diff --git a/packages/oidc4vc/lib/src/models/openid_configuration.dart b/packages/oidc4vc/lib/src/models/openid_configuration.dart index 93afe2075..bb5ae2d08 100644 --- a/packages/oidc4vc/lib/src/models/openid_configuration.dart +++ b/packages/oidc4vc/lib/src/models/openid_configuration.dart @@ -61,8 +61,8 @@ class OpenIdConfiguration extends Equatable { final String? issuer; @JsonKey(name: 'jwks_uri') final String? jwksUri; - @JsonKey(name: 'require_pushed_authorization_requests') - final bool? requirePushedAuthorizationRequests; + @JsonKey(name: 'require_pushed_authorization_requests', defaultValue: false) + final bool requirePushedAuthorizationRequests; @JsonKey(name: 'grant_types_supported') final List? grantTypesSupported; diff --git a/packages/oidc4vc/lib/src/oidc4vc.dart b/packages/oidc4vc/lib/src/oidc4vc.dart index 5f4a6e9ca..c28d82ee2 100644 --- a/packages/oidc4vc/lib/src/oidc4vc.dart +++ b/packages/oidc4vc/lib/src/oidc4vc.dart @@ -337,8 +337,9 @@ class OIDC4VC { if (secureAuthorizedFlow) { myRequest['client_metadata'] = Uri.encodeComponent(jsonEncode(clientMetaData)); - } else { + } else if (clientAuthentication != ClientAuthentication.clientSecretJwt) { myRequest['client_metadata'] = jsonEncode(clientMetaData); + // paramètre config du portail, on ne met pas si : client authentication : } switch (clientAuthentication) { case ClientAuthentication.none: @@ -353,9 +354,13 @@ class OIDC4VC { myRequest['client_id'] = clientId; case ClientAuthentication.clientSecretJwt: myRequest['client_id'] = clientId; - myRequest['client_assertion'] = clientAssertion; - myRequest['client_assertion_type'] = - 'urn:ietf:params:oauth:client-assertion-type:jwt-client-attestation'; + if (secureAuthorizedFlow || + openIdConfiguration.requirePushedAuthorizationRequests) { + myRequest['client_assertion'] = clientAssertion; + myRequest['client_assertion_type'] = + // ignore: lines_longer_than_80_chars + 'urn:ietf:params:oauth:client-assertion-type:jwt-client-attestation'; + } } if (scope) {