From 6c3552ebfa5b5484734053b36ad727f5f68f5a1d Mon Sep 17 00:00:00 2001
From: Justin Richer <jricher@mitre.org>
Date: Fri, 23 Mar 2012 10:37:58 -0400
Subject: [PATCH 1/2] changed mitre account names

---
 .../main/webapp/WEB-INF/spring/application-context.xml   | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/openid-connect-server/src/main/webapp/WEB-INF/spring/application-context.xml b/openid-connect-server/src/main/webapp/WEB-INF/spring/application-context.xml
index 26e46b63d..a96c7e3a6 100644
--- a/openid-connect-server/src/main/webapp/WEB-INF/spring/application-context.xml
+++ b/openid-connect-server/src/main/webapp/WEB-INF/spring/application-context.xml
@@ -68,8 +68,13 @@
 	<security:authentication-manager alias="springSecurityAuthenticationManager">
 		<security:authentication-provider>
 			<security:user-service id="userDetailsService">
-		    	<security:user name="jimi" password="jimispassword" authorities="ROLE_USER, ROLE_ADMIN" />
-		    	<security:user name="bob" password="bobspassword" authorities="ROLE_USER" />
+				<security:user name="jricher" password="password" authorities="ROLE_USER, ROLE_ADMIN" />
+				<security:user name="mfranklin" password="password" authorities="ROLE_USER, ROLE_ADMIN" />
+				<security:user name="dcuomo" password="password" authorities="ROLE_USER, ROLE_ADMIN" />
+				<security:user name="mjett" password="password" authorities="ROLE_USER, ROLE_ADMIN" />
+				<security:user name="aanganes" password="password" authorities="ROLE_USER, ROLE_ADMIN" />
+				<security:user name="mjwalsh" password="password" authorities="ROLE_USER, ROLE_ADMIN" />
+				<security:user name="srmoore" password="password" authorities="ROLE_USER, ROLE_ADMIN" />
 		  	</security:user-service>
 		</security:authentication-provider>
 	</security:authentication-manager>

From 4a15e51e12f17422c59cafeabdcf96c5383fc4e5 Mon Sep 17 00:00:00 2001
From: Justin Richer <jricher@mitre.org>
Date: Fri, 23 Mar 2012 10:52:04 -0400
Subject: [PATCH 2/2] pass through nonce

---
 .../mitre/openid/connect/token/ConnectAuthCodeTokenGranter.java | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/openid-connect-server/src/main/java/org/mitre/openid/connect/token/ConnectAuthCodeTokenGranter.java b/openid-connect-server/src/main/java/org/mitre/openid/connect/token/ConnectAuthCodeTokenGranter.java
index a93f46544..1c283510f 100644
--- a/openid-connect-server/src/main/java/org/mitre/openid/connect/token/ConnectAuthCodeTokenGranter.java
+++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/token/ConnectAuthCodeTokenGranter.java
@@ -170,6 +170,8 @@ public class ConnectAuthCodeTokenGranter implements TokenGranter {
 			idToken.getClaims().setIssuer(configBean.getIssuer());
 			// TODO: expiration? other fields?
 			
+			idToken.getClaims().setClaim("nonce", unconfirmedAuthorizationRequest.getParameters().get("nonce"));
+			
 			//Sign
 			
 			//TODO: check client to see if they have a preferred alg, attempt to use that