From 49c93977d1d4d6658f70ff31cd86ed20939cc31a Mon Sep 17 00:00:00 2001
From: RubenModamioGarcia <ruben.modamio@in2.es>
Date: Wed, 30 Oct 2024 08:25:54 +0100
Subject: [PATCH] - Added functionality to redirect to the home page when
 clicking the logo in the login page. - Added a timeout that redirects to the
 home page when the QR code expires in the login page.

---
 CHANGELOG.md                                  |  5 ++
 build.gradle                                  |  2 +-
 .../vcverifier/config/CacheStoreConfig.java   |  7 +-
 .../vcverifier/config/ClientLoaderConfig.java | 15 ++--
 .../config/properties/SecurityProperties.java | 20 ++++-
 .../controller/LoginQrController.java         |  7 +-
 .../es/in2/vcverifier/model/ClientData.java   |  1 +
 .../security/AuthorizationServerConfig.java   |  2 +-
 .../CustomAuthorizationRequestConverter.java  | 25 +++++-
 src/main/resources/application-dev.yaml       |  4 +
 src/main/resources/application-local.yaml     |  4 +
 src/main/resources/application-prod.yaml      |  4 +
 src/main/resources/application-test.yaml      |  4 +
 src/main/resources/application.yaml           |  4 +
 src/main/resources/templates/login.html       | 85 +++++++++++++------
 .../controller/LoginQrControllerTest.java     | 15 +++-
 ...stomAuthorizationRequestConverterTest.java | 11 ++-
 17 files changed, 170 insertions(+), 45 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index d5d693b..0d24464 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -4,6 +4,11 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [v1.0.2]
+### Fixed
+- Added functionality to redirect to the home page when clicking the logo in the login page.
+- Added a timeout that redirects to the home page when the QR code expires in the login page.
+
 ## [v1.0.1]
 ### Fixed
 - Fixed registration button link on the login qr page.
diff --git a/build.gradle b/build.gradle
index 77eec9b..0e920d4 100644
--- a/build.gradle
+++ b/build.gradle
@@ -10,7 +10,7 @@ plugins {
 }
 
 group = 'es.in2'
-version = '1.0.1'
+version = '1.0.2'
 
 java {
 	toolchain {
diff --git a/src/main/java/es/in2/vcverifier/config/CacheStoreConfig.java b/src/main/java/es/in2/vcverifier/config/CacheStoreConfig.java
index e72a876..6a9d5a8 100644
--- a/src/main/java/es/in2/vcverifier/config/CacheStoreConfig.java
+++ b/src/main/java/es/in2/vcverifier/config/CacheStoreConfig.java
@@ -1,5 +1,6 @@
 package es.in2.vcverifier.config;
 
+import es.in2.vcverifier.config.properties.SecurityProperties;
 import es.in2.vcverifier.model.AuthorizationCodeData;
 import es.in2.vcverifier.model.AuthorizationRequestJWT;
 import lombok.RequiredArgsConstructor;
@@ -7,6 +8,7 @@
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest;
 
+import java.time.temporal.ChronoUnit;
 import java.util.HashSet;
 import java.util.Set;
 import java.util.concurrent.TimeUnit;
@@ -15,9 +17,12 @@
 @RequiredArgsConstructor
 public class CacheStoreConfig {
 
+    private final SecurityProperties securityProperties;
     @Bean
     public CacheStore<AuthorizationRequestJWT> cacheStoreForAuthorizationRequestJWT() {
-        return new CacheStore<>(10, TimeUnit.MINUTES);
+        return new CacheStore<>(
+                Long.parseLong(securityProperties.loginCode().expirationProperties().expiration()),
+                TimeUnit.of(ChronoUnit.valueOf(securityProperties.token().accessToken().cronUnit())));
     }
 
