From 0d6775dfa85b9c5039f801c46fe683d74819153d Mon Sep 17 00:00:00 2001 From: Justin Richer Date: Thu, 21 May 2015 13:07:26 -0400 Subject: [PATCH] made auth request url builder handle multiple keys --- .../service/impl/SignedAuthRequestUrlBuilder.java | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/SignedAuthRequestUrlBuilder.java b/openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/SignedAuthRequestUrlBuilder.java index ee2155162..b54d0b1ef 100644 --- a/openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/SignedAuthRequestUrlBuilder.java +++ b/openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/SignedAuthRequestUrlBuilder.java @@ -31,6 +31,7 @@ import org.mitre.openid.connect.config.ServerConfiguration; import org.springframework.security.authentication.AuthenticationServiceException; import com.google.common.base.Joiner; +import com.nimbusds.jose.JWSAlgorithm; import com.nimbusds.jose.JWSHeader; import com.nimbusds.jwt.JWTClaimsSet; import com.nimbusds.jwt.SignedJWT; @@ -73,11 +74,14 @@ public class SignedAuthRequestUrlBuilder implements AuthRequestUrlBuilder { claims.setClaim(option.getKey(), option.getValue()); } + JWSAlgorithm alg = clientConfig.getRequestObjectSigningAlg(); + if (alg == null) { + alg = signingAndValidationService.getDefaultSigningAlgorithm(); + } + SignedJWT jwt = new SignedJWT(new JWSHeader(alg), claims); - SignedJWT jwt = new SignedJWT(new JWSHeader(signingAndValidationService.getDefaultSigningAlgorithm()), claims); - - signingAndValidationService.signJwt(jwt); + signingAndValidationService.signJwt(jwt, alg); try { URIBuilder uriBuilder = new URIBuilder(serverConfig.getAuthorizationEndpointUri());