-          : {}),
-      }
-      console.debug(`Will send auth status: ${JSON.stringify(statusBody)}`)
-      if (overallState.status === 'error') {
-        response.statusCode = 500
-        return response.json(statusBody)
-      }
-      response.statusCode = 200
-      return response.json(statusBody)
-    } catch (error) {
-      return sendErrorResponse(response, 500, error.message, error)
-    }
-  })
-}
-
-export function removeAuthRequestStateWebappEndpoint(router: Router, context: IRequiredContext, opts?: ISingleEndpointOpts) {
-  if (opts?.enabled === false) {
-    console.log(`removeAuthStatus Webapp endpoint is disabled`)
-    return
-  }
-  const path = opts?.path ?? '/webapp/definitions/:definitionId/auth-requests/:correlationId'
-  router.delete(path, checkAuth(opts?.endpoint), async (request: Request, response: Response) => {
-    try {
-      const correlationId: string = request.params.correlationId
-      const definitionId: string = request.params.definitionId
-      if (!correlationId || !definitionId) {
-        console.log(`No authorization request could be found for the given url. correlationId: ${correlationId}, definitionId: ${definitionId}`)
-        return sendErrorResponse(response, 404, 'No authorization request could be found')
-      }
-      response.statusCode = 200
-      return response.json(await context.agent.siopDeleteAuthState({ definitionId, correlationId }))
-    } catch (error) {
-      return sendErrorResponse(response, 500, error.message, error)
-    }
-  })
-}
-
-export function getDefinitionsEndpoint(router: Router, context: IRequiredContext, opts?: ISingleEndpointOpts) {
-  if (opts?.enabled === false) {
-    console.log(`getDefinitions Webapp endpoint is disabled`)
-    return
-  }
-  const path = opts?.path ?? '/webapp/definitions'
-  router.get(path, checkAuth(opts?.endpoint), async (request: Request, response: Response) => {
-    try {
-      const definitions = await context.agent.pdmGetDefinitions()
-      response.statusCode = 200
-      return response.json(definitions)
-    } catch (error) {
-      return sendErrorResponse(response, 500, error.message, error)
-    }
-  })
-}