     @Bean
diff --git a/src/main/java/es/in2/vcverifier/config/ClientLoaderConfig.java b/src/main/java/es/in2/vcverifier/config/ClientLoaderConfig.java
index 5b22f6d..80c4fff 100644
--- a/src/main/java/es/in2/vcverifier/config/ClientLoaderConfig.java
+++ b/src/main/java/es/in2/vcverifier/config/ClientLoaderConfig.java
@@ -42,7 +42,15 @@ private List<RegisteredClient> loadClients() {
             List<RegisteredClient> registeredClients = new ArrayList<>();
             // Convertir cada ClientData a RegisteredClient y agregarlo a la lista
             for (ClientData clientData : clientsYamlData.clients()) {
-                RegisteredClient.Builder registeredClientBuilder = RegisteredClient.withId(UUID.randomUUID().toString()).clientId(clientData.clientId()).clientAuthenticationMethods(authMethods -> clientData.clientAuthenticationMethods().forEach(method -> authMethods.add(new ClientAuthenticationMethod(method)))).authorizationGrantTypes(grantTypes -> clientData.authorizationGrantTypes().forEach(grantType -> grantTypes.add(new AuthorizationGrantType(grantType)))).redirectUris(uris -> uris.addAll(clientData.redirectUris())).postLogoutRedirectUris(uris -> uris.addAll(clientData.postLogoutRedirectUris())).scopes(scopes -> scopes.addAll(clientData.scopes()));
+                RegisteredClient.Builder registeredClientBuilder = RegisteredClient
+                        .withId(UUID.randomUUID().toString())
+                        .clientId(clientData.clientId())
+                        .clientAuthenticationMethods(authMethods -> clientData.clientAuthenticationMethods().forEach(method -> authMethods.add(new ClientAuthenticationMethod(method))))
+                        .authorizationGrantTypes(grantTypes -> clientData.authorizationGrantTypes().forEach(grantType -> grantTypes.add(new AuthorizationGrantType(grantType))))
+                        .redirectUris(uris -> uris.addAll(clientData.redirectUris()))
+                        .postLogoutRedirectUris(uris -> uris.addAll(clientData.postLogoutRedirectUris()))
+                        .scopes(scopes -> scopes.addAll(clientData.scopes()))
+                        .clientName(clientData.domain());
 
                 if (clientData.clientSecret() != null && !clientData.clientSecret().isBlank()) {
                     registeredClientBuilder.clientSecret(clientData.clientSecret());
@@ -67,7 +75,4 @@ private List<RegisteredClient> loadClients() {
             throw new ClientLoadingException("Error loading clients from Yaml", e);
         }
     }
-
-}
-
-
+}
\ No newline at end of file
diff --git a/src/main/java/es/in2/vcverifier/config/properties/SecurityProperties.java b/src/main/java/es/in2/vcverifier/config/properties/SecurityProperties.java
index 573ea74..8adc962 100644
--- a/src/main/java/es/in2/vcverifier/config/properties/SecurityProperties.java
+++ b/src/main/java/es/in2/vcverifier/config/properties/SecurityProperties.java
@@ -7,24 +7,36 @@
 import java.util.Optional;
 
 @ConfigurationProperties(prefix = "security")
-public record SecurityProperties(String authorizationServer, @NestedConfigurationProperty TokenProperties token) {
+public record SecurityProperties(String authorizationServer, @NestedConfigurationProperty TokenProperties token,
+                                 @NestedConfigurationProperty LoginCodeProperties loginCode) {
 
     @ConstructorBinding
-    public SecurityProperties(String authorizationServer, TokenProperties token) {
+    public SecurityProperties(String authorizationServer, TokenProperties token, LoginCodeProperties loginCode) {
         this.authorizationServer = authorizationServer;
         this.token = Optional.ofNullable(token).orElse(new TokenProperties(null));
+        this.loginCode = Optional.ofNullable(loginCode).orElse(new LoginCodeProperties(null));
     }
 
     public record TokenProperties(@NestedConfigurationProperty AccessTokenProperties accessToken) {
 
         @ConstructorBinding
         public TokenProperties(AccessTokenProperties accessToken) {
-            this.accessToken = Optional.ofNullable(accessToken).orElse(new AccessTokenProperties(null, null));
+            this.accessToken = Optional.ofNullable(accessToken).orElse(new AccessTokenProperties("30", "MINUTES"));
         }
 
         public record AccessTokenProperties(String expiration, String cronUnit) {
         }
-
     }
 
