From d973e9dd9a6e7d47cdd4f23a01cbfc74ea3fd868 Mon Sep 17 00:00:00 2001
From: Nikos Triantafyllou <triantafyllou.ni@gmail.com>
Date: Thu, 25 Apr 2024 12:04:50 +0300
Subject: [PATCH] bug fix with multiple posts of same session id

---
 routes/codeFlowJwtRoutes.js   | 8 ++++++--
 routes/codeFlowSdJwtRoutes.js | 6 ++++--
 routes/routes.js              | 7 +++++--
 3 files changed, 15 insertions(+), 6 deletions(-)

diff --git a/routes/codeFlowJwtRoutes.js b/routes/codeFlowJwtRoutes.js
index 0751cd7..8a4f2e8 100644
--- a/routes/codeFlowJwtRoutes.js
+++ b/routes/codeFlowJwtRoutes.js
@@ -18,9 +18,13 @@ const publicKeyPem = fs.readFileSync("./public-key.pem", "utf-8");
 // auth code flow
 codeFlowRouter.get(["/offer-code"], async (req, res) => {
   const uuid = req.query.sessionId ? req.query.sessionId : uuidv4();
+
   const codeSessions = getAuthCodeSessions();
-  codeSessions.sessions.push(uuid);
-  codeSessions.results.push({ sessionId: uuid, status: "pending" });
+  if (codeSessions.indexOf(uuid) < 0) {
+    codeSessions.sessions.push(uuid);
+    codeSessions.results.push({ sessionId: uuid, status: "pending" });
+  }
+
   // console.log("active sessions");
   // console.log(issuanceResults);
   let credentialOffer = `openid-credential-offer://?credential_offer_uri=${serverURL}/credential-offer-code/${uuid}`;
diff --git a/routes/codeFlowSdJwtRoutes.js b/routes/codeFlowSdJwtRoutes.js
index 8f5556e..c562c9d 100644
--- a/routes/codeFlowSdJwtRoutes.js
+++ b/routes/codeFlowSdJwtRoutes.js
@@ -17,8 +17,10 @@ const serverURL = process.env.SERVER_URL || "http://localhost:3000";
 codeFlowRouterSDJWT.get(["/offer-code-sd-jwt"], async (req, res) => {
   const uuid = req.query.sessionId ? req.query.sessionId : uuidv4();
   const codeSessions = getAuthCodeSessions();
-  codeSessions.sessions.push(uuid);
-  codeSessions.results.push({ sessionId: uuid, status: "pending" });
+  if (codeSessions.indexOf(uuid) < 0) {
+    codeSessions.sessions.push(uuid);
+    codeSessions.results.push({ sessionId: uuid, status: "pending" });
+  }
   let credentialOffer = `openid-credential-offer://?credential_offer_uri=${serverURL}/credential-offer-code-sd-jwt/${uuid}`;
 
   let code = qr.image(credentialOffer, {
diff --git a/routes/routes.js b/routes/routes.js
index 7a8508a..acfd57b 100644
--- a/routes/routes.js
+++ b/routes/routes.js
@@ -43,8 +43,11 @@ console.log(privateKey);
 router.get(["/offer"], async (req, res) => {
   const uuid = req.query.sessionId ? req.query.sessionId : uuidv4();
   const preSessions = getPreCodeSessions();
-  preSessions.sessions.push(uuid);
-  preSessions.results.push({ sessionId: uuid, status: "pending" });
+  if (preSessions.indexOf(uuid) < 0) {
+    preSessions.sessions.push(uuid);
+    preSessions.results.push({ sessionId: uuid, status: "pending" });
+  }
+
   // console.log("active sessions");
   // console.log(issuanceResults);
   let credentialOffer = `openid-credential-offer://?credential_offer_uri=${serverURL}/credential-offer/${uuid}`; //OfferUUID