Feat/support unencoded jwt authorization requests (#40)

* Add temporary support for unencoded JWT authorization requests * Remove unnecessary comment * use serde deserialize serialize derive for authorization response Signed-off-by: Ryan Tate <[email protected]> * update url encoding for auth response Signed-off-by: Ryan Tate <[email protected]> * fix unit tests Signed-off-by: Ryan Tate <[email protected]> * use custom struct for json string encoded authorization response inner values Signed-off-by: Ryan Tate <[email protected]> * allow unencoded authorization request Signed-off-by: Ryan Tate <[email protected]> --------- Signed-off-by: Ryan Tate <[email protected]> Co-authored-by: Joey Silberman <[email protected]> Co-authored-by: Ryan Tate <[email protected]>
spruceid · Nov 20, 2024 · 55b36f9 · 55b36f9
1 parent dcc962b
commit 55b36f9
Showing 1 changed file with 8 additions and 0 deletions.
diff --git a/src/core/authorization_request/verification/did.rs b/src/core/authorization_request/verification/did.rs
@@ -40,6 +40,14 @@ pub async fn verify_with_resolver(
         bail!("request was signed with unsupported algorithm: {alg}")
     }
 
+    // This bypass is for unencoded JWT requests, but we will need to change this later
+    // so that trust is preserved when receiving unencoded requests
+    // NOTE: This requires that `Algorithm::None` is permitted in the wallet metadata
+    // Otherwise, this function will error in the previous assertion.
+    if alg.contains("none") {
+        return Ok(());
+    }
+
     let Json::String(kid) = headers
         .remove("kid")
         .context("'kid' was missing from jwt headers")?