+    public record LoginCodeProperties(@NestedConfigurationProperty ExpirationProperties expirationProperties) {
+
+        @ConstructorBinding
+        public LoginCodeProperties(ExpirationProperties expirationProperties) {
+            this.expirationProperties = Optional.ofNullable(expirationProperties).orElse(new ExpirationProperties("5", "MINUTES"));
+        }
+
+        public record ExpirationProperties(String expiration, String cronUnit) {
+        }
+    }
 }
+
diff --git a/src/main/java/es/in2/vcverifier/controller/LoginQrController.java b/src/main/java/es/in2/vcverifier/controller/LoginQrController.java
index 4fd51c3..f0d1ab4 100644
--- a/src/main/java/es/in2/vcverifier/controller/LoginQrController.java
+++ b/src/main/java/es/in2/vcverifier/controller/LoginQrController.java
@@ -1,5 +1,6 @@
 package es.in2.vcverifier.controller;
 
+import es.in2.vcverifier.config.properties.SecurityProperties;
 import es.in2.vcverifier.config.properties.VerifierUiLoginUrisProperties;
 import es.in2.vcverifier.exception.QRCodeGenerationException;
 import lombok.RequiredArgsConstructor;
@@ -19,10 +20,11 @@
 public class LoginQrController {
 
     private final VerifierUiLoginUrisProperties verifierUiLoginUrisProperties;
+    private final SecurityProperties securityProperties;
 
     @GetMapping("/login")
     @ResponseStatus(HttpStatus.OK)
-    public String showQrLogin(@RequestParam("authRequest") String authRequest, @RequestParam("state") String state, Model model) {
+    public String showQrLogin(@RequestParam("authRequest") String authRequest, @RequestParam("state") String state, Model model, @RequestParam("homeUri") String homeUri) {
         try {
             // Generar la imagen QR en base64
             String qrImageBase64 = generateQRCodeImageBase64(authRequest);
@@ -31,9 +33,12 @@ public String showQrLogin(@RequestParam("authRequest") String authRequest, @Requ
             model.addAttribute("authRequest", authRequest);
             // Pasar el sessionId al modelo
             model.addAttribute("state", state);
+            model.addAttribute("homeUri", homeUri);
             model.addAttribute("onboardingUri", verifierUiLoginUrisProperties.onboardingUri());
             model.addAttribute("supportUri", verifierUiLoginUrisProperties.supportUri());
             model.addAttribute("walletUri", verifierUiLoginUrisProperties.walletUri());
+            model.addAttribute("cronUnit", securityProperties.loginCode().expirationProperties().cronUnit());
+            model.addAttribute("expiration", securityProperties.loginCode().expirationProperties().expiration());
         } catch (Exception e) {
             throw new QRCodeGenerationException(e.getMessage());
         }
diff --git a/src/main/java/es/in2/vcverifier/model/ClientData.java b/src/main/java/es/in2/vcverifier/model/ClientData.java
index 1c1c291..f7b3f5d 100644
--- a/src/main/java/es/in2/vcverifier/model/ClientData.java
+++ b/src/main/java/es/in2/vcverifier/model/ClientData.java
@@ -4,6 +4,7 @@
 
 public record ClientData(
         String id,
+        String domain,
         String clientId,
         String clientSecret,
         List<String> redirectUris,
diff --git a/src/main/java/es/in2/vcverifier/security/AuthorizationServerConfig.java b/src/main/java/es/in2/vcverifier/security/AuthorizationServerConfig.java
index 4bc3dfa..61db530 100644
--- a/src/main/java/es/in2/vcverifier/security/AuthorizationServerConfig.java
+++ b/src/main/java/es/in2/vcverifier/security/AuthorizationServerConfig.java
@@ -67,7 +67,7 @@ public SecurityFilterChain authorizationServerSecurityFilterChain(HttpSecurity h
                                 // Adds an AuthenticationConverter (pre-processor) used when attempting to extract
                                 // an OAuth2 authorization request (or consent) from HttpServletRequest to an instance
                                 // of OAuth2AuthorizationCodeRequestAuthenticationToken or OAuth2AuthorizationConsentAuthenticationToken.
-                                .authorizationRequestConverter(new CustomAuthorizationRequestConverter(didService,jwtService,cryptoComponent,cacheStoreForAuthorizationRequestJWT,cacheStoreForOAuth2AuthorizationRequest,securityProperties))
+                                .authorizationRequestConverter(new CustomAuthorizationRequestConverter(didService,jwtService,cryptoComponent,cacheStoreForAuthorizationRequestJWT,cacheStoreForOAuth2AuthorizationRequest,securityProperties,registeredClientRepository))
                                 .errorResponseHandler(new CustomErrorResponseHandler())
                 )
                 .tokenEndpoint(tokenEndpoint ->
diff --git a/src/main/java/es/in2/vcverifier/security/filters/CustomAuthorizationRequestConverter.java b/src/main/java/es/in2/vcverifier/security/filters/CustomAuthorizationRequestConverter.java
index 1162832..4193d13 100644
--- a/src/main/java/es/in2/vcverifier/security/filters/CustomAuthorizationRequestConverter.java
+++ b/src/main/java/es/in2/vcverifier/security/filters/CustomAuthorizationRequestConverter.java
@@ -2,9 +2,9 @@
 
