[ssi] fix transaction code exposure in credential offer

malach-it · Dec 18, 2024 · 8b263d4 · 8b263d4
1 parent 3e1e173
commit 8b263d4
Showing 1 changed file with 3 additions and 5 deletions.
diff --git a/apps/boruta_identity/lib/boruta_identity_web/views/template_view.ex b/apps/boruta_identity/lib/boruta_identity_web/views/template_view.ex
@@ -147,13 +147,11 @@ defmodule BorutaIdentityWeb.TemplateView do
 
   defp text_from_credential_offer(credential_offer) do
     # TODO Jason.Encode implementation for CredentialOfferResponse
-    "openid-credential-offer://?credential_offer=#{
-      credential_offer
+    "openid-credential-offer://?credential_offer=#{credential_offer
       |> Map.from_struct()
-      |> Map.delete(:credentials)
+      |> Map.take([:credential_configuration_ids, :credential_issuer, :grants])
       |> Jason.encode!()
-      |> URI.encode_www_form()
-    }"
+      |> URI.encode_www_form()}"
   end
 
   defp paths(conn, assigns) do