Error while requesting credential with no request body #156
Description
Describe the bug
Providing valid access token and DPoP but not submitting a body to the credential endpoint returns a bad response.
To Reproduce
Create a valid access token inspecting the requests navigating with the UI and a DPoP, definitely trickier to craft (I disabled it to perform the test). Then execute a request without body, you can perform that with cURL for example:
curl -H 'Authorization: DPoP <access token>' http://localhost:8003/openid4vci/credential -X
Expected behavior
The server respond with a 400 Bad Request and the body
{
"error": "Request body required"
}
Screenshots
~> curl -H 'Authorization: DPoP b8a7c71a859a1dd75cc7104387acecd4' http://localhost:8003/openid4vci/credential -X 'POST' -vvv
Note: Unnecessary use of -X or --request, POST is already inferred.
* Trying 127.0.0.1:8003...
* Connected to localhost (127.0.0.1) port 8003 (#0)
> POST /openid4vci/credential HTTP/1.1
> Host: localhost:8003
> User-Agent: curl/7.88.1
> Accept: */*
> Authorization: DPoP b8a7c71a859a1dd75cc7104387acecd4
> Content-Length: 23
> Content-Type: application/x-www-form-urlencoded
>
* Empty reply from server
* Closing connection 0
curl: (52) Empty reply from server