 import com.nimbusds.jose.JWSObject;
 import com.nimbusds.jwt.JWTClaimsSet;
+import es.in2.vcverifier.component.CryptoComponent;
 import es.in2.vcverifier.config.CacheStore;
 import es.in2.vcverifier.config.properties.SecurityProperties;
-import es.in2.vcverifier.component.CryptoComponent;
 import es.in2.vcverifier.exception.JWTParsingException;
 import es.in2.vcverifier.exception.RequestMismatchException;
 import es.in2.vcverifier.exception.RequestObjectRetrievalException;
@@ -19,9 +19,13 @@
 import org.json.JSONException;
 import org.json.JSONObject;
 import org.springframework.security.core.Authentication;
+import org.springframework.security.oauth2.core.OAuth2AuthenticationException;
 import org.springframework.security.oauth2.core.OAuth2Error;
+import org.springframework.security.oauth2.core.OAuth2ErrorCodes;
 import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest;
 import org.springframework.security.oauth2.server.authorization.authentication.OAuth2AuthorizationCodeRequestAuthenticationException;
+import org.springframework.security.oauth2.server.authorization.client.RegisteredClient;
+import org.springframework.security.oauth2.server.authorization.client.RegisteredClientRepository;
 import org.springframework.security.web.authentication.AuthenticationConverter;
 
 import java.io.IOException;
@@ -50,6 +54,7 @@ public class CustomAuthorizationRequestConverter implements AuthenticationConver
     private final CacheStore<AuthorizationRequestJWT> cacheStoreForAuthorizationRequestJWT;
     private final CacheStore<OAuth2AuthorizationRequest> cacheStoreForOAuth2AuthorizationRequest;
     private final SecurityProperties securityProperties;
+    private final RegisteredClientRepository registeredClientRepository;
 
     /**
      * The Authorization Request MUST be signed by the Client, and MUST use the request_uri parameter which enables
@@ -68,9 +73,17 @@ public Authentication convert(HttpServletRequest request) {
         String clientId = request.getParameter(CLIENT_ID);     // client_id parameter
         String state = request.getParameter("state");
         String scope = request.getParameter(SCOPE);
+
+        RegisteredClient registeredClient = registeredClientRepository.findByClientId(clientId);
+
+        if (registeredClient == null) {
+            throw new OAuth2AuthenticationException(OAuth2ErrorCodes.UNAUTHORIZED_CLIENT);
+        }
+
         if (clientId == null) {
             throw new IllegalArgumentException("Client ID is required.");
         }
+
         // Case 1: JWT needs to be retrieved via "request_uri"
         if (requestUri != null) {
             log.info("Retrieving JWT from request_uri: " + requestUri);
@@ -117,10 +130,15 @@ public Authentication convert(HttpServletRequest request) {
                     .authRequest(signedAuthRequest)
                     .build()
             );
+
+            // This is used to allow the user te return to the application if the user wants to cancel the login
+            String homeUri = registeredClient.getClientName();
+
             String authRequest = generateOpenId4VpUrl(nonce);
-            String redirectUrl = String.format("/login?authRequest=%s&state=%s",
+            String redirectUrl = String.format("/login?authRequest=%s&state=%s&homeUri=%s",
                     URLEncoder.encode(authRequest, StandardCharsets.UTF_8),
-                    URLEncoder.encode(state, StandardCharsets.UTF_8));
+                    URLEncoder.encode(state, StandardCharsets.UTF_8),
+                    URLEncoder.encode(homeUri, StandardCharsets.UTF_8));
             OAuth2Error error = new OAuth2Error("custom_error", "Redirection required", redirectUrl);
             throw new OAuth2AuthorizationCodeRequestAuthenticationException(error,null);
         } catch (ParseException e) {
@@ -138,6 +156,7 @@ private boolean validateOAuth2Parameters(HttpServletRequest request, JWSObject j
             String jwtResponseType = jwtClaims.optString(RESPONSE_TYPE);
             String jwtClientId = jwtClaims.optString(CLIENT_ID);
             String jwtScope = jwtClaims.optString(SCOPE);
+
             // Ensure that required OAuth 2.0 parameters match those in the JWT
             return requestResponseType.equals(jwtResponseType)
                     && requestClientId.equals(jwtClientId)
diff --git a/src/main/resources/application-dev.yaml b/src/main/resources/application-dev.yaml
index 8792b4d..7cf4a37 100644
--- a/src/main/resources/application-dev.yaml
+++ b/src/main/resources/application-dev.yaml
@@ -44,6 +44,10 @@ management:
 
