Merge branch 'master' into mitzXnuts

* master:
  complete s2s e2e test (#2677)
  Cleanup unused file (#2692)
  Discovery: implement server API (#2659)
  VCR: Use JWT/JSON-LD constants from go-did (#2691)
  Bump github/codeql-action from 2 to 3 (#2687)
  split signature verification from verifier (#2683)

.github/workflows/codeql-analysis.yml

@@ -47,7 +47,7 @@ jobs:
 
     # Initializes the CodeQL tools for scanning.
     - name: Initialize CodeQL
-      uses: github/codeql-action/init@v2
+      uses: github/codeql-action/init@v3
       with:
         languages: ${{ matrix.language }}
         # If you wish to specify custom queries, you can do so here or in a config file.
@@ -58,7 +58,7 @@ jobs:
     # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
     # If this step fails, then you should remove it and run the build manually (see below)
     - name: Autobuild
-      uses: github/codeql-action/autobuild@v2
+      uses: github/codeql-action/autobuild@v3
 
     # ℹ️ Command-line programs to run using the OS shell.
     # 📚 https://git.io/JvXDl
@@ -72,4 +72,4 @@ jobs:
     #   make release
 
     - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v2
+      uses: github/codeql-action/analyze@v3

auth/api/iam/api.go

@@ -170,18 +170,21 @@ func (r Wrapper) IntrospectAccessToken(_ context.Context, request IntrospectAcce
 	// Validate token
 	if request.Body.Token == "" {
 		// Return 200 + 'Active = false' when token is invalid or malformed
+		log.Logger().Debug("IntrospectAccessToken: missing token")
 		return IntrospectAccessToken200JSONResponse{}, nil
 	}
 
 	token := AccessToken{}
 	if err := r.accessTokenStore().Get(request.Body.Token, &token); err != nil {
 		// Return 200 + 'Active = false' when token is invalid or malformed
+		log.Logger().Debug("IntrospectAccessToken: failed to get token from store")
 		return IntrospectAccessToken200JSONResponse{}, err
 	}
 
 	if token.Expiration.Before(time.Now()) {
 		// Return 200 + 'Active = false' when token is invalid or malformed
 		// can happen between token expiration and pruning of database
+		log.Logger().Debug("IntrospectAccessToken: token is expired")
 		return IntrospectAccessToken200JSONResponse{}, nil
 	}
 
@@ -215,12 +218,14 @@ func (r Wrapper) IntrospectAccessToken(_ context.Context, request IntrospectAcce
 	var err error
 	response.PresentationDefinition, err = toAnyMap(token.PresentationDefinition)
 	if err != nil {
+		log.Logger().WithError(err).Error("IntrospectAccessToken: failed to marshal presentation definition")
 		return IntrospectAccessToken200JSONResponse{}, err
 	}
 
 	// set presentation submission if in token
 	response.PresentationSubmission, err = toAnyMap(token.PresentationSubmission)
 	if err != nil {
+		log.Logger().WithError(err).Error("IntrospectAccessToken: failed to marshal presentation submission")
 		return IntrospectAccessToken200JSONResponse{}, err
 	}
 	return response, nil

cmd/root.go

@@ -44,6 +44,7 @@ import (
 	didmanAPI "github.com/nuts-foundation/nuts-node/didman/api/v1"
 	didmanCmd "github.com/nuts-foundation/nuts-node/didman/cmd"
 	"github.com/nuts-foundation/nuts-node/discovery"
+	discoveryAPI "github.com/nuts-foundation/nuts-node/discovery/api/v1"
 	discoveryCmd "github.com/nuts-foundation/nuts-node/discovery/cmd"
 	"github.com/nuts-foundation/nuts-node/events"
 	eventsCmd "github.com/nuts-foundation/nuts-node/events/cmd"
@@ -221,6 +222,7 @@ func CreateSystem(shutdownCallback context.CancelFunc) *core.System {
 	system.RegisterRoutes(authIAMAPI.New(authInstance, credentialInstance, vdrInstance, storageInstance))
 	system.RegisterRoutes(&authMeansAPI.Wrapper{Auth: authInstance})
 	system.RegisterRoutes(&didmanAPI.Wrapper{Didman: didmanInstance})
+	system.RegisterRoutes(&discoveryAPI.Wrapper{Server: discoveryInstance})
 
 	// Register engines
 	// without dependencies

codegen/configs/discovery_v1.yaml

@@ -0,0 +1,10 @@
+package: v1
+generate:
+  echo-server: true
+  client: true
+  models: true
+  strict-server: true
+output-options:
+  skip-prune: true
+  exclude-schemas:
+    - VerifiablePresentation