Version 1.0.4.

- Take response status into account when resolving `/.well-known/jwt-vc-issuer` URLs
Meeco · Feb 14, 2024 · dc84e84 · dc84e84
1 parent 43e1ee4
commit dc84e84
Show file tree

Hide file tree

Showing 5 changed files with 50 additions and 14 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -5,6 +5,12 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project (loosely) adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## 1.0.4 - 2024-02-14
+
+### Fixed
+
+- Take response status into account when resolving `/.well-known/jwt-vc-issuer` URLs
+
 ## 1.0.3 - 2024-02-14
 
 ### Added 

diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@meeco/sd-jwt-vc",
-  "version": "1.0.3",
+  "version": "1.0.4",
   "description": "SD-JWT VC implementation in typescript",
   "scripts": {
     "build": "tsc",

diff --git a/src/util.spec.ts b/src/util.spec.ts
@@ -27,6 +27,7 @@ describe('getIssuerPublicKeyFromIss', () => {
     (global as any).fetch = jest.fn().mockImplementation((url: string) => {
       if (url === jwtIssuerWellKnownUrl) {
         return Promise.resolve({
+          ok: true,
           json: () =>
             Promise.resolve({
               issuer: jwt.payload.iss,
@@ -35,6 +36,7 @@ describe('getIssuerPublicKeyFromIss', () => {
         });
       } else if (url === jwksUri) {
         return Promise.resolve({
+          ok: true,
           json: () =>
             Promise.resolve({
               keys: [
@@ -71,6 +73,7 @@ describe('getIssuerPublicKeyFromIss', () => {
     (global as any).fetch = jest.fn().mockImplementation((url: string) => {
       if (url === jwtIssuerWellKnownUrl) {
         return Promise.resolve({
+          ok: true,
           json: () =>
             Promise.resolve({
               issuer: jwt.payload.iss,
@@ -108,17 +111,15 @@ describe('getIssuerPublicKeyFromIss', () => {
 
     (global as any).fetch = jest.fn().mockImplementation((url: string) => {
       if (url === jwtIssuerWellKnownUrl) {
-        return Promise.reject({
-          json: () =>
-            Promise.resolve({
-              status: 404,
-              json: () => Promise.reject(new SDJWTVCError('Issuer response not found')),
-            }),
+        return Promise.resolve({
+          ok: false,
+          json: () => Promise.reject(new SDJWTVCError('Issuer response not found')),
         });
       }
 
       if (url === jwtIssuerWellKnownFallbackUrl) {
         return Promise.resolve({
+          ok: true,
           json: () =>
             Promise.resolve({
               issuer: jwt.payload.iss,
@@ -149,6 +150,7 @@ describe('getIssuerPublicKeyFromIss', () => {
 
   it('should throw an error if issuer response is not found', async () => {
     (global as any).fetch = jest.fn().mockResolvedValueOnce({
+      ok: true,
       json: () => Promise.resolve(null),
     });
 
@@ -160,6 +162,7 @@ describe('getIssuerPublicKeyFromIss', () => {
 
   it('should throw an error if issuer response does not contain the correct issuer', async () => {
     (global as any).fetch = jest.fn().mockResolvedValueOnce({
+      ok: true,
       json: () =>
         Promise.resolve({
           issuer: 'wrong-issuer',
@@ -176,6 +179,7 @@ describe('getIssuerPublicKeyFromIss', () => {
 
   it('should throw an error if issuer public key JWK is not found', async () => {
     (global as any).fetch = jest.fn().mockResolvedValueOnce({
+      ok: true,
       json: () =>
         Promise.resolve({
           issuer: jwt.payload.iss,
@@ -195,6 +199,7 @@ describe('getIssuerPublicKeyFromIss', () => {
 
   it('should throw an error if issuer response does not contain jwks or jwks_uri', async () => {
     (global as any).fetch = jest.fn().mockResolvedValueOnce({
+      ok: true,
       json: () =>
         Promise.resolve({
           issuer: jwt.payload.iss,
@@ -211,6 +216,7 @@ describe('getIssuerPublicKeyFromIss', () => {
 
   it('should throw an error if jwks_uri response does not contain the correct issuer', async () => {
     (global as any).fetch = jest.fn().mockResolvedValueOnce({
+      ok: true,
       json: () =>
         Promise.resolve({
           issuer: 'wrong-issuer',
@@ -228,6 +234,7 @@ describe('getIssuerPublicKeyFromIss', () => {
 
   it('should throw an error if well-known returns empty response', async () => {
     (global as any).fetch = jest.fn().mockResolvedValueOnce({
+      ok: true,
       json: () => Promise.resolve({}),
     });
 
@@ -241,6 +248,7 @@ describe('getIssuerPublicKeyFromIss', () => {
 
   it('throws error if issuer from well-known file does not match one inside the sd-jwt', async () => {
     (global as any).fetch = jest.fn().mockResolvedValue({
+      ok: true,
       json: () =>
         Promise.resolve({
           issuer: 'http://some.other/issuer',
@@ -268,11 +276,17 @@ describe('getIssuerPublicKeyFromIss', () => {
   it('should throw an error if well-known calls return errors', async () => {
     (global as any).fetch = jest
       .fn()
-      .mockRejectedValueOnce(new Error('internal server error 1'))
-      .mockRejectedValueOnce(new Error('internal server error 2'));
+      .mockResolvedValue({
+        ok: false,
+        json: () => Promise.resolve({ message: 'not found' }),
+      })
+      .mockResolvedValue({
+        ok: false,
+        json: () => Promise.resolve({ message: 'internal server error' }),
+      });
 
     await expect(getIssuerPublicKeyFromWellKnownURI(sdJwtVC, issuerPath)).rejects.toThrow(
-      'Failed to fetch and parse the response from https://valid.issuer.url/.well-known/jwt-vc-issuer/user/1234 as JSON. Error: internal server error 1. Fallback fetch and parse the response from https://valid.issuer.url/.well-known/jwt-issuer/user/1234 failed as well. Error: internal server error 2.',
+      'Failed to fetch and parse the response from https://valid.issuer.url/.well-known/jwt-vc-issuer/user/1234 as JSON. Error: {"message":"internal server error"}. Fallback fetch and parse the response from https://valid.issuer.url/.well-known/jwt-issuer/user/1234 failed as well. Error: {"message":"internal server error"}.',
     );
 
     expect(fetch).toHaveBeenCalledTimes(2);

diff --git a/src/util.ts b/src/util.ts
@@ -47,7 +47,15 @@ export async function getIssuerPublicKeyFromWellKnownURI(sdJwtVC: JWT, issuerPat
   const issuerUrl = `${baseUrl}/.well-known/jwt-vc-issuer/${issuerPath}`;
 
   const [responseJson, error] = await fetch(issuerUrl)
-    .then(async (response) => [await response.json(), null])
+    .then(async (response) => {
+      const body = await response.json();
+
+      if (!response.ok) {
+        throw new Error(JSON.stringify(body));
+      }
+
+      return [body, null];
+    })
     .catch(async (err) => {
       /**
        * @deprecated
@@ -62,7 +70,15 @@ export async function getIssuerPublicKeyFromWellKnownURI(sdJwtVC: JWT, issuerPat
       );
 
       return fetch(issuerFallbackUrl)
-        .then(async (response) => [await response.json(), null])
+        .then(async (response) => {
+          const body = await response.json();
+
+          if (!response.ok) {
+            throw new Error(JSON.stringify(body));
+          }
+
+          return [body, null];
+        })
         .catch((fallbackErr) => {
           return [
             null,