 security:
   authorizationServer:
+  loginCode:
+    expirationProperties:
+      expiration:
+      cronUnit:
   token:
     accessToken:
       cronUnit:
diff --git a/src/main/resources/application-local.yaml b/src/main/resources/application-local.yaml
index 7031c6f..a251b7d 100644
--- a/src/main/resources/application-local.yaml
+++ b/src/main/resources/application-local.yaml
@@ -47,6 +47,10 @@ management:
 
 security:
   authorizationServer: "https://verifier.dome-marketplace-lcl.org"
+  loginCode:
+    expirationProperties:
+      expiration: "5"
+      cronUnit: "MINUTES"
   token:
     accessToken:
       expiration: "1"
diff --git a/src/main/resources/application-prod.yaml b/src/main/resources/application-prod.yaml
index 8792b4d..7cf4a37 100644
--- a/src/main/resources/application-prod.yaml
+++ b/src/main/resources/application-prod.yaml
@@ -44,6 +44,10 @@ management:
 
 security:
   authorizationServer:
+  loginCode:
+    expirationProperties:
+      expiration:
+      cronUnit:
   token:
     accessToken:
       cronUnit:
diff --git a/src/main/resources/application-test.yaml b/src/main/resources/application-test.yaml
index 8792b4d..7cf4a37 100644
--- a/src/main/resources/application-test.yaml
+++ b/src/main/resources/application-test.yaml
@@ -44,6 +44,10 @@ management:
 
 security:
   authorizationServer:
+  loginCode:
+    expirationProperties:
+      expiration:
+      cronUnit:
   token:
     accessToken:
       cronUnit:
diff --git a/src/main/resources/application.yaml b/src/main/resources/application.yaml
index 34442a5..bcc6300 100644
--- a/src/main/resources/application.yaml
+++ b/src/main/resources/application.yaml
@@ -47,6 +47,10 @@ management:
 
 security:
   authorizationServer: "https://verifier.dome-marketplace-lcl.org"
+  loginCode:
+    expirationProperties:
+      expiration: "5"
+      cronUnit: "MINUTES"
   token:
     accessToken:
       expiration: "5"
diff --git a/src/main/resources/templates/login.html b/src/main/resources/templates/login.html
index 0102897..207b328 100644
--- a/src/main/resources/templates/login.html
+++ b/src/main/resources/templates/login.html
@@ -6,11 +6,11 @@
     <meta name="viewport" content="width=device-width, initial-scale=1" />
     <meta name="theme-color" content="#919597">
 
-    <!-- Cargar fuentes y estilos externos -->
+    <!-- Load external fonts and styles -->
     <link href="https://fonts.googleapis.com/css2?family=Barlow:wght@700&display=swap" rel="stylesheet">
     <link href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css" rel="stylesheet">
 
-    <!-- Estilos CSS integrados en el HTML -->
+    <!-- Integrated CSS styles -->
     <style>
         :root {
             --fore-color-primary: white !important;
@@ -42,14 +42,20 @@
         .qr-image {
             background-color: white;
             padding: 8px;
-            box-sizing:border-box;
+            box-sizing: border-box;
+        }
+
+        .header {
+            display: flex;
+            align-items: center;
+            padding: 20px;
+            justify-content: space-between;
         }
 
         .header img {
             max-width: 300px;
             height: auto;
-            margin-left: 20px;
-            margin-top: 20px;
+            margin-right: 20px;
         }
 
         h1, h2, h3, h4, h5, h6 {
@@ -122,7 +128,7 @@
             gap: 10px;
             margin-top: 20px;
             width: auto;
-            font-weight: 20 !important;
+            font-weight: bold;
         }
 
