auth: forward credential_details as base body of OpenID4VCI Credential Request

[reinkrul]

Closes #4233.

Summary

• Adds optional credential_details (JSON object) to POST /internal/auth/v2/{subjectID}/request-credential.
• The node uses it as the base body of the outgoing OpenID4VCI Credential Request and overlays its own JWT proof on top — any caller-supplied proof is overwritten.
• Persisted on OAuthSession.CredentialRequestDetails between the redirect and credential-fetch steps.
• The closed CredentialRequest Go struct is replaced with a map[string]any body construction so callers can carry issuer-specific fields (e.g. AET's did/bsn/ura) without code changes per issuer.
• The node does not log credential_details; see OpenID4VCI: Add credential_details passthrough on the credential-issuance API #4233 for the trade-off discussion.

Wire body

Final body sent to the issuer's Credential Endpoint:

credential_details (EHR-provided) ⊕ { "proof": <node-built JWT> }

Test plan

• Existing TestWrapper_RequestOpenid4VCICredentialIssuance and TestWrapper_handleOpenID4VCICallback still green
• New ok - credential_details persisted into session asserts the field round-trips through the session store
• New ok - credential_details from session forwarded to credential endpoint asserts the value reaches the credential client
• New TestHTTPClient_VerifiableCredentials_RequestBody asserts the wire body shape: default = {proof}, with details = AET-style passthrough, caller-supplied proof is overwritten
• go build ./..., go vet ./auth/..., go test ./auth/... ./vcr/...

Assisted by AI

[qltysh]

3 new issues

Tool	Category	Rule	Count
qlty	Structure	Function with many returns (count = 12): RequestOpenid4VCICredentialIssuance	3

[qltysh]

Coverage Impact

⬆️ Merging this pull request will increase total coverage on master by 0.01%.

Modified Files with Diff Coverage (3)

Rating	File	% Diff	Uncovered Line #s
	auth/client/iam/openid4vp.go	100.0%
	auth/api/iam/openid4vci.go	100.0%
	auth/client/iam/client.go	100.0%
	Total	100.0%

🚦 See full report on Qlty Cloud »

🛟 Help

• Diff Coverage: Coverage for added or modified lines of code (excludes deleted files). Learn more.

• Total Coverage: Coverage for the whole repository, calculated as the sum of all File Coverage. Learn more.

• File Coverage: Covered Lines divided by Covered Lines plus Missed Lines. (Excludes non-executable lines including blank lines and comments.)

  • Indirect Changes: Changes to File Coverage for files that were not modified in this PR. Learn more.