update js-sdk to 1.26.0 and verify response typ

volodymyr-basiuk · volodymyr-basiuk · commit 3f6ba955e6dd · 2025-01-14T12:54:54.000+02:00
diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -32,7 +32,7 @@
     "url": "https://github.com/iden3/js-iden3-auth"
   },
   "dependencies": {
-    "@0xpolygonid/js-sdk": "1.23.0",
+    "@0xpolygonid/js-sdk": "1.26.0",
     "@iden3/js-crypto": "1.1.0",
     "@iden3/js-iden3-core": "1.4.1",
     "@iden3/js-jsonld-merklization": "1.4.1",
diff --git a/src/auth/auth.ts b/src/auth/auth.ts
@@ -419,6 +419,11 @@ export class Verifier {
     opts?: VerifyOpts
   ): Promise<AuthorizationResponseMessage> {
     const msg = await this.packageManager.unpack(byteEncoder.encode(tokenStr));
+
+    if (request.body.accept?.length && !request.body.accept.includes(msg.unpackedMediaType)) {
+      throw new Error('response media type is not accepted by request');
+    }
+
     const response = msg.unpackedMessage as AuthorizationResponseMessage;
     await this.verifyAuthResponse(response, request, opts);
     return response;
@@ -438,17 +443,7 @@ export class Verifier {
     }
     const supportedMediaTypes: PROTOCOL_CONSTANTS.MediaType[] = [];
     for (const acceptProfile of profile) {
-      // 1. check protocol version
-      const { protocolVersion, env } = parseAcceptProfile(acceptProfile);
-      const messageTypeVersion = Number(messageType.split('/').at(-2));
-      if (
-        protocolVersion !== PROTOCOL_CONSTANTS.ProtocolVersion.V1 ||
-        (protocolVersion === PROTOCOL_CONSTANTS.ProtocolVersion.V1 &&
-          (messageTypeVersion < 1 || messageTypeVersion >= 2))
-      ) {
-        continue;
-      }
-      // 2. check packer support
+      const { env } = parseAcceptProfile(acceptProfile);
       if (this.packageManager.isProfileSupported(env, acceptProfile)) {
         supportedMediaTypes.push(env);
       }