         .qr-container button {
@@ -140,7 +146,7 @@
             gap: 10px;
             margin-top: 20px;
             width: auto;
-            font-weight: 20 !important;
+            font-weight: bold;
         }
 
         .registration-card button:hover, .qr-container button:hover {
@@ -226,7 +232,7 @@
                 margin-right: 0;
             }
             .qr-container{
-                margin-inline: 0px;
+                margin-inline: 2px;
                 padding-inline:20px;
             }
         }
@@ -252,8 +258,7 @@
 </head>
 <body>
 <div class="header">
-    <!-- TODO: Instead of using the css and javascript into the same file replace for references pointing to his respective files -->
-    <img src="https://i.postimg.cc/BbjrWQG2/DOME-Logo-White.png" alt="DOME White Logo">
+    <img src="https://i.postimg.cc/BbjrWQG2/DOME-Logo-White.png" alt="DOME White Logo" th:attr="onclick='window.location.href = \'' + ${homeUri} + '\''" style="cursor: pointer;">
 </div>
 <div class="container">
     <div class="left-column">
@@ -303,65 +308,95 @@ <h4>3. Select the credential.</h4>
     </div>
 </div>
 
-<!-- Pasar la variable authRequest al JavaScript -->
+<!-- Pass Java variables to JavaScript -->
 <script th:inline="javascript">
     /*<![CDATA[*/
+    let homeUri = /*[[${homeUri}]]*/ "";
     let authRequest = /*[[${authRequest}]]*/ "";
-    let state = /*[[${state}]]*/ "";  // Si 'state' es un identificador único, está bien usarlo
+    let state = /*[[${state}]]*/ "";  // If 'state' is a unique identifier, it is fine to use it
+    let timeUnit = /*[[${cronUnit}]]*/ "MINUTES";
+    let timeValue = parseInt(/*[[${expiration}]]*/ "5");
     /*]]>*/
 </script>
 <script src="https://cdn.jsdelivr.net/sockjs/latest/sockjs.min.js"></script>
 <script src="https://cdn.jsdelivr.net/npm/stompjs@2.3.3/lib/stomp.min.js"></script>
 
-<!-- JavaScript integrado en el HTML -->
+<!-- Integrated JavaScript -->
 <script>
-    // Función para cambiar al flujo de "mismo dispositivo"
+    // Function to switch to "same device" login flow
     function switchToSameDeviceLogin() {
+        console.log('Switching to same device login flow'); // Log for debugging
         document.getElementById('qr-title').style.display = 'none';
         document.getElementById('qr-code').style.display = 'none';
         document.getElementById('same-device-title').style.display = 'block';
         document.getElementById('dome-wallet-button').style.display = 'flex';
-        document.getElementById('grey-section-text').innerHTML = 'Cambiar a <a href="#" onclick="switchToQRLogin()">inicio de sesión con QR</a>';
     }
 
-    // Función para cambiar al flujo de QR
+    // Function to switch to QR login flow
     function switchToQRLogin() {
+        console.log('Switching to QR login flow'); // Log for debugging
         document.getElementById('qr-title').style.display = 'block';
         document.getElementById('qr-code').style.display = 'block';
         document.getElementById('same-device-title').style.display = 'none';
         document.getElementById('dome-wallet-button').style.display = 'none';
-        document.getElementById('grey-section-text').innerHTML = '¿No puedes escanear el código QR? Puedes iniciar sesión desde el <a href="#" onclick="switchToSameDeviceLogin()">mismo dispositivo</a>';
     }
 
-    // Función para configurar el enlace del botón con el authRequest
+    // Function to configure the wallet button with the authRequest URL
     function configureAuthRequest() {
+        console.log('Configuring auth request'); // Log for debugging
         const walletButton = document.getElementById('dome-wallet-button');
         if (authRequest) {
             let walletUri = authRequest.replace("openid4vp://", "https://wallet.dome-marketplace.org");
-            walletButton.onclick = () => window.location.href = walletUri;
+            walletButton.onclick = () => {
+                console.log('Redirecting to wallet URI: ', walletUri); // Log for debugging
+                window.location.href = walletUri;
+            };
         }
     }
 
