All files / src/app/api/auth/eudi/status route.ts

100% Statements 17/17
87.5% Branches 7/8
100% Functions 1/1
100% Lines 17/17

Press n or j to go to the next uncovered block, b, p or k for the previous block.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42          1x                   6x 6x 6x 6x 1x         5x 1x   4x 4x 3x 1x   2x 2x 2x     1x 1x      
import { NextResponse } from "next/server";
import { getPresentationResult } from "@/lib/eudi-verifier";
import { getTransaction, updateTransaction } from "@/lib/eudi-store";
import { mapPidToPatient } from "@/lib/eudi-patient-map";
 
export const dynamic = "force-dynamic";
 
/**
 * Poll the status of an in-flight EUDI Wallet login by `sid`.
 *
 * Returns only a coarse status — never the PID claims. On completion it pins
 * the resolved (demo) patient to the `sid`; the NextAuth "eudi-wallet"
 * Credentials provider then mints the session from that pinned result.
 */
export async function GET(req: Request): Promise<NextResponse> {
  const { searchParams } = new URL(req.url);
  const sid = searchParams.get("sid") ?? "";
  const tx = getTransaction(sid);
  if (!tx) {
    return NextResponse.json(
      { status: "error", error: "unknown or expired session" },
      { status: 404 },
    );
  }
  if (tx.status === "completed") {
    return NextResponse.json({ status: "completed" });
  }
  try {
    const result = await getPresentationResult(tx.transactionId);
    if (result.status === "pending") {
      return NextResponse.json({ status: "pending" });
    }
    const patient = mapPidToPatient(result.pid);
    updateTransaction(sid, { status: "completed", verifiedPatient: patient });
    return NextResponse.json({ status: "completed" });
  } catch (err) {
    // Transient verifier hiccup — keep the client polling rather than failing.
    console.error("GET /api/auth/eudi/status error:", err);
    return NextResponse.json({ status: "pending" });
  }
}