Live Lookup flow stuck at /issue/token-key-for-user-token endpoint

Hi Apple engineering team,

I’m trying to integrate the new Live Caller ID Lookup (PIR) on iOS using your pir-service-example code as well as a custom mock server in Vapor, but the extension never advances past the /issue/token-key-for-user-token step. I’ve tried both:

1. Official Example

• Cloned https://github.com/apple/pir-service-example
• Ran PIRService locally
• Confirmed that

GET  /.well-known/private-token-issuer-directory → 200  
GET  /issue/token-key-for-user-token → 200 (DER bytes, correct SPKI)  

• No POST /issue ever fires

2. Mock Server (Vapor)

• Implemented all five endpoints (/config, /.well-known/private-token-issuer-directory, /issue/token-key-for-user-token, /issue, /queries)
• Verified with curl and openssl asn1parse that:

GET /.well-known/private-token-issuer-directory

Content-Type: application/private-token-issuer-directory
{ "issuer-request-uri":"https://…/issue", "token-keys":[…] }

GET /issue/token-key-for-user-token
Content-Type: application/octet-stream
<DER bytes>

• Added Cache-Control: public, max-age=3600 on directory and SPKI
• Stubbed POST /issue to always return { "token": "<fake-base64url>" }
• Still no POST /issue request from the extension

Reproduction Steps

• Install and enable a Live Lookup extension pointing to my server.
• Trigger an incoming call on device.
• Watch server logs—only see the two GETs, never /issue or /queries.

Expected Behavior

After fetching the SPKI DER, the framework should issue a POST /issue call (Privacy Pass flow) and then POST /queries.

Observed Behavior

Stuck in an infinite loop of:

GET /.well-known/private-token-issuer-directory  
GET /issue/token-key-for-user-token  
(repeat…)

No progression to the /issue or /queries endpoints.

What I’ve Tried

• Verified JSON kebab-case and headers exactly match examples
• Confirmed SPKI DER is valid via openssl asn1parse
• Added Cache-Control headers
• Tested on real device, localhost url, and ngrok public URL
• Mocked a valid-looking token response

Could you advise what additional requirement or format detail I’m missing that prevents from advancing past /issue/token-key-for-user-token?

These are the main files:

Thanks in advance!