-    // Función para conectarse al WebSocket y manejar la redirección
+    // Function to connect to the WebSocket and handle redirection
     function connectWebSocketForRedirect() {
+        console.log('Connecting to WebSocket for redirect'); // Log for debugging
         const socket = new SockJS('/qr-socket');
         const stompClient = Stomp.over(socket);
 
         stompClient.connect({}, function () {
-            // Suscribirse al canal específico basado en el state (si este es único para cada sesión)
+            console.log('Connected to WebSocket'); // Log for debugging
+            // Subscribe to the specific channel based on the state (if this is unique for each session)
             stompClient.subscribe('/oidc/redirection/' + state, function (message) {
-                // Redirigir al usuario a la URL recibida
+                console.log('Received redirect message: ', message.body); // Log for debugging
+                // Redirect the user to the received URL
                 window.location.href = message.body;
             });
         });
     }
 
-    // Evento que se activa cuando el DOM ha cargado
+    // Automatically redirect to the home page after a specified time
+    function setAutoRedirect() {
+        console.log('Setting auto redirect'); // Log for debugging
+        let timeInMs;
+        if (timeUnit === 'MINUTES') {
+            timeInMs = timeValue * 60 * 1000;
+        } else if (timeUnit === 'SECONDS') {
+            timeInMs = timeValue * 1000;
+        } else {
+            console.error('Invalid time unit'); // Log error in English
+            return;
+        }
+        console.log(`Redirecting to home in ${timeInMs} milliseconds`); // Log for debugging
+        setTimeout(() => {
+            console.log('Redirecting to home URL:', homeUri); // Log for debugging
+            window.location.href = homeUri;
+        }, timeInMs);
+    }
+
+    // Event that triggers when the DOM is loaded
     document.addEventListener('DOMContentLoaded', () => {
+        console.log('DOM fully loaded and parsed'); // Log for debugging
         configureAuthRequest();
-        connectWebSocketForRedirect();  // Conectar al WebSocket cuando el DOM esté listo
+        connectWebSocketForRedirect();  // Connect to the WebSocket when the DOM is ready
+        setAutoRedirect();  // Set up automatic redirection
     });
 </script>
 </body>
 </html>
-
diff --git a/src/test/java/es/in2/vcverifier/oid4vp/controller/LoginQrControllerTest.java b/src/test/java/es/in2/vcverifier/oid4vp/controller/LoginQrControllerTest.java
index 7182809..a9c9346 100644
--- a/src/test/java/es/in2/vcverifier/oid4vp/controller/LoginQrControllerTest.java
+++ b/src/test/java/es/in2/vcverifier/oid4vp/controller/LoginQrControllerTest.java
@@ -1,5 +1,6 @@
 package es.in2.vcverifier.oid4vp.controller;
 
+import es.in2.vcverifier.config.properties.SecurityProperties;
 import es.in2.vcverifier.config.properties.VerifierUiLoginUrisProperties;
 import es.in2.vcverifier.controller.LoginQrController;
 import es.in2.vcverifier.exception.QRCodeGenerationException;
@@ -18,6 +19,7 @@
 
 import static org.junit.jupiter.api.Assertions.assertEquals;
 import static org.junit.jupiter.api.Assertions.assertThrows;
+import static org.mockito.Mockito.mock;
 import static org.mockito.Mockito.when;
 
 @ExtendWith(MockitoExtension.class)
@@ -29,6 +31,8 @@ class LoginQrControllerTest {
     @Mock
     private Model model;
 
+    @Mock
+    private SecurityProperties securityProperties;
     @Mock
     private VerifierUiLoginUrisProperties verifierUiLoginUrisProperties;
 
@@ -41,19 +45,26 @@ void showQrLogin_validAuthRequest_shouldReturnLoginView() {
         when(verifierUiLoginUrisProperties.onboardingUri()).thenReturn("onboardingUri");
         when(verifierUiLoginUrisProperties.supportUri()).thenReturn("supportUri");
         when(verifierUiLoginUrisProperties.walletUri()).thenReturn("walletUri");
+        when(securityProperties.loginCode()).thenReturn(mock(SecurityProperties.LoginCodeProperties.class));
+        when(securityProperties.loginCode().expirationProperties()).thenReturn(mock(SecurityProperties.LoginCodeProperties.ExpirationProperties.class));
+        when(securityProperties.loginCode().expirationProperties().expiration()).thenReturn("10");
+        when(securityProperties.loginCode().expirationProperties().cronUnit()).thenReturn("MINUTES");
 
         try (MockedStatic<QRCode> qrCodeMock = Mockito.mockStatic(QRCode.class)) {
             qrCodeMock.when(() -> QRCode.from(authRequest)).thenReturn(Mockito.mock(QRCode.class));
             qrCodeMock.when(() -> QRCode.from(authRequest).withSize(250, 250)).thenReturn(Mockito.mock(QRCode.class));
             qrCodeMock.when(() -> QRCode.from(authRequest).withSize(250, 250).stream()).thenReturn(new ByteArrayOutputStream());
 
