change idToDID to use did:web in iam API

auth/api/iam/api.go

@@ -34,6 +34,7 @@ import (
 	"github.com/nuts-foundation/nuts-node/storage"
 	"github.com/nuts-foundation/nuts-node/vcr"
 	"github.com/nuts-foundation/nuts-node/vdr"
+	"github.com/nuts-foundation/nuts-node/vdr/didweb"
 	"github.com/nuts-foundation/nuts-node/vdr/resolver"
 	"html/template"
 	"net/http"
@@ -231,7 +232,8 @@ func toAnyMap(input any) (*map[string]any, error) {
 
 // HandleAuthorizeRequest handles calls to the authorization endpoint for starting an authorization code flow.
 func (r Wrapper) HandleAuthorizeRequest(ctx context.Context, request HandleAuthorizeRequestRequestObject) (HandleAuthorizeRequestResponseObject, error) {
-	ownDID := idToDID(request.Id)
+	// TODO: must be web DID once web DID creation and DB are implemented
+	ownDID := idToNutsDID(request.Id)
 	// Create session object to be passed to handler
 
 	// Workaround: deepmap codegen doesn't support dynamic query parameters.
@@ -281,7 +283,8 @@ func (r Wrapper) HandleAuthorizeRequest(ctx context.Context, request HandleAutho
 
 // OAuthAuthorizationServerMetadata returns the Authorization Server's metadata
 func (r Wrapper) OAuthAuthorizationServerMetadata(ctx context.Context, request OAuthAuthorizationServerMetadataRequestObject) (OAuthAuthorizationServerMetadataResponseObject, error) {
-	ownDID := idToDID(request.Id)
+	// TODO: must be web DID once web DID creation and DB are implemented
+	ownDID := idToNutsDID(request.Id)
 	owned, err := r.vdr.IsOwner(ctx, ownDID)
 	if err != nil {
 		if resolver.IsFunctionalResolveError(err) {
@@ -301,7 +304,8 @@ func (r Wrapper) OAuthAuthorizationServerMetadata(ctx context.Context, request O
 
 func (r Wrapper) GetWebDID(ctx context.Context, request GetWebDIDRequestObject) (GetWebDIDResponseObject, error) {
 	baseURL := *(r.auth.PublicURL().JoinPath(apiPath))
-	ownDID := idToDID(request.Id)
+	// TODO: must be web DID once web DID creation and DB are implemented
+	ownDID := idToNutsDID(request.Id)
 
 	document, err := r.vdr.DeriveWebDIDDocument(ctx, baseURL, ownDID)
 	if err != nil {
@@ -316,7 +320,8 @@ func (r Wrapper) GetWebDID(ctx context.Context, request GetWebDIDRequestObject)
 
 // OAuthClientMetadata returns the OAuth2 Client metadata for the request.Id if it is managed by this node.
 func (r Wrapper) OAuthClientMetadata(ctx context.Context, request OAuthClientMetadataRequestObject) (OAuthClientMetadataResponseObject, error) {
-	ownDID := idToDID(request.Id)
+	// TODO: must be web DID once web DID creation and DB are implemented
+	ownDID := idToNutsDID(request.Id)
 	owned, err := r.vdr.IsOwner(ctx, ownDID)
 	if err != nil {
 		log.Logger().WithField("did", ownDID.String()).Errorf("oauth metadata: failed to assert ownership of did: %s", err.Error())
@@ -363,8 +368,13 @@ func createSession(params map[string]string, ownDID did.DID) *Session {
 	}
 	return session
 }
+func (r Wrapper) idToDID(id string) did.DID {
+	url := r.auth.PublicURL().JoinPath("iam", id)
+	did, _ := didweb.URLToDID(*url)
+	return *did
+}
 
-func idToDID(id string) did.DID {
+func idToNutsDID(id string) did.DID {
 	return did.DID{
 		// should be changed to web when migrated to web DID
 		Method:    "nuts",

auth/api/iam/api_test.go

@@ -48,6 +48,7 @@ import (
 )
 
 var nutsDID = did.MustParseDID("did:nuts:123")
+var webDID = did.MustParseDID("did:web:example.com:iam:123")
 
 func TestWrapper_OAuthAuthorizationServerMetadata(t *testing.T) {
 	t.Run("ok", func(t *testing.T) {