fix: remap invalid_redirect_uri as invalid_request in PAR

BREAKING CHANGE: PAR no longer remaps all errors as
invalid_request_object.

lib/actions/authorization/pushed_authorization_request_remap_errors.js

@@ -1,21 +1,16 @@
-const { OIDCProviderError } = require('../../helpers/errors');
+const { InvalidRedirectUri, WebMessageUriMismatch } = require('../../helpers/errors');
 
 /*
- * Remaps the Pushed Authorization Request Endpoint errors thrown in downstream middlewares when
- * coming purely from the JWT Request Object
+ * Remaps the Pushed Authorization Request Endpoint errors thrown in downstream middlewares.
  *
- * @throws: invalid_request_object
+ * @throws: invalid_request
  */
 module.exports = async function requestObjectRemapErrors(ctx, next) {
-  if (!ctx.oidc.params.request) {
-    return next();
-  }
-
   return next().catch((err) => {
-    if (err instanceof OIDCProviderError) {
+    if (err instanceof InvalidRedirectUri || err instanceof WebMessageUriMismatch) {
       Object.assign(err, {
-        message: 'invalid_request_object',
-        error: 'invalid_request_object',
+        message: 'invalid_request',
+        error: 'invalid_request',
       });
     }
 

test/pushed_authorization_requests/pushed_authorization_requests.test.js

@@ -218,7 +218,7 @@ describe('Pushed Request Object', () => {
               })
               .expect(400)
               .expect({
-                error: 'invalid_request_object',
+                error: 'invalid_request',
                 error_description: "redirect_uri did not match any of the client's registered redirect_uris",
               });
           });
@@ -420,7 +420,7 @@ describe('Pushed Request Object', () => {
               })
               .expect(400)
               .expect({
-                error: 'invalid_redirect_uri',
+                error: 'invalid_request',
                 error_description: "redirect_uri did not match any of the client's registered redirect_uris",
               });
           });