-            String viewName = loginQrController.showQrLogin(authRequest, state, model);
+            String viewName = loginQrController.showQrLogin(authRequest, state, model, "homeUri");
 
             assertEquals("login", viewName);
 
             Mockito.verify(model).addAttribute("qrImage", "data:image/png;base64," + Base64.getEncoder().encodeToString(new ByteArrayOutputStream().toByteArray()));
             Mockito.verify(model).addAttribute("authRequest", authRequest);
             Mockito.verify(model).addAttribute("state", state);
+            Mockito.verify(model).addAttribute("homeUri", "homeUri");
+            Mockito.verify(model).addAttribute("expiration", "10");
+            Mockito.verify(model).addAttribute("cronUnit", "MINUTES");
         }
     }
 
@@ -66,7 +77,7 @@ void showQrLogin_exceptionDuringQRCodeGeneration_shouldThrowQRCodeGenerationExce
             qrCodeMock.when(() -> QRCode.from(authRequest)).thenThrow(new RuntimeException("QR Code Generation Failed"));
 
             QRCodeGenerationException exception = assertThrows(QRCodeGenerationException.class, () ->
-                    loginQrController.showQrLogin(authRequest, state, model)
+                    loginQrController.showQrLogin(authRequest, state, model, "homeUri")
             );
 
             assertEquals("QR Code Generation Failed", exception.getMessage());
diff --git a/src/test/java/es/in2/vcverifier/security/filters/CustomAuthorizationRequestConverterTest.java b/src/test/java/es/in2/vcverifier/security/filters/CustomAuthorizationRequestConverterTest.java
index d0b7188..5628c89 100644
--- a/src/test/java/es/in2/vcverifier/security/filters/CustomAuthorizationRequestConverterTest.java
+++ b/src/test/java/es/in2/vcverifier/security/filters/CustomAuthorizationRequestConverterTest.java
@@ -11,7 +11,10 @@
 import org.mockito.InjectMocks;
 import org.mockito.Mock;
 import org.mockito.junit.jupiter.MockitoExtension;
+import org.springframework.security.oauth2.core.OAuth2AuthenticationException;
 import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest;
+import org.springframework.security.oauth2.server.authorization.client.RegisteredClient;
+import org.springframework.security.oauth2.server.authorization.client.RegisteredClientRepository;
 
 import java.net.http.HttpClient;
 import java.net.http.HttpResponse;
@@ -40,6 +43,8 @@ class CustomAuthorizationRequestConverterTest {
     private HttpResponse<String> httpResponse;
     @Mock
     private HttpClient httpClient;
+    @Mock
+    private RegisteredClientRepository registeredClientRepository;
 
     @Mock
     private HttpServletRequest httpServletRequest;
@@ -58,12 +63,14 @@ void convert_With_null_requestUri__ShouldThrowUnsupportedScopeException() {
         when(httpServletRequest.getParameter("scope")).thenReturn(unsupportedScope);
         when(httpServletRequest.getParameter("state")).thenReturn(state);
 
+        when(registeredClientRepository.findByClientId(clientId)).thenReturn(mock(RegisteredClient.class));
+
         assertThrows(IllegalArgumentException.class, () -> customAuthorizationRequestConverter.convert(httpServletRequest));
     }
 
     @Test
-    void convert_WithoutClientId_ShouldThrowIllegalArgumentException() {
-        assertThrows(IllegalArgumentException.class, () -> customAuthorizationRequestConverter.convert(httpServletRequest));
+    void convert_WithoutClientIdRegistered_ShouldThrowOAuth2AuthenticationException() {
+        assertThrows(OAuth2AuthenticationException.class, () -> customAuthorizationRequestConverter.convert(httpServletRequest));
     }
 
 }