Add a media type to error responses on OID4VC endpoints

Closes keycloak#31585 Signed-off-by: Ingrid Kamga <[email protected]>
DevVault · Aug 2, 2024 · 7c69c85 · 7c69c85
1 parent 4a15e1c
commit 7c69c85
Show file tree

Hide file tree

Showing 3 changed files with 14 additions and 5 deletions.
diff --git a/services/src/main/java/org/keycloak/protocol/oid4vc/issuance/OID4VCIssuerEndpoint.java b/services/src/main/java/org/keycloak/protocol/oid4vc/issuance/OID4VCIssuerEndpoint.java
@@ -494,7 +494,11 @@ private String generateAuthorizationCodeForClientSession(AuthenticatedClientSess
     private Response getErrorResponse(ErrorType errorType) {
         var errorResponse = new ErrorResponse();
         errorResponse.setError(errorType);
-        return Response.status(Response.Status.BAD_REQUEST).entity(errorResponse).build();
+        return Response
+                .status(Response.Status.BAD_REQUEST)
+                .entity(errorResponse)
+                .type(MediaType.APPLICATION_JSON)
+                .build();
     }
 
     // Return all {@link  OID4VCClient}s that support the given scope and format

diff --git a/...test/java/org/keycloak/testsuite/oid4vc/issuance/signing/OID4VCJWTIssuerEndpointTest.java b/...test/java/org/keycloak/testsuite/oid4vc/issuance/signing/OID4VCJWTIssuerEndpointTest.java
@@ -20,6 +20,7 @@
 import jakarta.ws.rs.client.Entity;
 import jakarta.ws.rs.client.WebTarget;
 import jakarta.ws.rs.core.HttpHeaders;
+import jakarta.ws.rs.core.MediaType;
 import jakarta.ws.rs.core.Response;
 import org.apache.commons.io.IOUtils;
 import org.apache.http.HttpStatus;
@@ -102,7 +103,9 @@ public void testGetCredentialOfferUriInvalidToken() throws Throwable {
                     AppAuthManager.BearerTokenAuthenticator authenticator = new AppAuthManager.BearerTokenAuthenticator(session);
                     authenticator.setTokenString("invalid-token");
                     OID4VCIssuerEndpoint oid4VCIssuerEndpoint = prepareIssuerEndpoint(session, authenticator);
-                    oid4VCIssuerEndpoint.getCredentialOfferURI("test-credential", OfferUriType.URI, 0, 0);
+                    Response response = oid4VCIssuerEndpoint
+                            .getCredentialOfferURI("test-credential", OfferUriType.URI, 0, 0);
+                    assertEquals(MediaType.APPLICATION_JSON_TYPE, response.getMediaType());
                 })));
     }
 
@@ -141,7 +144,8 @@ public void testGetCredentialOfferUnauthorized() throws Throwable {
                         AppAuthManager.BearerTokenAuthenticator authenticator = new AppAuthManager.BearerTokenAuthenticator(session);
                         authenticator.setTokenString(null);
                         OID4VCIssuerEndpoint issuerEndpoint = prepareIssuerEndpoint(session, authenticator);
-                        issuerEndpoint.getCredentialOffer("nonce");
+                        Response response = issuerEndpoint.getCredentialOffer("nonce");
+                        assertEquals(MediaType.APPLICATION_JSON_TYPE, response.getMediaType());
                     });
         });
     }
@@ -244,9 +248,10 @@ public void testRequestCredentialUnauthorized() throws Throwable {
                         AppAuthManager.BearerTokenAuthenticator authenticator = new AppAuthManager.BearerTokenAuthenticator(session);
                         authenticator.setTokenString(null);
                         OID4VCIssuerEndpoint issuerEndpoint = prepareIssuerEndpoint(session, authenticator);
-                        issuerEndpoint.requestCredential(new CredentialRequest()
+                        Response response = issuerEndpoint.requestCredential(new CredentialRequest()
                                 .setFormat(Format.JWT_VC)
                                 .setCredentialIdentifier("test-credential"));
+                        assertEquals(MediaType.APPLICATION_JSON_TYPE, response.getMediaType());
                     }));
         });
     }

diff --git a/...t/java/org/keycloak/testsuite/oid4vc/issuance/signing/OID4VCSdJwtIssuingEndpointTest.java b/...t/java/org/keycloak/testsuite/oid4vc/issuance/signing/OID4VCSdJwtIssuingEndpointTest.java
@@ -370,7 +370,7 @@ static class TestCredentialResponseHandler extends CredentialResponseHandler {
         protected void handleCredentialResponse(CredentialResponse credentialResponse) throws VerificationException {
             // SDJWT have a special format.
             SdJwtVP sdJwtVP = SdJwtVP.of(credentialResponse.getCredential().toString());
-            JsonWebToken jsonWebToken = TokenVerifier.create(sdJwtVP.getIssuerSignedJWT().getJwsString(), JsonWebToken.class).getToken();
+            JsonWebToken jsonWebToken = TokenVerifier.create(sdJwtVP.getIssuerSignedJWT().toJws(), JsonWebToken.class).getToken();
 
             assertNotNull("A valid credential string should have been responded", jsonWebToken);
             assertNotNull("The credentials should be included at the vct-claim.", jsonWebToken.getOtherClaims().get("vct"));