Credential Identifier Encoding

[craigaps]

Hi
When performing an authorization code flow whereby the credential identifier is 2:dc+sd-jwt:d680fdd7-ea0c-4f5c-9bdf-a984b64e5dc0, when the AuthorizationRequest is constructed and the scopes are added as a query string parameter. I don't beleive the SDK is url encoding the URL therefore the credential identifier is not being returned correctly in the subsequent access token JWT scope.

[dtsiflit]

Hi @craigaps, just to clarify, are you referring to the authorizationRequestUrl function? That’s the only place in the library where we initialize an AuthorizationRequest in order to add it to a query string.

If that’s the case, are you suggesting we should URL-encode the scopes during this step? For example:

scope: scopes.map { $0.value }
    .joined(separator: " ")
    .appending(" ")
    .appending(Constants.OPENID_SCOPE)
    .addingPercentEncoding(withAllowedCharacters: .urlQueryAllowed) <~ this

Thanks again for pointing this out, really appreciate the feedback!