From b4b01ab7fec2758b091d4abffc1d42e3ba182077 Mon Sep 17 00:00:00 2001
From: Pieter van der Meulen <pieter.vandermeulen@surf.nl>
Date: Mon, 5 Aug 2024 16:32:43 +0200
Subject: [PATCH] Allow registration and authentication without
 notificationAddress or notificationType being present

---
 dev/Command/AuthenticationCommand.php   |  4 ++--
 src/Controller/TiqrAppApiController.php |  4 ++--
 src/Features/Context/TiqrContext.php    | 12 ++++++++++++
 src/Features/tiqrAuthentication.feature |  5 +++++
 src/Features/tiqrRegistration.feature   |  5 +++++
 5 files changed, 26 insertions(+), 4 deletions(-)

diff --git a/dev/Command/AuthenticationCommand.php b/dev/Command/AuthenticationCommand.php
index c9b67bf3..aaf89a22 100644
--- a/dev/Command/AuthenticationCommand.php
+++ b/dev/Command/AuthenticationCommand.php
@@ -143,8 +143,8 @@ protected function execute(InputInterface $input, OutputInterface $output): int
             'sessionKey' => $session,
             'userId' => $userId,
             'response' => $response,
-            'notificationType' => $input->getOption('notificationType'),
-            'notificationAddress' => $input->getOption('notificationAddress'),
+            'notificationType' => $input->getOption('notificationType', ''),
+            'notificationAddress' => $input->getOption('notificationAddress', ''),
         ];
 
         $output->writeln([
diff --git a/src/Controller/TiqrAppApiController.php b/src/Controller/TiqrAppApiController.php
index 7d44613b..ebf63b1a 100644
--- a/src/Controller/TiqrAppApiController.php
+++ b/src/Controller/TiqrAppApiController.php
@@ -115,8 +115,8 @@ public function tiqr(UserAgentMatcherInterface $userAgentMatcher, Request $reque
             return new Response('Missing "operation" parameter in POST', Response::HTTP_BAD_REQUEST);
         }
 
-        $notificationType = $request->get('notificationType');
-        $notificationAddress = $request->get('notificationAddress');
+        $notificationType = $request->get('notificationType', '');
+        $notificationAddress = $request->get('notificationAddress', '');
         if ($operation === 'register') {
             $this->logger->notice(
                 'Got POST with registration response',
diff --git a/src/Features/Context/TiqrContext.php b/src/Features/Context/TiqrContext.php
index f77726c3..1b6bc283 100644
--- a/src/Features/Context/TiqrContext.php
+++ b/src/Features/Context/TiqrContext.php
@@ -173,6 +173,12 @@ public function userRegisterTheService(
             'notificationType' => $notificationType,
             'notificationAddress' => $notificationAddress,
         ];
+        if ($notificationType == 'NULL') {
+            unset($registrationBody['notificationType']);
+        }
+        if ($notificationAddress == 'NULL') {
+            unset($registrationBody['notificationAddress']);
+        }
 
         $client = $this->minkContext->getSession()->getDriver()->getClient();
         $client->request(
@@ -221,6 +227,12 @@ public function appAuthenticates(
             'notificationType' => $notificationType,
             'notificationAddress' => $notificationAddress,
         ];
+        if ($notificationType == 'NULL') {
+            unset($authenticationBody['notificationType']);
+        }
+        if ($notificationAddress == 'NULL') {
+            unset($authenticationBody['notificationAddress']);
+        }
         // Internal request does not like an absolute path.
         $authenticationUrl = str_replace('https://tiqr.dev.openconext.local', '', (string) $authenticationUrl);
 
diff --git a/src/Features/tiqrAuthentication.feature b/src/Features/tiqrAuthentication.feature
index 00895858..fc5ea457 100644
--- a/src/Features/tiqrAuthentication.feature
+++ b/src/Features/tiqrAuthentication.feature
@@ -60,3 +60,8 @@ Feature: User
     # Try it with the actual correct password
     And the app authenticates to the service
     Then we have the authentication error 'ACCOUNT_BLOCKED'
+
+  Scenario: The app authenticats whithout updating notification address
+    Given the authentication QR code is scanned
+    When the app authenticates to the service with notification type "NULL" address: "NULL"
+    Then we have a authenticated user
\ No newline at end of file
diff --git a/src/Features/tiqrRegistration.feature b/src/Features/tiqrRegistration.feature
index 6d1d7726..d220ac97 100644
--- a/src/Features/tiqrRegistration.feature
+++ b/src/Features/tiqrRegistration.feature
@@ -18,3 +18,8 @@ Feature: User
     And the mobile tiqr app identifies itself with the user agent "Bad UA"
     When the user registers the service
     Then tiqr errors with a message telling the user agent was wrong
+
+  Scenario: Registration without notification type and address is allowed
+    Given the registration QR code is scanned
+    When the user registers the service with notification type "NULL" address: "NULL"
+    Then we have a registered user